This week in Rails: stable releases, `Parameters#dig` and moar awesome fixes

Posted by huoxito, March 11, 2016 @ 12:00 am in News

Hey there!

This is Washington with the latest news from Rails!

This week’s Rails contributors

Again we start pointing to the 40 people who took some time to improve the framework this week!

Rails 4.2.6 and 4.1.15 have been released

After a round of release candidates here goes the latest stable releases. Hopefully a quite easy upgrade if you’ve been following the latest security patches.

New Stuff

Introduced ActionController::Parameters#dig

Similar to Hash#dig, this easter egg for Ruby 2.3.0 users was introduced this week and should land with Rails 5.

Improved

Symmetric job payload across JSON dump/load

One last piece of a non-native JSON data type, aka Ruby symbols, was normalized so that one can make successful run time checks.

Default rendering behavior on respond_to collector

This is done so that actions using respond_to blocks go hand in hand with Rails 5 default :no_content response for missing templates.

Prevent Marshal.load from looping infinitely

Improved compatibility for marshalled objects between Rails versions, e.g. Rails 4.0.x and 4.2.x

Execute default_scope within the scope of subclass

Give a proper context to queries involving a default_scope triggered from a subclass of ActiveRecord#Base.abstract_class.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a look at the changes yourself.

Until next time!

This week in Rails: Rails 4.2.6.rc1 and 4.1.15.rc1, AS::Executor and AS::Reloader APIs and more!

Posted by vipulnsward, March 4, 2016 @ 12:00 am in News

Hi All!

This is Vipul bringing you the latest news from Rails!

This week’s Rails contributors

This week 48 contributors helped to move Rails forward! Want to be one of them? Look at the issues list and make a contribution!

Rails 4.2.6.rc1 and 4.1.15.rc1 have been released

Rails 4.2.6.rc1 and 4.1.15.rc1 have been released! If no regressions are found expect the final release around March 4, 2016.

Publish AS::Executor and AS::Reloader APIs

These both allow external code to run blocks of user code to do “work” at a similar unit size to a web request without needing to get intimate with Action Dispatch.

This change is intended to allow interested callers (Sidekiq, Action Cable), to just do:

Rails.application.reloader.wrap do
  # run some user code
end

and Rails will take care of the interlock, code reloading, returning Active Record connections to the pool, and anything else that might be relevant. Exciting, if you have ever been stung by concurrent processing in jobs, etc.

New Stuff

Rails now defaults to Puma 3

With related changes from Puma, Puma 3.0 and up introduced compatibility to read from config/puma.rb when booting from the command $ rails server. Rails now depends on Puma 3.0, so that support for config/puma.rb comes out of the box.

Add exclude option to SSL middleware

The force_ssl option redirects each request to HTTPS. This change now allows redirection to be constrained to only whitelisted requests with exclude:

config.ssl_options = { redirect: { exclude: -> request { request.path !~ /healthcheck/ } } }

Improved

Generate config/spring.rb in new applications

This change makes the application generator create a new file config/spring.rb, which tells Spring to watch additional common files, for example .ruby-version. This file can then be edited to suit each application.

Added log “Rendering …”, when starting to render a template

This change added log “Rendering …”, when starting to render a template, to log that we have started to render something, at the very beginning.

This helps to easily identify queries called from controller vs views.

Deprecations

Deprecate :controller and :action path parameters in routes

Allowing :controller and :action values to be specified via the path in config/routes.rb has been an underlying cause of a number of issues in Rails that have resulted in security releases. In light of this it’s better that controllers and actions are explicitly whitelisted rather than trying to blacklist or sanitize bad values. This change deprecates passing these options in routes.

Deprecate {insert|update|delete}_sql in DatabaseStatements

This change deprecates {insert|update|delete}_sql in ActiveRecord::ConnectionAdapters::DatabaseStatements in favor of {insert|update|delete} public methods. Originally, {insert|update|delete}_sql were protected methods, and were not intended for external use.

Deprecate Module.local_constants

Module.local_constants has now been deprecated. After Ruby 1.9 (and since Rails 5 supports Ruby 2.2+), we can easily get the constants that have been defined locally by Module.constants(false). Hence, Module.local_constants is no more necessary.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a look at the changes yourself.

Until next time!

[ANN] Rails 4.2.6.rc1 and 4.1.15.rc1 have been released!

Posted by rafaelfranca, March 1, 2016 @ 9:10 pm in Releases

Hi everyone,

I am happy to announce that Rails 4.2.6.rc1 and 4.1.15.rc1 have been released.

