Sunday, May 28, 2017

This Week in Rails: ActiveSupport::CurrentAttributes, AEAD and more!

Posted by vipulnsward

Hi there!

This is Vipul bringing you all the latest news about Rails from the hopefully ending summer here in Pune🔥

This Week’s Rails contributors!

We had 36 people who helped make Rails better this week.
Six of them contributed for the first time ever!
If you would like to help out, check the issues list.

New

ActiveSupport::CurrentAttributes provides a thread-isolated attributes singleton

If you’ve used current_user from Devise, you’ve already come across what CurrentAttributes partly provides, but wait there’s more!

Using CurrentAttributes you can start using per request variables that are accessible across the whole system like Models, Controllers, Views, during a Rails request cycle.

For example you can start using attributes like current_user, account, etc, and much more that your system might need without passing them all around to different methods.

AEAD encrypted cookies and sessions

Encrypted cookies now use AES-GCM which couples authentication and encryption in one faster step and produces shorter ciphertexts.

Older cookies encrypted using AES in CBC HMAC mode will be seamlessly upgraded when this new mode is enabled via the action_dispatch.use_authenticated_cookie_encryption configuration value.

Fixed

Make secrets:edit run secrets:setup if it hasn’t already.

On a new app, if you did rails secrets:edit before you’ve called rails secrets:setup, Rails would throw an error.

With this addition, Rails takes care of doing that for you if not already done.

Fix regression in Numericality validator

This change fixes a regression in Numericality validator where extra decimal places on a user input for a decimal column were ignored by numerically validations, for example when comparing 9.18 vs 9.179. 

Improved

Active Record initialization optimizations

Rails had a performance regression from 4.2x to 5.0 where initialization of records slowed down by factor of 2x in some cases.

This change optimizes initializations to improve by a factor of 2x for STI models and 1.3x for non-STI models

That’s it for this week, as always, we couldn’t cover all of the changes, but feel free to check the commits if you are interested.
Until next week!