Hi everyone,

I am happy to announce that Rails 4.0.4.rc1 has been released. This is a bug fix release and includes more than 290 commits.

If no regressions are found we will release 4.0.4 final this Friday, on March 14, 2014. If you find one, please open an Issue on GitHub and mention me (@rafaelfranca) on it, so that we can fix it before the final release.

CHANGES since 4.0.3

To view the changes for each gem, please read the changelogs on GitHub:

• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes:

450c2d673e35332e93f6ff8b79f5fc6a6c6c5494  actionmailer-4.0.4.rc1.gem
2632500a717450335f35dc46d45ea3bbad4a6c41  actionpack-4.0.4.rc1.gem
b8615f73e39c701295aa7e1c4131fdc03e05420a  activemodel-4.0.4.rc1.gem
8f3329e7daca46cdaf6472f917f159600a378412  activerecord-4.0.4.rc1.gem
1c6fa8c7cb04ed982cdd378890c543984cfd27f1  activesupport-4.0.4.rc1.gem
43118638bc24f2811d09d95a429667ac4bd7eb6d  rails-4.0.4.rc1.gem
ff6cb0a24ff6ebc79f2fca75134ccd65a6e1601c  railties-4.0.4.rc1.gem

I’d like to thank you all, every contributor who helped with this release.

We’re pleased to announce, Ruby on Rails has been accepted into Google Summer of Code 2014 as a mentoring organization. What does this mean to you? Potentially, if you’re the right person, you can get paid to work on Rails this summer! The “right person” in this case is one who is at least 18 years old (sorry, Google’s rule, not ours!) on or before April 21, 2014; a full or part-time college student; and passionate about improving Rails.

We’re building a potential list of project ideas on a GitHub wiki, but we welcome other interesting proposals. If your proposal gets accepted, Google will pay you $5500 over the course of three months to work on the code. If you’re interested, head over to the GSoC site and start reading about the process. Student applications can be submitted starting March 10 and the deadline is March 21.

If you’re wondering what’s involved in becoming a GSoC student then the Google Student Guide has all the details on what’s expected and what you will gain from taking part. Any further questions can be directed either to the mailing list or to me directly.

What if you’re not a student? You can still help out by discussing ideas on the special mailing list we’ve setup for this year’s program. Or if you’ve got previous experience of contributing to Rails and are ready to make a strong commitment to help out the next generation of developers, you can apply to be a mentor.

We’re looking forward to working with this year’s students, and expecting some outstanding contributions to Rails as a result!

We’re getting really close to signing off on Rails 4.1.0, but we need your help to push it the last mile. Today we’re putting out the first (and, with luck, only) release candidate of Rails 4.1.0. It would be swell if you would try it out and tell us where it breaks.

It’s already in really good shape (we’ve been running beta1 and forward in production for Basecamp for months), but still, let’s make it a shiny gemstone for release.

As a reminder, Yves and Godfrey have done such a splendid job putting together the release notes for 4.1 as a guide and Godfrey’s feature walk-through, so I won’t repeat them here. But you’re definitely in for a treat.

We have also now aimed rails/master at Rails 4.2.0, but there’s a new rails/4-1-stable branch to follow for this release series. And of course there’s the v4-1-0-rc1 tag for this particular release.

Enjoy!

Hi everyone!

Rails 3.2.17, 4.0.3 and 4.1.0.beta2 have been released!

These three releases contain important security fixes, so please upgrade as soon as possible! In order to make upgrading as smooth as possible, we’ve only included commits directly related to each security issue.

The security fixes in 3.2.17 are:

• CVE-2014-0081
• CVE-2014-0082

The security fixes in 4.0.3 are:

• CVE-2014-0080
• CVE-2014-0081

The security fixes in 4.1.0.beta2 are:

• CVE-2014-0080
• CVE-2014-0081

The commits for 3.2.17 can be found here, the commits for 4.0.3 can be found here, and the commits for 4.1.0.beta2 can be found here.

