Hello everyone! 🌨
This is Vipul, bringing you the latest from Rails.
P.S: Here’s something for all those at RubyKaigi 🍣. Enjoy!
This week 26 fabulous people contributed to Rails, including 6 first-time contributors! Check out the list of issues if you’d like to help out as well.
GZip file generation was taken out last year from sprockets. This change re-introduces compressed file generation and parallel file writing, which is useful for web servers that don’t support gzipping static assets. This is pretty useful if you are on a service like Heroku.
New shortcuts were added to after_commit .. on: :action.
For example, after_commit :add_to_index_later, on: :create can now be written as after_create_commit :add_to_index_later.
Previously error pages are always being delivered in html pages in development mode, which is not handy when you would like to view json responses. This change adds support for viewing errors in json format. It also makes sure that when requesting resources like post/1.json, when error occurs, it returns json response based on json format in url, unlike previously used html format.
protect_from_forgery prepend default to falseprotect_from_forgery will now be inserted into the callback chain at the point it is called in the application. This is useful for cases where you want to protect_from_forgery after you perform required authentication callbacks or other callbacks that are required to run after forgery protection.
If needed, you can use protect_from_forgery prepend: true to always run protect_from_forgery before others.
request_forgery_protection initializer is removed from Rails APIUsually in Rails API, you would not use protect_from_forgery, by default. The initializer to add this option- request_forgery_protection is now removed if you are creating an API.
Previously if we tried to do
ActiveSupport::Notifications.instrument('foo') do
ActiveSupport::Notifications.subscribe('foo') {}
end
it would create an error, because for the subscribe inside block, the dynamic subscription does not yet exist. This change make sure that subscriptions inside instrumentation get notified as well.
Previously, if assert_response was checking for any non-redirect response like :success and actual response was a :redirect then, the error message displayed was like - Expected response to be a <success>. This change, now shows the redirected path in error response as - Expected response to be a <success>, but was a redirect to <http://test.host/posts/lol>
That’s all for This week in Rails. As always, there are many more changes than we have room to cover here, but feel free to check them out yourself.
Until next time!