Oh, hello there!

This is Tim here bringing you your latest installment of This Week in Rails. We had another corker this week chock full of great updates - read on for the full details!

Featured

This Week’s Rails Contributors

This week saw 99 commits from 27 fantabulous people contributed to Rails, including an amazing 5 first-timers! If you’d like to see your name up there next week, why not take a gander at the issues board, or you may even consider the next item for inspiration….

Documentation Galore

This week saw a whopping 11 documentation PRs successfully merged. Improvements to the documentation are not only gratefully received, but are a great way to start getting involved.

Improved

Make public asset use explicit

When calling asset_path with an invalid file name, this method would simply pass the string that you gave it back to you. This revision adds a configurable flag called unknown_asset_fallback which when set to false will raise an error if the asset is not found. Setting it to true will preserve the current behavior, but will indicate that it is being deprecated.

Don’t unnecessarily load a belongs_to when saving

This change prevents an already-loaded model from being reloaded if its id gets assigned to another model in a belongs_to association and then saved.

Fixed

Fix performance regression in TimeWithZone#to_time

Up until Rails 4.0.0.beta1, TimeWithZone#to_time could return a cached instance attribute. Since that release it has been coercing the value to a Time on each call. This revision reverts the old behavior, which, according to the author’s benchmarks, is over 5 times faster.

Allow send_file to declare a charset

Previously, calling send_file with type: "text/calendar; charset=utf-8" , would result in the charset’s being deleted - a bug that was fixed in this PR.

Wrapping Up

Although I enjoyed reviewing all the commits from the last week, there were as usual too many to mention exhaustively. But do check them out yourself here!

Until next week!

Hello there!

Yes, this is Godfrey again. I am glad a lot of you found last week’s Cool Trick™ useful. However, wouldn’t life be pretty boring if you just keep getting useful information? So I figured I would change things up a bit by delivering you an issue full of bad puns, dad jokes and other useless information. Let’s get to it!

This Week’s Rails Contributors

This week, 11 new contributors along with 19 other returning contributors took some time to keep Rails chugging along.

Include The Content of “The Flash” In ETags

When confronted about code bloat, DHH does not take it lightly. This week, he pulled another one of those moves by committing the content of The Flash into the Rails codebase.

Redirect POST Requests With 307 Status Code

Chirag Singhal decided to stir up some drama here by sending browsers a HTTP 307 “YOU JUST DON’T GET IT” status code when upgrading POST/PUT/DELETE requests to HTTPS connections.

Remove over meta programming in AR::Relation

When Bogdan Gusiev dived into the AR::Relation code base, he was not pleased with what he saw. After making some tweaks in this PR, he seemed happy with the result. Why?

Well.

( •_•)>⌐■-■

(⌐■_■)

It doesn’t meta anymore.

YEEEEAAAAAAAAHH

Improve tag_option performance

Amadeus Folego identified  tag_options  as a hotspot in his application and decided to help improve its performance by throwing in some frozen strings. Cool!

Update docs with Action Cable Redis dependency

Coming back from his vacation, Rafael Reggiani Manzo redis™covered a new dependency for developing Rails. To ease the shock for the next person, he added the setup instructions to the guides.

Missing key should throw KeyError

Last but not least, Eileen M. Uchitelle committed a key error this week.

Wrapping Up

That’s all from me this week, I hope you find this information useless! For a more informative view, check out (no pun intended) the commits here.

Okay, please don’t unsubscribe! 😭 Your favorite rotation of editors will be back starting next week to replace me, so I’m sure things will get better from here!

Promise!

This is Godfrey, reporting in from Portland, OR. We have a lot to cover this week, let’s dive right into the stories so you can go back to watching Olympics!

👀
👅

Cool Trick™

Router Visualizer

Have you ever wondered what happens when you visit a URL (say /posts/5 ) in your Rails app? How does the Rails router know where to send your users?

The first (of many) step is to compare the URL against the routes table for potential matches. To make this lookup as fast as possible, the routes table is pre-compiled into a finite state machine, specifically a nondeterministic finite automaton (NFA).