If no regressions are found expect the final release this Friday, on March 4, 2016. If you find one, please open an issue on GitHub and mention me (@rafaelfranca) on it, so that we can fix it before the final release.

CHANGES since 4.1.14

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

CHANGES since 4.2.5

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes.

Here are the checksums for 4.1.15.rc1:

$ shasum *4.1.15.rc1.gem*
844351646e7ef5c93b3d21eb14a3d4da0c4bd92d  actionmailer-4.1.15.rc1.gem
1ed87a6847f2f4935f0a16ffa760716f0dc3f2d2  actionpack-4.1.15.rc1.gem
343b96bfe70ebde865fc4c809978cb060a0738c4  actionview-4.1.15.rc1.gem
cc913686a9f8462015d82ea827ddc60431af0db8  activemodel-4.1.15.rc1.gem
f1ff76eb16ba627b7202b2fecaa4219228d14034  activerecord-4.1.15.rc1.gem
2e00ba29b066afe23c152c96becef01fcee3cb10  activesupport-4.1.15.rc1.gem
67a534317cb8446525b644a7abf22bd09273264a  rails-4.1.15.rc1.gem
91b4ec78e9cfcee55e8d92760b6a628ccd20a2d4  railties-4.1.15.rc1.gem

Here are the checksums for 4.2.6.rc1:

$ shasum *4.2.6.rc1.gem*
09ef4800e26fd97d3cc64d1c53ae72bc16e79fd2  actionmailer-4.2.6.rc1.gem
1f41705eec68218ea291d7cdfa233c50c1172524  actionpack-4.2.6.rc1.gem
3cbf38b5021dbb9e587e003ad1782084e323ec35  actionview-4.2.6.rc1.gem
fea55eddff554d1995868b9891e111b683bbf70c  activejob-4.2.6.rc1.gem
46d87e81f73410631554d34e0548347955a6ced4  activemodel-4.2.6.rc1.gem
9496ed951ff242d9ac0a68643877b3b213d1147a  activerecord-4.2.6.rc1.gem
07ea5df02904eed063dd5093b5a7c6f39b3e70ae  activesupport-4.2.6.rc1.gem
3c3194bc02f22e7eac12d982208418d88c0d7a70  rails-4.2.6.rc1.gem
fc855160f5d04e3997d5a09a24027d9e330959b6  railties-4.2.6.rc1.gem

I’d like to thank you all, every contributor who helped with this release.

Rails 4.2.5.2, 4.1.14.2 and 3.2.22.2 have been released!

Posted by rafaelfranca, February 29, 2016 @ 6:50 pm in Releases

Hello everyone and happy Monday!

Rails 4.2.5.2, 4.1.14.2, and 3.2.22.2 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible:

These releases also contains bug fixes for the previous security releases. The released versions can be found in the usual locations, and you can find a list of changes on GitHub:

We’ve done our best to minimize any impact to your applications, but if you run in to any issues, please file a ticket and we’ll do our best to help!

Again, as always, if you run in to any bugs, please file them on the Rails issue tracker which is located here. If you run in to security issues, please follow the reporting process which can be found here.

Here are checksums for the released gems:

$ shasum *4.2.5.2.gem*
6d63003ef278381e2155daff9d88c0e3f9b4772f  actionmailer-4.2.5.2.gem
d4c345a50c1ca34877c262515c803f7e3c2b1db0  actionpack-4.2.5.2.gem
e6046e359ef996d08ceebf5b827286737666c848  actionview-4.2.5.2.gem
6b2e3059fd620c84f039a9882bf4ef9199fab3c0  activejob-4.2.5.2.gem
84af62e888830fd6616cc984bc06da3f87ef12b5  activemodel-4.2.5.2.gem
9e22d1ac610a7f63a6cc55af98701cedecf760b2  activerecord-4.2.5.2.gem
c8781d9fff8e410987ac5d2a5483fdca2b0b6c15  activesupport-4.2.5.2.gem
0a0c4b44a6a40680deffd7abe6fe1ad4c4adcd77  rails-4.2.5.2.gem
5614cd03b5912f9cf48fa41c81fff9145f472507  railties-4.2.5.2.gem

