Rails 4.2.9.rc1 has been released!

Hi everyone,

I am happy to announce that Rails 4.2.9.rc1 has been released.

This is going to be the last bug fix release of the 4.2 series, so please test this release candidate.

If no regressions are found, expect the final release on Monday, June 19, 2017. If you find one, please open an issue on GitHub and mention me (@rafaelfranca) on it, so that we can fix it before the final release.

CHANGES since 4.2.8

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.


If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 4.2.9.rc1:

$ shasum -a 256 *-4.2.9.rc1.gem
f989619bd008bb131ac51c9523a67cf07b04fd02ccbb6a4c862a7e91399abf29  actionmailer-4.2.9.rc1.gem
ce36a4c32d738bdf0f225c427ed7e31c2e681004fa827f7bbe0c4bd05fb6b264  actionpack-4.2.9.rc1.gem
e815d4d9ee866145cf9ae78716fed8453a12eace055f4fbd80ae7f4b74e08d27  actionview-4.2.9.rc1.gem
b03d68ecc055160bc903055649bb47b57de09b68749bd6e40e2e4378cd9a3ce7  activejob-4.2.9.rc1.gem
734e28fff15f3319be32b6e3cba40519e7c730c88ba49f0b334eb1d63f32c872  activemodel-4.2.9.rc1.gem
a2f25b8132cca325bf855d7e45c809a122282d8e65f3d6580e40da624c71996a  activerecord-4.2.9.rc1.gem
7b3b69479110a64f50ac53681f076b5ec21a073b1120c9d7ab201eec0af09d12  activesupport-4.2.9.rc1.gem
c7de4f0e62498acf407928a5f147a9e297a63e900882f627489e91b033026b69  rails-4.2.9.rc1.gem
425e43203b35fa28dd9708848c4aaa11706c53fcd75819228a92e6893653f8da  railties-4.2.9.rc1.gem

As always, huge thanks to the many contributors who helped with this release.

This Week in Rails: default option for mattr_accessor, write_multi and more!

Hello everyone! Prathamesh here bringing you the latest news from the Rails world. Let’s get started 🚅

🎉 This Week’s Rails contributors! 🎉

We had 21 awesome people who helped make Rails better this week. Two of them contributed for the first time ever! Would you like to help as well? Head over to the 👉 issues list.


💪 mattr_accessor gets the default option 💪

Followup to adding the default option to the class_attribute macro, it is now added to mattr_accessor family of methods as well.

It can be used as follows:

mattr_accessor :always_write_cookie, default: false

💪 Write multiple cache entries at once with write_multi 💪

A new method write_multi has been added to the cache stores which writes multiple cache entries at once.

For eg.

Rails.cache.write_multi foo: ‘bar’, baz: ‘qux’ The default implementation just calls write_entry one by one for each entry but specific cache stores can override this behavior as per their ability of doing bulk writes.


⚡️ Generate field ids in collection_check_boxes and collection_radio_buttons ⚡️

This change fixes an issue with collection checkboxes and radio boxes where clicking on the labels was not selecting the options because the input elements did not have proper id attribute with respect to their labels.

✨ Fix partial cache logging getting attributed to wrong partials ✨

This commit fixes an issue with the cache hit/miss log markers being applied to wrong partials.

That’s it for this week, as always, we couldn’t cover all of the changes, but feel free to check all the commits from this week.

Until next week! 👋👋

This Week in Rails: class_attribute default, mini_racer and more!

Hello everyone! This is Roque bringing you the latest news from the Rails world.

This Week’s Rails contributors!

We had 32 people who helped make Rails better this week. Three of them contributed for the first time ever! If you would like to help out, check the issues list.

Allow a default value to be declared for class_attribute

Rails will now make it easier to set default values to class attributes like class_attribute :timeout, default: 5

Replace therubyracer with mini_racer

New apps generated with JavaScript and Sprockets support will use mini_racer for the Ruby platform. A faster and more reliable interpreter.


Add previous and next day of week API to Active Support

The methods prev_occurring and next_occurring expect a day of the week and return the appropriate value based on the DateTime, e.g. DateTime.now.prev_occurring(:monday).