Here are the checksums for 3.2.17:

$ shasum *3.2.17*
f935f62c77648ceeea622c745fb675c00bae1762  actionmailer-3.2.17.gem
c97fc5302175bf85047598303ff5955e62b6ec94  actionpack-3.2.17.gem
73bfa7ba3cf5db06d7dd904d01a364794c26d74b  activemodel-3.2.17.gem
23c0dc657f6eee4c399e7fa3194670a7fb53d0b7  activerecord-3.2.17.gem
0408aec45047c3a487d157cca6776fab482a257e  activeresource-3.2.17.gem
f82805677b48a63678a10516bb190b9018621295  activesupport-3.2.17.gem
dd3dad311e390b57683c9e5367e5b86d468603d9  rails-3.2.17.gem
b1ce101f057562972852841de94f39dd54662ebd  railties-3.2.17.gem

Here are the checksums for 4.0.3:

$ shasum *4.0.3*
23a518945d69748894089be0c0248ac37a53a43a  actionmailer-4.0.3.gem
ea6ed1a6217025114781a82b1a47764b5f208efc  actionpack-4.0.3.gem
f7eebfc01692e433d154b711d7d46dfdb6c952b3  activemodel-4.0.3.gem
2f2d4e466869590a0c05df027b53440fc031a519  activerecord-4.0.3.gem
201700ba04716383dfd170e9fea05dda9f991cba  activesupport-4.0.3.gem
a26d1ecd1d61c18672e29668018dc89c37d371c1  rails-4.0.3.gem
984b1f914e64301f058b3ae49802b1d20f4d29ff  railties-4.0.3.gem

Here are the checksums for 4.1.0.beta2:

$ shasum *4.1.0.beta2*
b75b973e6bbbd547067e5c3b95948fa124110f65  actionmailer-4.1.0.beta2.gem
7450f3c6e4e8fecd570e738935999de60fb5419d  actionpack-4.1.0.beta2.gem
4c26f942e171f370bbe3bd48432709aabeae4b0e  actionview-4.1.0.beta2.gem
f2296128d08078c7d56e56e679ef0fefef256ed1  activemodel-4.1.0.beta2.gem
46ba3ebac34c19b060c7168365e3dedbc80f0332  activerecord-4.1.0.beta2.gem
46e048380d4c6d371d723676fad42c8710c6b4c1  activesupport-4.1.0.beta2.gem
e97fc5cd39c8480e9f2f94a4499c8553dd744aa0  rails-4.1.0.beta2.gem
0ad46ba736bfdf4b970199d8739974ef3c3c0cab  railties-4.1.0.beta2.gem

Happy Tuesday! <3<3<3<3

Hohoho, it’s Xmas time, kids! We have a beta full of goodies for everyone who’s been nice this year. Rails 4.1 is packed to the gills with more marvelous real-world feature extractions, bug fixes, and the tireless polish only a community full of Rails elves could bestow it with.

While this is just a beta release, it’s arguably a lot better tested and ready than most of our previous beta releases. The bulk of what’s new are legit bug fixes and additional features. Less shifting of the tectonic plates of the architecture this time around. This should hopefully mean relatively smooth sailing for anyone on 4.0 who wish to upgrade.

In fact, we’re already running beta1 in production for Basecamp, so you know it’s been taking a good beating. This helped us catch a couple of performance regressions, and we’ve verified that everything is still spiffy fast on Basecamp.

This new release also follows our new policy of targeting a minor release every six months. The idea being that the jump from minor to minor shouldn’t try to include everything under the sun. Just whatever is ready after the six month mark.

So there are already a laundry list of things lined up for 4.2, but that’s alright. We can target for that to land in another six months or so.

Yves and Godfrey have done such a splendid job putting together the release notes for 4.1 as a guide and Godfrey’s feature walk-through, so I won’t repeat them here. But you’re definitely in for a treat.

As always, please report any issues as a bug report on Github. If all goes well, we’ll try to have the final release out before the end of the year!

Hi everyone!

Rails 3.2.16 and 4.0.2 have been released!