If that sounds very intimidating, don’t worry! The Rails router actually comes with a debugging tool that could generates an interactive visualization of your router NFA.

To generate one for your app, simply run Rails.application.routes.router.visualizer from your Rails console and save the returned string into an html file. (You will need the dot command-line tool for this – OS X users can get it from homebrew with brew install graphviz. )

…

Oh, is it not working? I forgot to mention that this tool is broken on Rails 5 by an internal refactor. Don’t worry though, because Seth fixed it for us in this pull request, which would come out with the next 5.0 patch release. If you are impatient, you could try it out by running the 5-0-stable branch.

Before you build your next billion-dollar startup with this awesome tool, please note that this is an undocumented ( private! ) API, and as you can see, could break unexpectedly between versions (or go away entirely).

While it’s definitely not Production Grade™ software, it’s still very useful for learning and debugging purposes. Enjoy it while it lasts!

New Stuff

Optional schema.rb Alignment

When dumping the schema, Rails tries to align things vertically for readability. However, this could result in a bigger diff than you would like when making changes to an existing table. With this PR, you now have an option to turn that off!

Controller Tests Now Supports as Option

While integration tests are strongly preferred over controller tests going forward, this PR allows you to simulate a request content type in controller tests using the same as: :json (or as: :xml , and so on) option. 

retry_on Gets A Job

Active Job’s retry_on API can now access to the job instance that failed, in addition to the exception object.

Make touch_later Respects no_touching

The no_touching API now composes correctly with touch_later as you would expect.

Query With Arrays and Ranges

With this PR, you will be able to pass an Array or Range object to where(some_column: …) when querying an array/range column, assuming your database supports those column types.

Fix Upgrade Task Documentation

This is a periodic PSA that when it comes to upgrading Rails apps, the update task is going to be your friend. In Rails 5, this command has been renamed to rails app:update , whereas when upgrading to Rails 4.2 and below, you would want to use rake rails:update instead.

See the upgrade guide for more details.

In Case You Missed It…

Active Job Defaults To Async Adapter

In case you missed it, Active Job in Rails 5 defaults to using the “async” adapter for jobs processing (the previous default was the “inline” adapter). The documentation has been updated to reflect that change.

Wrapping Up

That’s it from This Week in Rails! As always, there were a lot more changes than we have room for. If you are interested, definitely go check them out yourself!

Until next week!

Hello! This is Roque covering latest events from the Rails community. Like in Rio, our week was busy with plenty of amazing participants #Rio2016 🇧🇷

Featured

Security releases!

New Rails versions are released with many important security fixes. If you have not done already, do not drop the ball and upgrade as soon as possible.

This Week’s Rails Contributors

This week 29 code athletes contributed to Rails. We also got 1 first time contributor. Welcome aboard the Rails Games!

Allow specifying encoding of parameters by action

Controllers can list the parameters with parameter_encoding, providing the action and the encoding type.
This allows parameters in the same request to have particular encoding types.

Fixed

Fix thread_mattr_accessor class leaking

thread_mattr_accessor was sharing the variable with superclasses and subclasses. Setting the variable in one would compromise the other.

Fix the Accept header overwritten issue in integration tests

XHR integration tests were overwriting the Accept header and creating inconsistency with HTTP_ACCEPT.

Improved

Better logging of cached partial renders

A while ago, DHH suggested an improvement to better log cached partial renders. It looks pretty clean!

Show error message when Rails runner fails

The Rails runner will now give you a hint of what is going on whenever it fails with an exception.

Wrapping Up

That’s it from This Week in Rails! There were many other great code athletes, too numerous to list here, but feel free to check them out!

Until next week!

Hi everyone!

Rails 5.0.0.1, 4.2.7.1, and 3.2.22.3 have been released! These release contain important security fixes, so please upgrade when you can.

Versions 5.0.0.1, 4.2.7.1, and 3.2.22.3 contain a fix for CVE-2016-6316 which you can read about here. Version 4.2.7.1 also contains CVE-2016-6317 which you can read about here.

To ease upgrading, these releases contain only security fixes.