Fix number_to_human round calculation

This fix a regression introduced in Rails 5, where a case like number_to_human(1_000_000, units: { unit: 'meter', thousand: 'kilometer' }) would return "1" instead of "1000 kilometer".

Fix pluralization of uncountable expressions when given a locale

Previously, methods like pluralize and singularize would only use the English uncountable rules rather then the ones for the locale that was passed.

Rename primary key index from rename_table

Formerly, rename_table would only rename primary key index if the column’s data type was sequential. Tables with primary keys with types like UUID would still keep the old name.


Allow additional options for poltergeist or capybara-webkit in System Tests

If using poltergeist or capybara-webkit, driven_by will register it as the driver and set additional options passed via :options param.

Please refer to drivers documentation to learn what options can be passed.

That’s it for this week, as always, we couldn’t cover all of the changes, but feel free to check the commits if you are interested. Until next week!

This Week in Rails: ActiveSupport::CurrentAttributes, AEAD and more!

Hi there!

This is Vipul bringing you all the latest news about Rails from the hopefully ending summer here in Pune🔥

This Week’s Rails contributors!

We had 36 people who helped make Rails better this week.
Six of them contributed for the first time ever!
If you would like to help out, check the issues list.


ActiveSupport::CurrentAttributes provides a thread-isolated attributes singleton

If you’ve used current_user from Devise, you’ve already come across what CurrentAttributes partly provides, but wait there’s more!

Using CurrentAttributes you can start using per request variables that are accessible across the whole system like Models, Controllers, Views, during a Rails request cycle.

For example you can start using attributes like current_user, account, etc, and much more that your system might need without passing them all around to different methods.

AEAD encrypted cookies and sessions

Encrypted cookies now use AES-GCM which couples authentication and encryption in one faster step and produces shorter ciphertexts.

Older cookies encrypted using AES in CBC HMAC mode will be seamlessly upgraded when this new mode is enabled via the action_dispatch.use_authenticated_cookie_encryption configuration value.


Make secrets:edit run secrets:setup if it hasn’t already.

On a new app, if you did rails secrets:edit before you’ve called rails secrets:setup, Rails would throw an error.

With this addition, Rails takes care of doing that for you if not already done.

Fix regression in Numericality validator

This change fixes a regression in Numericality validator where extra decimal places on a user input for a decimal column were ignored by numerically validations, for example when comparing 9.18 vs 9.179. 


Active Record initialization optimizations

Rails had a performance regression from 4.2x to 5.0 where initialization of records slowed down by factor of 2x in some cases.

This change optimizes initializations to improve by a factor of 2x for STI models and 1.3x for non-STI models

That’s it for this week, as always, we couldn’t cover all of the changes, but feel free to check the commits if you are interested.
Until next week!

This Week in Rails: Recycled cache keys and more!

Hi there! This is Greg with the latest news about Rails!

This Week’s Rails contributors!

22 person worked on making Rails better this week. Big thanks to them!
If you want to be a part of that, check the issues list!


Recyclable cache keys

With this change Rails, will be able to recycle the cache keys and if you have big volume cache write, your cache space will be better utilised.


Allow irb options to be passed from rails console command

Pre Rails 5, the rails console accepted irb options, but a change in Rails 5 break that feature. Now it is fixed, so you can pass the options like this:  rails c – –simple-prompt.


Respect SchemaDumper.ignore_tables in databases structure dump

This change makes Active Record respect the ignored tables if you configured any.

Don’t cache locally if unless_exist was passed

If your cache backend supports the unless_exist option, you can configure Rails to delete the local cache and read the correct value from the backend.

That’s it for this week, as always, we couldn’t cover all of the changes, but feel free to check the commits if you are interested.
Until next week!

Rails 5.0.3 and 5.1.1 have been released!

Oh hi! This is an announcement to let you all know that versions 5.0.3 and 5.1.1 of Ruby on Rails have been released! These are just regular bugfix releases, so no need to rush to upgrade. I mean, please do upgrade since upgrading is good and you don’t want to get behind, but I mean no need to spend your weekend on these.

I’ve put the gem checksums below and links to the changelogs (check the P.S. at the end of this post if you are going to read the changelog) in each gem.

Have a happy Friday, and a good weekend!


Tenderlove <3<3<3

Rails 5.0.3

You can find all commits here.