These two releases contain important security fixes, so please upgrade as soon as possible! In order to make upgrading as smooth as possible, we’ve only included commits directly related to each security issue.

The security fixes in 3.2.16 are:

• CVE-2013-6417
• CVE-2013-4491
• CVE-2013-6415
• CVE-2013-6414

The security fixes in 4.0.2 are:

• CVE-2013-6417
• CVE-2013-4491
• CVE-2013-6415
• CVE-2013-6414
• CVE-2013-6416

The commits for 3.2.16 can be found here, and the commits for 4.0.2 can be found here.

Here are the checksums for 3.2.16:

[aaron@higgins release]$ shasum *3.2.16*
6ae0b4c073d51ca6c1c8a48c2223151058809e83  actionmailer-3.2.16.gem
6b28544b8671834814d27195c53be0bf4c91b72f  actionpack-3.2.16.gem
7f8e51d15bcda6f88d4a64d8de4251e2dedbc2da  activemodel-3.2.16.gem
1af9470cba9e2a768db94161142a3db1329da05c  activerecord-3.2.16.gem
46fdcf37936ca9184ad20e3eb70a4eceacd9f75f  activeresource-3.2.16.gem
6182ce0acd1ed8e355c0c588c186e7a4613634de  activesupport-3.2.16.gem
a1e46e22822a908d2f74ef6c1be6f67b98217889  rails-3.2.16.gem
8b964801c3c0272dbef93de05de793799df8b1f1  railties-3.2.16.gem

Here are the checksums for 4.0.2:

[aaron@higgins release]$ shasum *4.0.2*
744369829411616d403b09eb8d64370d1acd6ee1  actionmailer-4.0.2.gem
f16172154a7bfc6f95722aa035ded4228cbfe28d  actionpack-4.0.2.gem
7e0fbf71b18796ff35c8a76ce9568bd0fef4d0be  activemodel-4.0.2.gem
0e3e050c9d8ba2232a7ca9904f3215915001e9d1  activerecord-4.0.2.gem
aafba8dda508d8fd887788411c8881a31d4311a6  activesupport-4.0.2.gem
17689cefe57cb793d2fdb32cfbac6c9952df0186  rails-4.0.2.gem
b913a022a591d31edd8d9e436947072ac85428f7  railties-4.0.2.gem

Happy Tuesday! <3<3<3<3

Hi everyone,

I am happy to announce that Rails 4.0.1 has been released. This is a bug fix release and includes more than 460 commits.

This release comes up with an important change on how Active Record handles subsequent order calls. In Rails 4.0.0 when you do something like this:

User.order("name asc").order("created_at desc")

The latter called order will be prepended in the ORDER BY clause resulting on this SQL:

SELECT * FROM users ORDER BY created_at desc, name asc

In Rails 4.0.1 the behavior of Rails 3 has been restored and the generated ORDER BY clause looks like this:

SELECT * FROM users ORDER BY name asc, created_at desc

We chose to revert the behavior because it added a major backward incompatibility that made harder to have an upgrade path without major changes in the application code. Also we consider the older behavior a bug since it behaves differently from all the others scope methods when they are chained. So we took the most conservative path of reverting it to be consistent with the idea of having a smoother upgrade path to Rails 4.

For those who want the old behavior you can use .reorder or .unscope to remove the ORDER BY clause and generate another one.

Also, this release adds some performance improvements to make Rails 4 even faster.

CHANGES since 4.0.0

To view the changes for each gem, please read the changelogs on GitHub:

• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes:

• 6f2e4d74b34904b61a47187dd879dca3b26fc2d8 actionmailer-4.0.1.gem
• 063f16cfcf62f766a893fe09e35241bdae7cd70e actionpack-4.0.1.gem
• b50a071bd924fb27e4c41bb40c9cb483457bc21c activemodel-4.0.1.gem
• 1a8b173da2d8e2ae27edfeb99164c2574a1d7ddd activerecord-4.0.1.gem
• 9a58bc3c086628ef8028716eeb7c0cb0f8c7e39a activesupport-4.0.1.gem
• 4663f4d0607ff59cf0ae5a55b268d27d658fdcc8 rails-4.0.1.gem
• 22e23959dc14101697eb2bb8acc00a81cc6c3884 railties-4.0.1.gem

I’d like to thank you all, every contributor who helped with this release.

