Rails 6.0.2.2 and 5.2.4.2 have been released!

Update

I accidentally posted the wrong shas for the 5.2.4.2 release in the original version of this post. I’ve updated the post to reflect the correct information.

Hi everyone,

HAPPY THURSDAY EVERYONE!!!!

I am pleased to announce that Rails 6.0.2.2 and 5.2.4.2 have been released. This release contains a security fix for CVE-2020-5267. You can find out more about the issue here.

For ease of upgrade, these releases only contain one patch which addresses the security issue.

If you would like to see the full list of changes, you can check out all of the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 6.0.2.2:

b2170b2b670e9f3d8a355a7ad78dabe996b7290c3e1a0390cc8782fabd1a93cd  actioncable-6.0.2.2.gem
c5f6d4bb2b083de45c547089addb351c01bb6c29c8789f447bca19f34f05223e  actionmailbox-6.0.2.2.gem
baf2a7d294b0f5cff209f754e877eeebb9263115c3f91bf91255733beb9df84f  actionmailer-6.0.2.2.gem
58c0f04386b014e5d4a8a1c1a48a9a67f3fb38243a3be74d7201dc18d68de25c  actionpack-6.0.2.2.gem
872fb41b79794eaa9d1007e4b2e73cfa031ab2a47e5ee8cdae362518d917fed9  actiontext-6.0.2.2.gem
5e43aae3f0f6961d5dd85002147cccf2dbadfe88f41725d874a1b42e76bd7117  actionview-6.0.2.2.gem
7ed215efd26e335d8ce56dbf141b735548e33bf6cf9e953f22558e370d4b3fe3  activejob-6.0.2.2.gem
35559978a7641c85d47709c7c3b75fcc456b1ec882631ffeba82e8a4e12f99cd  activemodel-6.0.2.2.gem
4c6aae2cfa9d19ac9901c3b2514fb1c3ccd82b61839f2b52d6711edc00013c80  activerecord-6.0.2.2.gem
818c65056c5e58df009bdd89fef099e3b4abcd99f4836360713b646dfb60715e  activestorage-6.0.2.2.gem
8b73152669af7b8e3840e16052d6d951620e07c63bfc650bae88e5b86643a9d5  activesupport-6.0.2.2.gem
4b789dc6d942e133032485169aa30553482b528ffea5dd52a3bab853fca0c822  rails-6.0.2.2.gem
5b9d0d0a814ce9f5061aabd24d31e7bcc6864f6fa16565c1b3d9dc646c6b9ab1  railties-6.0.2.2.gem

Here are the checksums for 5.2.4.2:

$ shasum -a 256 *-5.2.4.2.gem
bbb8c0cd649eabec75a86f7750e264f0e20335cfadb1c6901427d9401af28b60  actioncable-5.2.4.2.gem
bf2c0b60db93a6e7a86483f791ce631564ec0182270851ae83bd72e4bdb2e24d  actionmailer-5.2.4.2.gem
5df1b1a9e70f959a9b00087bef01893dc4c2fc15a8d040a827daf6844d4c34f0  actionpack-5.2.4.2.gem
97227c123908b84fface498ed50d755c12408037440380ee4b8b9a208cafe33a  actionview-5.2.4.2.gem
71df9fd6b723b1bb97e71329179ac1e2b5f8173ec6de5dd33937639e135a5be3  activejob-5.2.4.2.gem
b109119b3de473ebb24c4a85fcf9462ee052b83d647cd00c922ed609c06e8e49  activemodel-5.2.4.2.gem
e5d6db49d48018bf54133f6155a635e4de69f73dbbef6cb8cc79223604cc58f9  activerecord-5.2.4.2.gem
49a3b1c7cfe3fddb409df595b372d1077cf67536c4a3ba635e642676c2fda1b4  activestorage-5.2.4.2.gem
8c3ae3df5b08b49b6b5d9c5028da1a1e582f1243b7362dbb9736f65ede492378  activesupport-5.2.4.2.gem
44ab2836290ef259ed12fc6a24c1e62e317a534b79c37c0d1a8ec7ef893513f5  rails-5.2.4.2.gem
26b44b3d6c650d64ea2496c3328b9092efef5101ed953a660a93e2d643b359dc  railties-5.2.4.2.gem

Thanks to Jesse Campos for reporting this issue!

Have a good day!

This week in Rails - horizontal sharding, gzip schema cache, database rake tasks

Greetings, all! Daniel here, together with my pup (🐶 woof!) bringing you the latest news in Rails.

Add support for horizontal sharding

The good folks at GitHub have done an incredible amount of work to support multiple databases in Rails. This week brings horizontal sharding. Rails applications can now connect to and (manually) switch between multiple shards.

Support gzip for the schema cache

Katrina continues to work on the schema cache, this time by adding gzip support for both the YAML and the Marshal serialization strategies. This can come in handy when trying to deploy particularly large schemas in constrained environments.

Add additional multi-database rake tasks

It is now possible to run rails db:schema:dump, rails db:schema:load, rails db:structure:dump, rails db:structure:load and rails db:test:prepare on a specific database. This was previously only possible for rails db:create, rails db:drop, and rails db:migrate. Excellent work on your first few commits to Rails, Kyle!