Each changelog is linked below:

Gem checksums:

[aaron@TC release]$ md5sum *5.0.3*
8483a3a00f088b4547cf14dab42f8a5a  actioncable-5.0.3.gem
37f6c2c5ce8f55e748f0f0aac36d0eec  actionmailer-5.0.3.gem
67682c3d3521ca9cc6cf8fcb5e56de36  actionpack-5.0.3.gem
e05b98378b4b9d9546937666d74d9a47  actionview-5.0.3.gem
fd4f09f31026b93ced652c1eb7f229a4  activejob-5.0.3.gem
e6a82b789fb3a6dd9ba5386752ebc41d  activemodel-5.0.3.gem
c284eccf8bc0a883b84180ef6ae3b8f3  activerecord-5.0.3.gem
831f53dad2ce7bada156eb60eb2de1b8  activesupport-5.0.3.gem
f96cecf57f4e2c6897890d59fb5b432b  rails-5.0.3.gem
d48d6b66a34965a4f21d29e7454b6cc9  railties-5.0.3.gem
[aaron@TC release]$

Rails 5.1.1

You can find all commits here.

Each changelog is linked below:

Gem checksums:

[aaron@TC release]$ md5sum *5.1.1*
0670ea1078b0eb5a071cb00dba362e51  actioncable-5.1.1.gem
b0c225597533d862ec85a70b9abda4bc  actionmailer-5.1.1.gem
1e4c682e911ad6df7b33e2077ef63662  actionpack-5.1.1.gem
61c4ca576e49885e5270b8265eb3c55a  actionview-5.1.1.gem
9bc455e2b86a6c2b3b6e47ef8032a7b3  activejob-5.1.1.gem
e5852e43acd79a23e40aec7d3acfd2b3  activemodel-5.1.1.gem
29b6459c5d8f91d418f48a8341ba033d  activerecord-5.1.1.gem
cba3e9e7fc431ff2c7241777b63f6a85  activesupport-5.1.1.gem
6b201afebf14372a3ff021030e9a5138  rails-5.1.1.gem
242a56fe64ce6563996386233bc86d5c  railties-5.1.1.gem
[aaron@TC release]$


This is really embarassing, and I’m really sorry, but I forgot to update the version numbers in the changelogs before doing the release. So if you click a link to a changelog, and the top of it says the previous version (5.0.2 or 5.1.0) it means there are no changes to that gem, and that I am not so good at my job of releasing gems. Again, I’m really sorry about this!

Google Summer of Code 2017 Students

We are super excited to announce our accepted Google Summer of Code students for 2017. Welcome Marko and Assain! They will hack on Rails for the summer.

Marko Bogdanović

Marko will be implementing and improving long running benchmarks for Ruby and Rails. He will be mentored by Jon, Robin and Noah.

Assain Jaleel

Assain is going to refresh the cookie system in Rails. He’ll be mentored by Kasper with help from Michael Coyne.

Thank You

We’d like to shout-out to everyone who participated in this year’s selection process – both students and mentors. Let’s have a great summer, all!

Rails 5.1: Loving JavaScript, System Tests, Encrypted Secrets, and more

In celebration of the 12th RailsConf in Phoenix, Arizona this week, we’re proud to announce that Rails 5.1 is ready in its final form! We’ve spent over 4,100 commits since Rails 5.0 making everything EASIER, SIMPLER, and, uhhh, FUNNER? (That’s a RailsConf joke).

The highlight reel hasn’t really changed since the first beta, but here’s a repeat:

Loving JavaScript

We’ve had a stormy, perhaps even contentious, relationship with JavaScript over the years. But that time is past. JavaScript has improved immensely over the past few years, particularly with the advent of ES6, and with package and compilation tools like Yarn and webpack. Rails is embracing both of these solutions with open arms and letting whatever past water flow under the bridge.

JavaScript and Ruby share a deep philosophical bond over language design, if not ecosystem management. Let’s focus on the aspects we have in common and help Rails programmers extract the best from JavaScript with the help of some key guiding conventions.

The improvements in Rails 5.1 focus on three major parts:

  1. Manage JavaScript dependencies from NPM via Yarn. Think of Yarn like Bundler for JavaScript (it even has Yehuda Katz involved!). This makes it easy to depend on libraries like React or anything else from NPM. Everything you depend on via Yarn is then made available to be required in the asset pipeline, just like vendored dependencies would have been. Just use the binstub bin/yarn to add dependencies.