Hi everyone,

I am happy to announce that Rails 4.0.1.rc1 has been released. This is a bug fix release and includes more than 450 commits.

This release comes up with an important change on how Active Record handles subsequent order calls. In Rails 4.0.0 when you do something like this:

User.order("name asc").order("created_at desc")

The later called order will be prepended in the ORDER BY clause resulting on this SQL:

SELECT * FROM users ORDER BY created_at desc, name asc

In Rails 4.0.1 the behavior of Rails 3 has been restored and the generated ORDER BY clause looks like this:

SELECT * FROM users ORDER BY name asc, created_at desc

We chose to revert the behavior because it added a major backward incompatibility that made harder to have an upgrade path without major changes in the application code. So we took the most conservative path of reverting it to be consistent with the idea of having a smoother upgrade path to Rails 4.

Also, this release adds some performance improvements to make Rails 4 even faster.

If no regressions are found we will release 4.0.1 final this Tuesday, on October 22, 2013. If you find one, please open an Issue on GitHub and mention me (@rafaelfranca) on it, so that we can fix it before the final release.

CHANGES since 4.0.0

To view the changes for each gem, please read the changelogs on GitHub:

• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes:

• 482e0c05fb25ae9a8d261f301054fc182e7b4447 actionmailer-4.0.1.rc1.gem
• 4da9135cfc94be9fa2f25697247bacc5dad5a7ae actionpack-4.0.1.rc1.gem
• 205ac4e9fa0be619f636d2947005796be6b8ad9a activemodel-4.0.1.rc1.gem
• e2f1268614c91b9d9d4ca3dfecf2db5c59c10141 activerecord-4.0.1.rc1.gem
• 349fc20340fde7d36a755a2e739187659b082648 activesupport-4.0.1.rc1.gem
• 43b6b57d3c5eaeb2ac0bdea17e9c68a301293930 rails-4.0.1.rc1.gem
• f17137d25df9f10d6c1a3d31563c70cc82ad1525 railties-4.0.1.rc1.gem

I’d like to thank you all, every contributor who helped with this release.

Hi everyone,

I am happy to announce that Rails 3.2.15 has been released. This is a bug fix release and includes 56 commits.

This release also contains one security fix that you can read about here. Users are encouraged to upgrade as soon as possible.

CHANGES since 3.2.14

To view the changes for each gem, please read the changelogs on GitHub:

• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Resource CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes:

$ shasum *
3c9bf15a9b2ea5c4c3280638776f84783adefe6d  actionmailer-3.2.15.gem
34cc3d5cbcee97a4e57ee9d909f51f0f387991bb  actionpack-3.2.15.gem
b1c631dd75fffee2f34407aaf01405aef6c63a43  activemodel-3.2.15.gem
7c86074b47c3864943b719d5b969264e2ace722c  activerecord-3.2.15.gem
a95f88e30d1af9c377f01725282d0e581bd9f88f  activeresource-3.2.15.gem
08b57d2bf95fd16eb9bf1de144f7f0461894ee68  activesupport-3.2.15.gem
da220b9b6f37871d7f32f4c66fe33d42acc92a5a  rails-3.2.15.gem
66e189a5331dabc675459001d57e0fd906f3a888  railties-3.2.15.gem

I’d like to thank you all, every contributor who helped with this release, especially everyone who tried the release candidates.

Hi everyone,

I am happy to announce that Rails 3.2.14 has been released. This is a bug fix release and includes more than 150 commits.

I also want to announce that the next 3.2.x release, 3.2.15, will be the last bug fix release of this family. After it we will only release security fixes. So, if you have issues on 3.2.x that you think should be included on 3.2.15, let us know thought the GitHub issues page and in 3 months we’ll evaluate if it is time to release.