Here are checksums for the gems:

Rails 3.2.22.3

[aaron@TC release]$ shasum *3.2*
6ba79586fa0c60de8e13d0e2bdd9508ae03e0222  actionmailer-3.2.22.3.gem
aa26322bef392b2911d94d4d7390b7c20d2ac8c6  actionpack-3.2.22.3.gem
8a5c3cf72592d670b23e2ccfa22d13929dbbed6e  activemodel-3.2.22.3.gem
2354c885903252bc8acd6cd03c13f0b8f3f4d9a4  activerecord-3.2.22.3.gem
824b2a7eb4b65fd70051006645400ad16aeb095e  activeresource-3.2.22.3.gem
3d026ae2c0aa9807510d033abee424ada82782bf  activesupport-3.2.22.3.gem
9d40b008c664fb234158f8e68c589dc410520c96  rails-3.2.22.3.gem
26e6d7cb9b6fdb160486e8b850ca31fff250b69f  railties-3.2.22.3.gem

Rails 4.2.7.1

[aaron@TC release]$ shasum *4.2*
00a9b8ed92e96abf11aead750f98558a0bc136a7  actionmailer-4.2.7.1.gem
b7c08b66da4532acc84d099733a8148bbbdbb108  actionpack-4.2.7.1.gem
1e843b678e08b503f1521fcbf159f166141221b9  actionview-4.2.7.1.gem
93acc93ae1098ef0c5ac6798ca700422b484114c  activejob-4.2.7.1.gem
b0a0008a67d8995da0c25e610c659ff69c031c0d  activemodel-4.2.7.1.gem
07537cb059779e92615a34b205f3b1e8a722d78b  activerecord-4.2.7.1.gem
33b1220c3739453b872cdc1eda193841c0a14033  activesupport-4.2.7.1.gem
d39f1fc8c7d86ada1c7243bd713b03ec09889b8b  rails-4.2.7.1.gem
5f39ebc0f270d95df72ef38311362cf2d0aaaa87  railties-4.2.7.1.gem

Rails 5.0.0.1

[aaron@TC release]$ shasum *5.0*
721f9e6079d184b58b225a88b28c8aeca6b3f388  actioncable-5.0.0.1.gem
1dfd080bd3e780816fb0d4b25a8d5cf111e78784  actionmailer-5.0.0.1.gem
b557b5c3b94b63356de93c985bf70be8df7619f3  actionpack-5.0.0.1.gem
d58cf5cb5b4dc4e0cc33eea9c3d9c4426363922a  actionview-5.0.0.1.gem
9f1038a26bac62c97189f664c53729bf74abee24  activejob-5.0.0.1.gem
b09333355633f7674f04e098e6766c0fe3ac966b  activemodel-5.0.0.1.gem
4ca136b557265b4ee307c8f936180680cc0fcde0  activerecord-5.0.0.1.gem
297d6b1bb741226a1aec4081cbdfa61ce27d8e8b  activesupport-5.0.0.1.gem
24b7f00cbd411784be774dc526e5398a9c438a3d  rails-5.0.0.1.gem
a46d76ae93a8c740a63ef245af3bbe75e491e4f0  railties-5.0.0.1.gem

Hello! This is Andy bringing you another week’s worth of highlights from Rails. Today also marks the official start of the #Rio2016 Olympic Games 🇧🇷 . New events this time around include golf, sevens rugby and kitesurfing, so check those out!

Featured

Rails Contributors

This week we’d like to thank 18 contributors to Rails and extend a welcome to this week’s only first-time contributor!

New exception handling APIs for ActiveJob

New APIs retry_on and discard_on have been added to ActiveJob. These provide hooks for a job class to perform some additional functionality when exceptions occur. The PR for this feature has some nice discussion, check it out!

New ActiveRecord transaction error classes

ActiveRecord can now distinguish between serialization failures and deadlocks. A more specific error in the case of deadlocks is now returned where supported (currently only PostgreSQL). Check the PR for an analysis of other database adapters and the latest code as the class names may have changed.

Fixed

Activesupport::Duration inconsistencies around daylight saving time

Since this commit from December, “week” durations are no longer converted to days. This means we need to add :weeks to the parts that ActiveSupport::TimeWithZone will consider being of variable duration to take account of DST transitions.