Eliminate a hash allocation when rendering templates

I included this one for the commit message more than for the code change itself. The benchmark taught me a bit about Action Controller, Action View, and how to write a good benchmark.

That’s all for now. 18 people contributed since last time, including some first-time contributors. Check out the full list of changes.

Strict loading in Active Record and more

Hi, Wojtek from this side with latest changes in Ruby on Rails codebase.

Add strict_loading mode to Active Record

To prevent lazy loading of associations, strict_loading will cascade down from the parent record to all the associations to help you catch any places where you may want to preload instead of lazy loading.

Serialize schema cache dump with Marshal

In addition to YAML it is now possible to use Marshal as schema cache dump serializer.

Improve assert_changes output

Provides more specific diffs when comparing complex objects. Co-authored by few contributors.

36 people contributed to Rails since last time. Check out the detailed list of all changes. Until next time!

This week in Rails - PostgreSQL 11 partitioned indexes support and more!

Hello, this is Greg, bringing you the latest news about Ruby on Rails!

20 contributors to Rails in past week

There have been 20 contributors to Rails past week! 

Default HSTS max-age directive to 2 years

The new recommendation for the HSTS max-age directive is 2 years, and that’s what Rails defaults to from now on.

Add support for partitioned indexes in PostgreSQL 11+

This pull request adds support to retrieve partitioned indexes when asking for indexes in a table. 

Add a fallback database config when loading schema cache

The schema cache defaults to loading the ‘primary’ database config, however, if an app doesn’t have a db config with a spec name of ‘primary’ the filename lookup will  blow up. This pull request adds a fallback for this case.

That’s it for this week, till next time! 

This week in Rails - Rack 2.1 released, disallowed deprecations, and more!

Hello, this is Andrew, bringing you the latest news from the Ruby on Rails world!

18 contributors to Rails in past week

There have been 18 contributors to Rails in the second full week of 2020! 

Rack 2.1.0 and 2.1.1 released

These releases add support for the SameSite=None cookie value, new HTTP status codes, bug fixes, and several other exciting changes and additions. Updates to Rails following the release have also begun.

Check out the Rack changelog to learn more.

Introduce Active Support Disallowed Deprecations

This addition allows the configuration of rules to match deprecation warnings that should not be allowed and ActiveSupport::Deprecation#disallowed_behavior, which specifies the behavior to be used when a disallowed deprecation warning is matched.

Stop individual Action Cable streams

Channels with multiple subscriptions can now stop following individual streams. Before this change, the only option was to stop all streams.

Remove an empty line from generated migration

This fix prevents an extra newline from getting added in generated migrations.

That’s it for this week, till next time! 

This week in Rails - Deprecations, bugfixes and improvements!

Hello, this is Greg, bringing you the latest news from the Ruby on Rails world!

38 contributors to Rails in past week

There have been 38 contributors to Rails in the first week of the year! 

Deprecate “primary” as a connection_specification_name for ActiveRecord::Base

This PR deprecates the use of the name “primary” as the connection_specification_name for ActiveRecord::Base in favor of using “ActiveRecord::Base” to avoid confusion as earlier the classname was used in any other case.

Deprecate using Range#include? to check the inclusion of a value in a date time range

The usage of the Range#include? method to check the inclusion of an argument in date-time with zone range is deprecated in Ruby and since Rails extends it, the deprecation needs to be carried forward. As a replacement, it is recommended to use Range#cover?

Restore previous behavior of parallel test databases

Before this bugfix, if an app called establish_connection with no arguments or doesn’t call connects_to in ApplicationRecord and uses parallel testing databases, the application could’ve picked up the wrong configuration.

Reduce number of created objects in Hash#as_json

The improvement is highly coupled to the size of the hash but can be quite a bit for medium sized nested hashes.

That’s it for this week, till next time! 

This week in Rails - The 2019 edition

Hello, this is Prathamesh bringing you first issue of This week in Rails of the new year and new decade.
In this issue, we will go over the major changes that happened last year to the Rails codebase.

Happy new year!

494 contributors to Rails in 2019

There have been 494 contributors to Rails in 2019. Wow, that’s a staggering number! Thank you all for making Rails better.

Rails 6.0 released

Rails 6 includes headline features such as parallel testing, multi database support, new Zeitwerk autoloader along with new frameworks added to the Rails family.

Two new frameworks added to Rails

Action Mailbox and Action Text made their way to the Rails codebase during the Rails 6 release. Action Mailbox will help you accept the incoming emails and Action Text brings rich text content and editing to Rails.

Other releases

Apart from Rails 6, 2019 also saw release of Rails 5.2.4 series and 5.1.7.

The party is still rocking in 2020. 18 people contributed to Rails in new year so far! Check out the detailed list of all changes.

Happy new year again!

Ruby 2.7.0, Rails 6.0.2.1 and more

Hello, this is Wojtek reporting on last month additions to Rails codebase.

Ruby 2.7.0 released

The last minor version of Ruby 2.7 before 3.0 release in the next year. Rails codebase is constantly updated to support Ruby 2.7 without any warnings.