CHANGES since 3.2.13

Action Mailer

No changes.

Action Pack

• Merge :action from routing scope and assign endpoint if both :controller and :action are present. The endpoint assignment only occurs if there is no :to present in the options hash so should only affect routes using the shorthand syntax (i.e. endpoint is inferred from the the path).

  Fixes #9856

  Yves Senn, Andrew White

• Always escape the result of link_to_unless method.

  Before:

  link_to_unless(true, '<b>Showing</b>', 'github.com')
  # => "<b>Showing</b>"
  

  After:

  link_to_unless(true, '<b>Showing</b>', 'github.com')
  # => "&lt;b&gt;Showing&lt;/b&gt;"
  

  dtaniwaki

• Use a case insensitive URI Regexp for #asset_path.

  This fix a problem where the same asset path using different case are generating different URIs.

  Before:

  image_tag("HTTP://google.com")
  # => "<img alt=\"Google\" src=\"/assets/HTTP://google.com\" />"
  image_tag("http://google.com")
  # => "<img alt=\"Google\" src=\"http://google.com\" />"
  

  After:

  image_tag("HTTP://google.com")
  # => "<img alt=\"Google\" src=\"HTTP://google.com\" />"
  image_tag("http://google.com")
  # => "<img alt=\"Google\" src=\"http://google.com\" />"
  

  David Celis + Rafael Mendonça França

• Fix explicit names on multiple file fields. If a file field tag has the multiple option, it is turned into an array field (appending []), but if an explicit name is passed to file_field the [] is not appended. Fixes #9830.

  Ryan McGeary

• Fix assets loading performance in 3.2.13.

  Issue #8756 uses Sprockets for resolving files that already exist on disk, for those files their extensions don’t need to be rewritten.

  Fixes #9803.

  Fred Wu

• Fix ActionController#action_missing not being called. Fixes #9799.

  Janko Luin

• ActionView::Helpers::NumberHelper#number_to_human returns the number unaltered when the units hash does not contain the needed key, e.g. when the number provided is less than the largest key provided.

  Examples:

  number_to_human(123, units: {})                # => 123
  number_to_human(123, units: { thousand: 'k' }) # => 123
  

  Fixes #9269. Backport #9347.

  Michael Hoffman

• Include I18n locale fallbacks in view lookup. Fixes GH#3512.

  Juan Barreneche

• Fix ActionDispatch::Request#formats when the Accept request-header is an empty string. Fix #7774 [Backport #8977, #9541]

  Soylent + Maxime Réty

Active Model

No changes.

Active Record

• Do not re-create destroyed association when saving the parent object.

  Fixes #11450.

  Paul Nikitochkin

• Do not shallow the original exception in exec_cache on PostgreSQL adapter.

  Fixes #11260.

  Rafael Mendonça França

• Fix ActiveRecord::Store incorrectly tracking changes of its attributes. Fixes #10373.

  Janko Marohnić

• Fix a bug that prevented the use of the default STI inheritance column (ActiveRecord::Base.inheritance_column = ‘some_column’.)

  chapmajs + Takehiro Adachi

• Fix mysql2 adapter raises the correct exception when executing a query on a closed connection.

  Yves Senn

• Fixes bug where Company.new.contract_ids would incorrectly load all non-associated contracts.

  Example:

  company = Company.new # Company has many :contracts
  
  # before
  company.contract_ids # => SELECT ... WHERE `contracts`.`company_id` IS NULL
  
  # after
  company.contract_ids # => []
  

  Jared Armstrong

• Fix the :primary_key option for has_many associations. Fixes #10693.

  Yves Senn

• fixes bug introduced by #3329. Now, when autosaving associations, deletions happen before inserts and saves. This prevents a ‘duplicate unique value’ database error that would occur if a record being created had the same value on a unique indexed field as that of a record being destroyed.

  Backport of #10417

  Johnny Holton

• Fix that under some conditions, Active Record could produce invalid SQL of the sort: “SELECT DISTINCT DISTINCT”.