$ shasum *4.1.14.2.gem*
d15f2f70b1539d44a2dab6864f550238ef0ae3d1  actionmailer-4.1.14.2.gem
04bb0456048863f6391f0f5996a2b01c8a9c1e8b  actionpack-4.1.14.2.gem
57a54f23c418b39979a2745bb3db2de67a6d02c9  actionview-4.1.14.2.gem
54e553172130d32962e1ff6fe8e19fd71b552994  activemodel-4.1.14.2.gem
45ee0e48ad0eb17ef36bd8816439f256cbe0b51c  activerecord-4.1.14.2.gem
957a341b6ee5970d4b6e36b108de05ead0ea9762  activesupport-4.1.14.2.gem
4d8842abe184b0113032d6643b9d4639bb6e276b  rails-4.1.14.2.gem
c4b3a0e130117b70524d3f52a292518a8a237480  railties-4.1.14.2.gem

$ shasum *3.2.22.2.gem*
d5fa20cbddd37cbfd4a665b3d37ad2d5f47f1394  actionmailer-3.2.22.2.gem
127a227365cdc1195fb309ab037f25ab276dbc87  actionpack-3.2.22.2.gem
c754858b10ef01b071eafca831be2dba2ebbcc71  activemodel-3.2.22.2.gem
417f1b087f7166083b78c5cebfb911cffe551c13  activerecord-3.2.22.2.gem
859861ec97dcb15dbaef38555995b2c1490928c9  activeresource-3.2.22.2.gem
7383b11b265cdd642c55aee5e15f0f87a5a77505  activesupport-3.2.22.2.gem
e2b06adbd0df0ccd09b7e5d48024dc076ef38884  rails-3.2.22.2.gem
f358f2b37f5f439ef9971d2aba1d96258e9c25f9  railties-3.2.22.2.gem

Rails 5.0.0.beta3: More fixes, RC1 is soon

Posted by dhh, February 27, 2016 @ 4:00 pm in Releases

We’re currently down to 18 open issues on the issue tracker for Rails 5.0.0.RC1. But while we continue to drive that number down, we thought it’d be nice to release another beta with the many fixes and updates we’ve seen since beta2. We’ve had some 500+ commits pass since that release, and for people testing out Rails 5.0, it’s just a better release.

The release targets have been moved out a bit, so RC1 on March 1 and then final on March 16. That may well be a tad optimistic still, but that’s the current target.

If you missed the announcement on what’s new in Rails 5, checkout the beta1 story. Thanks to Eileen Uchitelle for coordinating this release.

This week in Rails: Turbolinks 5, Rails 5.0.0.beta3 and more!

Posted by gregmolnar, February 26, 2016 @ 12:00 am in News

####

Hello, this is Greg bringing you the latest news about the Rails framework!

This week’s Rails contributors

This week 51 great developer helped to move Rails forward! Want to be one of them? Look at the issues list and make a contribution!

Rails 5.0.0.beta3 has been released

Rails 5 is getting closer to the release candidate. The new beta brings many improvements and fixes.

New Stuff

This commit made Rails compatible with Turbolinks 5 and master uses the beta release of Turbolinks 5 now.

rake test now respects TESTOPTS

With this change, we can now pass options to minitest via the TESTOPTS environment variable.

Fixed

Fixed primary key uniqueness issue

This commit reverted some earlier changes which caused an issue with the uniqueness validation of a primary key field, when the primary key field is called something other than id.

Fixed CSRF issue with button_to tag

There was an issue with the CSRF token generated when button_to was called with the delete method, but it is all fixed now!

Improved

Improved Action Cable reconnection reliability

This pull request improved the Action Cable reconnections by treating closing state as closed and by calling ActionCable.ConnectionMonitor#connected() on the client side upon successful connection. It also introduced client side logging to make debugging easier.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a look at the changes yourself.

Until next time!

This week in Rails: RailsConf program, on_weekday? and more!

Posted by chancancode, February 20, 2016 @ 12:00 am in News

Hello, this is Godfrey and Prathamesh bringing you the latest developments from Rails!

RailsConf 2016 program announced

The conference is looking pretty awesome, with a good mix of talks on various topics. I hope you are as excited as I am!

This week’s Rails contributors

This week, we have recorded 136 commits from 37 contributors (including 8 first-time contributors)! Thank you for making Rails better for everyone!

New Stuff

#on_weekday? method to Date, Time, and DateTime

Along with #on_weekend?, you can now easily find out if a certain day falls on a weekday (M-F). The question is, do you really want to know?

Fixed

Fix incorrect behavior with unsubscribing to channels

Saying goodbye is certainly hard, but having to listen for one might just be worse. Luckily for us, all of these are abstracted deep inside Action Cable, so we will never have to go through that ourselves.

Improved

Inject Rails configurations through Railtie

Dependency injection might not be a virtue, but in this case, it certainly helps keeping things neatly isolated from each other.

Tagged errors in logs

A while ago, tagged logging became the default on production on Rails 5. Now the tags are included in the logs for errors too!