  2. Optionally compile JavaScript with webpack. While there are a million different module bundlers/compilers for JavaScript, webpack is quickly emerging as the preeminent choice. We’ve made it easy to use webpack with Rails through the new Webpacker gem that you can configure automatically on new projects with --webpack (or even --webpack=react, --webpack=angular, or --webpack=vue for a tailored configuration). This is fully compatible with the asset pipeline, which you can continue to use for images, fonts, sounds, whatever. You can even have some JavaScript on the asset pipeline and some done via webpack. It’s all managed via Yarn that’s on by default.

  3. Drop jQuery as a default dependency. We used to require jQuery in order to provide features like data-remote, data-confirm, and the other parts of Rails UJS. This dependency is no longer necessary as we’ve rewritten rails-ujs to use vanilla JavaScript. You’re of course still free to use jQuery, but you no longer have to.

Thanks to Liceth Ovalles for her work on Yarn integration, Dangyi Liu for his work on rails-ujs, and Guillermo Iguaran for chaperoning the whole thing!

System tests

In my 2014 keynote at RailsConf, I spoke at length about how an over focus on unit tests (and TDD) has lead us astray. While unit tests are part of a complete testing solution, they’re not the most important one. Integration tests that verify behavior all the way from controllers through models and views should play a much bigger part. Rails already has a great answer for these baked in.

But integration tests do not help you test the entire system, if that system relies on JavaScript. And most major web systems today rely at least to some extent on JavaScript. That’s where system tests driven by a real browser come in.

There’s long been an answer for system tests like this in Ruby called Capybara. It’s just been kind of a journey to configure properly for Rails. So now we’ve baked them straight into the framework! You get a lovely wrapping of Capybara that’s preconfigured for Chrome and enhanced to provide failure screenshots as part of Action Dispatch. You also don’t have to worry about extra database cleanup strategies anymore because the baked in transactional tests now rollback system test changes.

These tests are not without trade-offs. It’s of course still slower to run through a whole browser setup than just test a model with a stubbed out database. But it also tests so much more. You’d do well to familiarize yourself with system tests and have them as part of your testing answer.

Thanks to Eileen M. Uchitelle for her work extracting this from Basecamp!

Encrypted secrets

If you’re checking production passwords, API keys, and other secrets undisguised into your revision control system, you’re doing it wrong. That’s not safe and you should stop it! Now that’s an easy prescription, but without a coherent answer to what you should do instead, it’s also not that helpful.

People have long been loading up the ENV to store these secrets or used a variety of other solutions. There are all sorts of trade-offs and drawbacks to the ENV-model, not least of which that you still need to store those secrets for real somewhere else.

Inspired by Ara T. Howard’s sekrets gem, we’ve built encrypted secrets management into Rails 5.1. You can setup a new encrypted secrets file with bin/rails secrets:setup. That’ll generate a master key you’ll store outside of the repository, but allow you to commit the actual production secrets to your revision control. They’re then decrypted in production either through an injected key file or through RAILS_MASTER_KEY in the ENV.

Thank you to Kasper Timm Hansen for the work on this and Ara for the inspiration!

Parameterized mailers

Action Mailer is modeled on Action Controller. It shares underpinnings through Abstract Controller, but it’s long been disadvantaged from its controller cousin in the way it can share logic between actions.

In Action Controller, it’s common to use before_action and similar callbacks to extract logic that applies to multiple actions. This is doable because the params hash is available before the action is invoked. But in Action Mailer, we’ve been using regular method signatures with explicit arguments, so those arguments haven’t been available to filters that run before the actions.

With Parameterized Mailers, we now give you the option of calling mailers with parameters that, like in controllers, are available before the action is invoked. This combines with the default to/from/reply_to headers to dramatically DRY-up some mailer actions.

It’s completely backwards compatible and you can convert just the mailers that stand to gain the most from extraction first.

Direct & resolved routes

We have a lovely, simple API for declaring new resource routes. But if you’d like to add new programmatic routes that has logic determining the final destination based on the parameters, well, you’d have to row your own boat with helpers and other messy approaches.