Rails 6.0.2 released

Followed by security fix releases 5.2.4.1 and 6.0.2.1

Track Active Storage variants in the database

Optimization and bug fix by avoiding existence checks in the storage service.

Conditional values in Tag Builder

Handy addition to clean up common use case with constructing class names when creating content tags.

Add class_names view helper

As a follow-up to conditional values in Tag Builder, to ease even more constructing class names on views.

Deep merge of shared configuration in config_for method

From now on config_for will deeply merge shared configuration section with environment specific one.

76 people contributed to Rails since last time. Check out the detailed list of all changes.
Happy new year!

Rails 5.2.4.1 has been released!

Hi everyone,

I am happy to announce that Rails 5.2.4.1 has been released. This is a complementary release to rack in order to address CVE-2019-16782.

CHANGES since 5.2.4

To view the changes for each gem, please read the changelogs on GitHub:

To see a summary of changes, please read the release on GitHub:

5.2.4.1 CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 5.2.4.1:

$ shasum -a 256 *-5.2.4.1.gem
95531ad4731ff341e0df4bff722bc28cf534ca9ed9e00d8a4949474225abe5fb  actioncable-5.2.4.1.gem
aad99ddae83c22162ba580fc0efe10611bb407832605c21e3ff540ef071e7cb5  actionmailer-5.2.4.1.gem
5f9cfff904e6d8ed5bd9439a76639e22393308a295c13d663a4622e085a9b738  actionpack-5.2.4.1.gem
327e504aea3cfd7484c9ec059b7e58faad96be65379a2da959ee336444f7d342  actionview-5.2.4.1.gem
2141876d50219726ea17b9d8aa8604e6a8fc555fb6230d7987a422e6981b924c  activejob-5.2.4.1.gem
a1df0522b937364f1ff7f748457644de1863dfba4b4bf01386fd8270bef7e169  activemodel-5.2.4.1.gem
2fdbe670205b040f0de64198bdbb4093857a32a409e37ba9ade08c20af6965dc  activerecord-5.2.4.1.gem
ee841d3c038cc45f393bc384be8afc8f4629587411f3eb6b396821b4429aa835  activestorage-5.2.4.1.gem
57874366b06882ad0c0a0557640851aef13afec19bd4d6c2ee286c9d4eb7b452  activesupport-5.2.4.1.gem
402c80f8533052bb9f62e9c61aad9a559b96c04961ddda93151852b8f8572885  rails-5.2.4.1.gem
0b6b0ec65aedae1f3627b05091d63a55bfabd214f483389a9096332dbdc71ac7  railties-5.2.4.1.gem

As always, huge thanks to the many contributors who helped with this release.

Rails 6.0.2.1 has been released!

Hi everyone,

I am happy to announce that Rails 6.0.2.1 has been released. This is a complementary release to rack in order to address CVE-2019-16782.

CHANGES since 6.0.2

To view the changes for each gem, please read the changelogs on GitHub:

To see a summary of changes, please read the release on GitHub:

6.0.2.1 CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 6.0.2.1:

$ shasum -a 256 *-6.0.2.1.gem
3eedea1285b08d40762a14a122dc5a9c1d6226526f8380dc4ac0d0f4ef086dbe  actioncable-6.0.2.1.gem
6132861d7706cefed207817d6a097e3e991e5656bdefd5b2c927e88465b957f7  actionmailbox-6.0.2.1.gem
13e6eb571bc3764859982d5b3f19f43c88969e99cf5fa4b42696d962b85d2d84  actionmailer-6.0.2.1.gem
df65fc4db1eb21dad71a0c73b9acf21373644580787e2eecd68fb6244af95ebd  actionpack-6.0.2.1.gem
7857e4f1242ca2064d0b24154fb1d2d05537e24ec78b31ccd51eab7549459c09  actiontext-6.0.2.1.gem
ccc69763b6d02069a2c5fef62a08d247620e0f9213ce3eaaa79118384141230c  actionview-6.0.2.1.gem
11dc8701c7d5b80572786e928e264f42cb1ab75b07957955f41d4d367074b0cd  activejob-6.0.2.1.gem
6d138b1e3e5f009b5fa9a0587f65f25ff58ef42e6a95a3f720fc53caa2aaf84b  activemodel-6.0.2.1.gem
083928e6fda8b886f24c198d37a6e9e0a077c1bf178ae76668a973175b6b578b  activerecord-6.0.2.1.gem
e88e5ae590df2fcf7fe3cf4bdd1822dc95841dd1c10fcb5fe26cb66799ce235a  activestorage-6.0.2.1.gem
817e19e0ce4bc8c6afc63ed064ea84d0e3c8a2ee3d8fb1bb86ab39670c7ca6b5  activesupport-6.0.2.1.gem
32a07bc27a22c80752847936aa52497c5d97de9c577b1120a2e897dda77f93b0  rails-6.0.2.1.gem
8f6b9622975fc0f4807770b0633c9998c54ff59a98045a78f6fab110d87bcd66  railties-6.0.2.1.gem

As always, huge thanks to the many contributors who helped with this release.