Automatically reset ActionMailer::Base.deliveries in integration tests

With this patch, Rails 5 will automatically clear the ActionMailer::Base.deliveries array in between your integration tests.

Support nested params in button_to helper

We can now pass nested hashes or arrays to button_to helpers’s params option.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a look at the changes yourself.

Until next time!

Ruby on Rails, with love since 2005

Posted by claudiob, February 12, 2016 @ 12:00 am in News

####

Happy Valentine’s Day weekend!

What better way to show your love for Rails than to help close the last few issues pending for the release candidate of Rails 5? ☺️

Claudio

This week’s contributors

Thanks to the 41 people who loved Rails this week by contributing to its source code. A special kiss to the 14 of you who contributed for the first time!

Guides: Using Rails for API-only Applications

You heard that Rails 5 will be able to generate API-only applications. Now you can learn all the details by reading this new chapter added to the Rails Guides.

The source code of turbolinks has been moved to a new GitHub organization, with plans to release more turbolinks-related libraries in the future.

New Stuff

Added numeric helper into SchemaStatements

Need to add a numeric column to a database table? You can now use t.numeric :foo which is a lovely alias of t.decimal :foo.

Add as to encode a request as a specific mime type

You can now test a JSON POST request with post articles_path, as: :json rather than adding helpers like post_json. And you can also test the response as parsed JSON with parsed_body.

Fixed

Fix performance regression in Active Record

RubyBench analyzes every commit made to rails/rails so performance regressions can be rapidly discovered… and fixed!

Improved

Speed up string xor operation and reduce object allocations

We love commits like this one which improve the performance of Rails and use benchmark/ips to measure their impact.

Set database poolsize via RAILS_MAX_THREADS

The environment variable introduced in config/puma.rb is now reused in the database configuration to avoid connection timeout errors.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a peek at the changes yourself.

Until next time!

Rails 5 beta 2, RailsConf 2016 registration and more!

Posted by repinel, February 5, 2016 @ 12:00 am in News

####

Hello everyone! This is Roque bringing the latest from the Rails world. Stay tuned!

Rails 5.0.0.beta2 has been released!

Please give Rails 5.0 a try on your app. Spotting bugs and upgrade issues ahead helps big releases like this.

This week’s contributors

This week 54 people contributed to Rails. We also got 10 first time contributors. Welcome aboard folks and keep it going!

RailsConf 2016 registration is open

All aboard! The next train is leaving to Kansas City. Don’t miss it! Tickets sales ends April 3rd.

Rails 5 only supports PostgreSQL 9.1+

Rails 5 will only support versions of PostgreSQL greater than or equal to 9.1. Older versions are no longer supported by the PostgreSQL team. You can read more on their official page.

New Stuff

Add default Puma config and option to skip it

A default config has been added for Puma. It sets the default Puma thread count to 5 to mach Active Record’s default, and prevent connection timeout errors.
Puma can now be skipped when generating new apps with the --skip-puma option.

Rails command now runs Rake tasks in Engines

Just like in Rails apps, it is now possible to use the rails command to execute rake tasks in Engines.

Fixed

Fix corrupt transaction state caused by before_commit exceptions

This makes Active Record aware that a database was rolled back when a before_commit callback raises an exception.
Before, Active Record would think the connection was active, and fail.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a peek at the changes yourself.

Until next time!

Rails 5.0.0.beta2: Slashed Action Cable dependencies, fixes galore

Posted by dhh, February 2, 2016 @ 4:00 pm in Releases

Progress waits for nobody: The second beta release of Rails 5 is out, and it’s packed with a six weeks worth of fixes and upgrades.

The big news is that Action Cable no longer depends on Celluloid, Redis, or even EventMachine! We’ve doubled down on concurrent-ruby, added a PostgreSQL alternative adapter to Redis for pubsub, and added a non-EventMachine Redis adapter too. So if you were freaking out over the new dependencies in beta1, you can breathe easy again. The Rails community has, as per-usual, stepped up and Made It Better. Special thanks to Mike Perham, Jon Moss, and Matthew Draper for their work on this!

Beyond that, there’s literally 25 pages of commits on GitHub detailing the work done since the beta1 release on December 18. It’s a good stroll through the work it takes to go from beta to beta.

The release targets from here are RC1 on February 16 and then final on February 23. All depends on how much stuff pops up from beta2 and RC1, though. So don’t order cake or champagne for delivery on those dates just yet!

If you missed the announcement on what’s new in Rails 5, checkout the beta1 story. Oh, and thanks to Sean Griffin for coordinating this release.