Improved

YAML Parameters backwards compatibility

This change provides backwards compatibility for Rails 4.2 based on YAML serialization changes made in Rails 5.

Wrapping Up

That’s it from This Week in Rails! There were many other great contributions and investigations too numerous to list here, but feel free to check them out!

Until next week!

This is detective  🕵  Prathamesh reporting from the secret chambers of Rails.

We were busy investigating many  🐛🐛🐛🐛🐛  this week and I am happy to announce that we have successfully solved many mysterious cases 💪

Featured

Rails Contributors

Great 🔍 work by 22 detectives who solved mysterious cases this week. Also welcome to 4 new  🕵  in our growing list of contributors!

Ruby/Rails applications not vulnerable to HTTProxy security issue

The Phusion team found out that Ruby, Rails and Rack applications are not affected by the recent security issue related to HTTProxy. Great  🕵  investigation!

Fixed

Use already loaded records in the finder methods

If the records of the finder queries are already loaded, then Rails will use them instead of querying again.

Correctly return associated_table when associated_with? is true

This fixes an issue related to has and belongs to many associations failing when the association name and table name are the same.

Remove circular join references in join_dependency

This fixes a stack level too deep crash when a circular join on the same table is used with the current scope.

Correct the behavior of virtual attributes on models loaded from the database

Before this change, virtual attributes not backed by the database would throw an error unless explicitly initialized. This change fixes it and also cleans up the implementation for virtual attributes. 

Improved

Reset rack.input when the environment is scrubbed for the next request

Before this change, parameters sent via post requests would leak across requests in the Action Controller tests. This change prevents that by cleaning rack.input at the end of the request scrubbing.

Changed partial rendering to allow collections which don’t implement to_ary

This change allows collections which do not implement to_ary also to be used for rendering partials. It allows instances of Enumerator or Enumerable to be used for rendering partials.

Wrapping Up

That’s it from This Week in Rails! There were many other great contributions and investigations too numerous to list here, but feel free to check them out!

Until next week!  🕵 🔍 💪

Hello from Vipul.

This was one busy week, with many changes landing on master.
We had lots of performance improvements, bug fixes, new additions and enhancements.

And here I thought everyone was just playing Pokemon Go now. 

Featured

Kasper joins Rails core!

That’s right Kasper gets himself a cartoon face!

Kasper has helped make countless changes and helped others make them as well.

He’s continued to making substantial, individual contributions, like the new partial collection caching scheme, wildcard template dependencies, and big improvements to the test runner.

This Week’s Rails Contributors

This week saw contributions from 30 fabulous people. 2 of those had a commit merged into Rails for the very first time.

A big thank you to you all! ❤️ If you fancy seeing yourself up there next week, why not take a peek at the list of current issues? Improvements to the documentation can also be a great place to start!

2x performance boost for String#blank? in Ruby 2.4!

String#blank? now uses Regex#match? following the backwards compatible addition of Regex#match? that was introduced.

This helps to get upto 2x the performance with new Regex improvements on Ruby 2.4!

Introduce assert_changes and assert_no_changes

ActiveSupport::TestCase was augmented to complement assert_difference with a more more general usage.

With this handy comparison, we can now do something like-

user = User.start_registration
assert_changes ‘user.token’, from: nil, to: /\w{​32}​/ do
  user.finish_registration
end
to encapsulate the state changes, before and after an operation.

New

Bring back support for callable cache key when rendering collection

Support for custom callable cache key was added back to view caching. This allows us to do something like

<%= render partial: ‘projects/project’, collection: @projects, cached: -> project {​ [project, current_user] }​ %>

and pass a key based on a callable block, which allows us to depend on cache’s and cache expiration based on result of the call. In the above case, the cache will be expired with changes to project and current_user objects.

Add exists? and update_all to CollectionProxy to respect an association scope

This change added exists? and update_all to CollectionProxy to respect an association scope.

This was causing issues in newest version of Rails whenever update_all or exists? were called on a collection object like user.references.update_all(…).

