Sven Fuchs gave a great presentation at RailsConf Europe about the history and details of the forth-coming I18n support in Rails 2.2. Well worth reading if you’re in need of internationalization services for your current or future app.
To install, just do:
gem install rails --version 2.1.1.
Next upcoming release will be Rails 2.2 beta which is quite close.
I’m pleased to finally announce the Rails Guides Hackfests. And we got really exciting prizes too! There is a list of guides available at Lighthouse You can select one of those, update the ticket and start writing the guide straight away.
For each completed guide, the author will receive all of the following prizes :
- $200 from Caboose Rails Documentation Project
- 1 year of GitHub Micro account
- 1 year of RPM Basic (Production performance management) for up to 10 hosts
You can find more details at http://hackfest.rubyonrails.org/guide
Special thanks to GitHub, Newrelic & Caboose documentation project for making the hackfest a lot more exciting!
Thanks to Git it’s been a lot easier to maintain older branches of the code base, so we’ve taken the opportunity to backport a bunch of bug fixes to the 2.0 branch and here’s the release for that.
The only major issue is that we’ve fixed the REXML DoS vulnerability with a monkey patch that ships in the box. So if you’re on 2.0 and haven’t dealt with the issue already, you can upgrade to 2.0.4 and get it fixed.
You can install with:
gem install rails --version 2.0.4
UPDATE: The actual 2.0.4 gem didn’t get published yesterday due to a bug in the release script. It’s been fixed and 2.0.4 is actually available on the main gem repository. Sorry about that!
I’ve been receiving some very moving stories about how people came to be Rails programmers from incredibly diverse backgrounds over the years. I even talked to a taxi driver once who was taking me to the airport that was doing Rails. Or the guys who were looking to quit programming who started enjoying it again with Rails.
All these are powerful stories that I’d love if we could share with the world. So let’s try to do that! If you have a great story about how you came to Rails, then please send it to david at loudthinking dot com with the subject “My Rails story”. I’ll filter all those into a folder and we’ll find a way to publish them.
We have a twitter account for Rails at http://twitter.com/rails. You can follow it to receive regular updates about the framework.
Rails 2.2 is going to make it much, much easier to do internationalized sites. Check out Clemens Kofler’s sample app running live or peruse his code. Thread safety? Internationalization? What stock objections to Rails will we have left?!
Juggernaut is a combination of a small Ruby server, a Flash bridge, and a plugin that makes it easy to do server-side push systems in Rails. I played with this idea with Rich Killmer a few years ago and even made a small demo system to present at a conference, but never made it to the finish line of something releasable. So it’s fantastic to see that the guys behind Juggernaut did.
The ruby-security team have published an advisory about a DoS bug affecting REXML users. Almost all rails applications will be affected by this vulnerability and you’re strongly advised to take the mitigating steps recommended in the advisory. If you’re not sure whether your application could be affected, you should upgrade.
The announcement contains details describing the monkeypatch solution, but to summarise:
Versions 1.2.6 and earlier
- Copy the fix file into RAILS_ROOT/lib
- Require the file from environment.rb
Versions 2.0.0 and later
Copy the fix file into RAILS_ROOT/config/initializers, it will be required automatically.
This fix is also available as a gem, to install it run:gem install rexml-expansion-fix
Then add require ‘rexml-expansion-fix’ to your environment.rb file. The manual fix and the gem are identical, if you have applied one you do not need to apply the other.
Josh Peek has been a defacto Rails core committer for a while, but for some reason we’ve never actually made the appointment official. So here it goes: Josh Peek is the latest Rails core team member. Three cheers hurray!
Josh has been working on a Google Summer of Code project to bring thread safety to Rails and is just about ready to wrap it up. Rails 2.2 will be thread safe thanks to the work that Josh has put into it.
Of more importance, though, is the significant effort put into making things faster and cleaner as part of that push. The actual thread safety won’t really matter much to most people, but it’ll surely look nice on your enterprisey check list of Features Your Framework Must Have To Get Play Around Here.
In any case, please welcome Josh!