With directed routes, you can now declare programmatic routes that have the full power of Ruby to do different things depending on the parameters passed.

With resolved routes, you can reprogram the polymorphic look-up for models based straight to compatible methods. So this allow you to turn link_to @comment into a final route like message_path(@comment.parent, anchor: "comment_#{@comment.id}").

Thank you to Andrew White for making all this work!

Unify form_tag/form_for with form_with

We’ve long had two parallel structures for creating forms. Those that were based off records through form_for, where we used convention over configuration to extract the details, and manually configured ones using form_tag. Now we’ve unified these two hierarchies with form_with. A single root tree that you can configure through an inferred record or manually. It’s much nicer and simpler.

Thanks to Kasper Timm Hansen for this one too!

Everything else

In addition to the highlight reel, we have hundreds of other fixes and improvements across all the frameworks. Please peruse the CHANGELOGs to acquaint yourself with all the goodies:

We have a great summary of the high-level changes in the release notes.

Your release manager for Rails 5.1 was Rafael França.

As per our maintenance policy, the release of Rails 5.1 means that bug fixes will only apply to 5.1.x, regular security issues to 5.1.x and 5.0.x, and severe security issues to 5.1.x, 5.0.x, and 4.2.x. This means 4.x and below will essentially be unsupported!

Thank you to everyone in the community for their diligent job testing the beta and release candidates of Rails 5.1! We made more than 600 commits following bug reports and concerns raised through this process. Thank you! Gracias! Merci! TAK!

Rails 5.1.0.rc2: Loving JavaScript, System Tests, Encrypted Secrets, and more

We’re happy to announce Rails 5.1.0.rc2 has been released. We are now really close to the final release. We still have a few open issues in the milestone but we are still expecting to be able to do the final release during the Railsconf 2017.

While we are working to close the last issues, you can check the Rails 5.1 releases notes, or the awesome summary of new features present in the 5.1.0.beta1 blog post.

To view the changes for each gem, please read the changelogs on GitHub:

As per our maintenance policy, the release of Rails 5.1 will mean that bug fixes will only apply to 5.1.x, regular security issues to 5.1.x and 5.0.x, and severe security issues to 5.1.x, 5.0.x, and 4.2.x. This means 4.x and below will essentially be unsupported!

To try out this new release:

gem install rails -v 5.1.0.rc2

Make sure you are using RubyGems 2.6.11 or later before trying to install a pre release, with:

gem update --system 2.6.11

Please help us test this release candidate version of Rails. It’s always frustrating when we put a lot of work into a new release, betas, release candidates, and then get people report all sorts of issues on week one of the final release. This is an incremental upgrade to Rails 5.0. Please do your community duty and help us land a solid 5.1 without needing an immediate 5.1.1.

Thank you!

This Week in Rails: hooks, fixtures, fetch_values, database connections and more!

Hi there! This is Andy with another edition of This Week in Rails. This week we’re covering two weeks worth of changes, so let’s dive right in.


Hooks for action_controller_base and action_controller_api

This change breaks out two Action Controller hooks, where there was one before. action_controller_base and action_controller_api. These can be used to load less code at boot time.

Fixture accessor with no arguments

Do you need to load all the fixtures of a particular type? Calling a fixture accessor method with no arguments returns all fixtures.

Implement fetch_values for HashWithIndifferentAccess

Add fetch_values for HashWithIndifferentAccess in Rails, added to Ruby in 2.3.0. Support was added conditionally by using method_defined?.


Clear active connections after initialization

If your app uses a lot of database connections, this one is worth a look. The author said that after deploying this change, they reduced their peak open database connection count by 13%.

Fix mistake in JS response parser

This change restores the ability to accept ecmascript for parsing. The author also declares that the JS response should not modify the DOM. Take a look!


Doc improvement for before_destroy

Did you know that before_destroy hooks should be set *before* dependent: destroy for it to work correctly? This documents that.

Don’t freeze input strings

Check this out if you’re curious about changes around frozen strings and usages of Immutable String (Matz said “All String literals are immutable (frozen) on Ruby 3”).

Whew! That covers just some of the changes in the first couple of weeks of April. Many other great pull requests are available to browse, from 27 contributors including 5 first-timers. Nice work!

Until next week!