  Backport of #6792.

  Ben Woosley

• Require ActiveRecord::Base in railtie hooks for rake_tasks, console and runner to avoid circular constant loading issues.

  Backport #7695.

  Fixes #7683 and #882

  Ben Holley

• Maintain context for joins within ActiveRecord::Relation merges. Backport #10164.

  Neeraj Singh + Andrew Horner

• Make sure the EXPLAIN command is never triggered by a select_db call.

  Daniel Schierbeck

• Revert changes on pluck that was ignoring the select clause when the relation already has one. This caused a regression since it changed the behavior in a stable release.

  Fixes #9777.

  Rafael Mendonça França

• Confirm a record has not already been destroyed before decrementing counter cache.

  Ben Tucker

• Default values for PostgreSQL bigint types now get parsed and dumped to the schema correctly. Backport #10098.

  Erik Peterson

• Removed warning when auto_explain_threshold_in_seconds is set and the connection adapter doesn’t support explain. This is causing a regression since the Active Record Railtie is trying to connect to the development database in the application boot.

  Rafael Mendonça França

• Do not reset inheritance_column when it’s set explicitly. Backport of #5327.

  kennyj + Fred Wu

• Fix a problem wrong exception is occured when raising no translatable exception in PostgreSQL.

  kennyj

• Resets the postgres search path in the structure.sql after the structure is dumped in order to find schema_migrations table when multiples schemas are used. Fixes #9796.

  Juan M. Cuello + Dembskiy Alexander

• Reload the association target if it’s stale. @stale_state should be nil when a model isn’t saved. Fixes #7526.

  Larry Lv

• Don’t read CSV files during execution of db:fixtures:load. CSV support for fixtures was removed some time ago but the task was still loading them, even though later the code was looking for the related yaml file instead.

  kennyj

Active Resource

• Fixes an issue that ActiveResource models ignores ActiveResource::Base.include_root_in_json. Backported from the now separate repo rails/activeresouce.

  Xinjiang Lu

Active Support

• Make Time.at_with_coercion retain the second fraction and return local time.

  Fixes #11350

  Neer Friedman, Andrew White

• Fix ActiveSupport::TaggedLogging incorrectly providing program name the same as log message even when block is not provided.

  Carson Reinke

• Override Time.at to support the passing of Time-like values when called with a single argument.

  Andrew White

• Revert the changes on unicode character encoding from ActiveSupport::JSON.encode. This was causing a regression where the resulting string is always returning UTF-8. Also it changes the behavior of this method on a stable release. Fixes #9498.

  Rafael Mendonça França

• Fix ActiveSupport::TimeZone.parse when time is at a local DST jump. Fixes #9678.

  Andrew White

Railties

• Fix bugs that crashed rake test:benchmark, rails profiler and rails benchmarker. Fixes #4938. Backport rails/rails-perftest#2.

  Dmitry Vorotilin + Yves Senn

• Add support for runner hook.

  Backport #7695.

  Ben Holley

• Fixes bug with scaffold generator with --assets=false --resource-route=false. Fixes #9525.

  Arun Agrawal

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes:

• dd2333744644870efcd149e3adf3c3b6934ec6ed actionmailer-3.2.14.gem
• efcfc238115f7db57650dbab348d0b5192f98770 actionpack-3.2.14.gem
• d72fadd29e10e2ead9fb0d7371bed5a7fb32c044 activemodel-3.2.14.gem
• af7585f9a58d5e643d6e332daede4a0b8ee1de7a activerecord-3.2.14.gem
• 188924273139cea07032254987d748aee45f5800 activeresource-3.2.14.gem
• e221938399c9cb040ef9285f52b18bfa3e59b10a activesupport-3.2.14.gem
• a5d44cf4c65798e925d998f416804cd23c914001 rails-3.2.14.gem
• 4e99050427fb47ff515051e78eedf328c9ec5676 railties-3.2.14.gem

I’d like to thank you all, every contributor who helped with this release, especially everyone who tried the release candidates.