Fixed

Fix bug in ActiveRecord TimeZoneConverter#set_time_zone_without_conversion

Before this change, multi-parameter attributes conversion with invalid params caused issue, when AR’s time_zone_aware_attributes was enabled, since that caused an invalid conversion. 

The new change, now tries conversion only when a valid value is available for safe-conversion.

Fix calling merge method as the first occurrence in a scope

Previously calling merge as the first method to build up a scope used to lead to errors-

scope :unsafe_chaining, -> {​ merge(Comment.newest) }​ #=> NoMethodError:

This change now allows us to overcome this and build up scopes like-

scope :_chaining, ->{​merge(Comment.newest).joins(:comments) }​ # => OK_

Improved

Allow MessageEncryptor to take advantage of authenticated encryption modes

This change allow MessageEncryptor to now support authenticated encryption modes.

AEAD modes like aes-256-gcm provide both confidentiality and data authenticity, eliminating the need to use MessageVerifier to check if the encrypted data has been tampered with. This speeds up encryption/decryption and results in shorter cipher text.

Setup default session store internally, and no longer through an initializer

This change removes creation of the config/initializers/session_store.rb to define session store via initializer and sets up default session store internally.

By default the session store will be set to cookie store with application name as session key.

Wrappin’ Up

That’s it from This Week in Rails! There were many other great contributions, too numerous to list here, but feel free to check them out!

Until next week!

It’s a privilege to welcome Kasper Timm Hansen to the Rails core team, and I’m not just saying that because he’s a fellow Dane, though it helps 🇩🇰! Kasper started contributing to Rails during the 2013 Summer of Code program where he worked on the new Loofah-backed sanitizer. It was a big job and Kasper aced it.

Since then he’s racked up almost seven hundred commits on a wide variety of projects and PRs. He’s helped countless contributors polish their pull requests to the point that their work can be committed to the framework.

He’s also continued making substantial, individual contributions, like the new partial collection caching scheme, wildcard template dependencies, and big improvements to the test runner.

He joins the core team as lucky #13 😎✨👏

Hello from Claudio.

This week saw some small fixes applied to Rails 5. Nothing major. Nothing that should stop you from upgrading all your apps from Rails 4.2 to Rails 5. So get onboard! You can do it!

Featured

Rails 4.2.7 and 4.1.16 have been released!

Check the blog post for links to all the CHANGELOGs. As Rails 5 was released, this is probably going to be the last release of Rails 4.1. Please take some time to upgrade your application to Rails 4.2 or Rails 5.

This week’s Rails contributors

32 people contributed to Rails this week, including 6 first-timers. Congratulations! Don’t hesitate to check all the changes merged into master this week. 

New

Add support for limits in batch processing

Active Record’s batch processing methods now support limit, so you can write statements like Post.limit(10_000).find_each { ​|post| … }​.

Fixed

Fix AR::to_param to maximize content

The documentation states that AR::to_param should truncate values longer than 20 characters by words. This commit enforces this behavior, using as many characters as possible to maximize the information included in the URL.

AS::Duration to serialize empty values correctly

ActiveSupport::Duration::ISO8601Serializer will not fail when asked to serialize zero-length durations such as ActiveSupport::Duration.parse(0.minutes.iso8601).

AS::TimeZone#strptime to raise the correct error

Trying to parse an invalid date such as in strptime('1999-12-31', '%Y/%m/%d') will now raise ArgumentError rather than the confusing NoMethodError: undefined method empty?.

Check request.path_parameters encoding when they’re set in env

The encoding of path parameters is now checked earlier in the dispatch process so that routes that go directly to a Rack app, or skip controller instantiation, don’t have to defend themselves against non-UTF8 characters.

Improved

Speed up RDoc generation

Every commit to rails/master automatically updates the Rails docs. The RDoc generation has gotten faster by only including files that contain changes since the last generation.

Wrappin’ Up

Repeat after me: “Next week I will upgrade all my projects to Rails 5.”

💬 “Next week I will upgrade all my projects to Rails 5” 💬

I hope you do! And finally, if you happen to travel to sunny California this summer, come say hi at the Los Angeles Ruby meetup. 🌇😎🏄

–Claudio