New Rails bug fix releases, closer to multi dbs and more!

Hey there, esteemed readers of Rails’ public repo tea leaves. It’s Kasper bringing you the latest hot cup to steel transcendence from.

This Week’s Contributors

Here goes a hey-o to the 16 contributors this week! You can make the list no doubt, try finding an open issue.

Rails 5.0.7 and 5.1.6 are out

New bug fix releases are out, so you can upgrade your apps today.

Easy Multi databases: basic rake tasks

For applications with multiple databases you always had to create your own rake tasks. No more! One of the stepping stones for Rails 6.0 to have multi db support out of the box is in.

Compare dates with before? and after?

To compare two dates and/or times we’d use the standard < and > operators. Now date arithmetic is a little easier with today.before?(tomorrow) and today.after?(yesterday). Thus joining today.between?(yesterday, tomorrow). Your app now has no excuse not to show up on time!

Allow prefixing store attributes

In the vein of delegate :name, to: :person, prefix: true adding person_name, your store attributes now houses the same trick to squash duplicate accessors. Also sports specific prefixes to really clear the path of method name clashing.

Favor app-wide config.force_ssl for HTTPS

Rails has long had a way to incrementally force users onto HTTPS, a controller level force_ssl! Times have changed and Rails 6.0 deprecates that option in favor of the app-wide config.force_ssl so every endpoint will use HTTPS.

There were many more changes to Rails’ codebase, which you can check out here.
Until next week!

Rails 5.0.7 and 5.1.6 have been released

Hi everyone,

I am happy to announce that Rails 5.0.7 and 5.1.6 have been released.

CHANGES since 5.0.6

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

CHANGES since 5.1.5

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 5.0.7:

$ shasum -a 256 *-5.0.7.gem
c023d1df2fd6f5e1ac042ad6a0338e8a2c4d1404484f8fe77121b81f10b75f2c  actioncable-5.0.7.gem
5f9b12f26ae8906d20b9f4784644853121a3b03f74a396943677fc30f91c2e35  actionmailer-5.0.7.gem
08e0d4582d1b37cc059aca1d19cd271e7bb575265093c4a99cb79d80dcb0d196  actionpack-5.0.7.gem
eb20007cc9ee40ee7a2f96147e9776394f72d59979b23da15f444a9906c17b8b  actionview-5.0.7.gem
e8a15b73302c02352da9463b134daf037841fec7d5d5c2ec97487456f96bb8d5  activejob-5.0.7.gem
fe35b1bbfb140c7416723e3a7d7ef2a78e8921739863d8a917a93131e2b7cc87  activemodel-5.0.7.gem
c6349cd59e29118aaed5d4d2414e87b427affd28925b7fe1559cb45a21152366  activerecord-5.0.7.gem
a595a42311ea13ce994b1feea3325cbbb1ac5c0bf40cd96c89797882121da7fb  activesupport-5.0.7.gem
76815a2a7e99c83b53ea52325c5bbc5ca15e25ecdfb741ea329ca153cf11ff84  rails-5.0.7.gem
e08b95ec3dbb708f9d449a01c083c66d47ddba2f373e4a2fd1bde2c7a92fdb48  railties-5.0.7.gem

Here are the checksums for 5.1.6:

$ shasum -a 256 *-5.1.6.gem
2e678b45852f242e5897a0d4e43dca1088fb3d5c350592b22768b502a085261f  actioncable-5.1.6.gem
ecbc307e66102b1406fba38f6d7c869fd763cafa98b02fd4f6049fd41d663de9  actionmailer-5.1.6.gem
8dcd333263bdea533de7ac8e087f530f20bde6167c3c02060b82630b90aee26f  actionpack-5.1.6.gem
0181e71b9d307425605c50aa70358148aa0dff270bf2e07dbb87acb3d3a7ddcd  actionview-5.1.6.gem
a291963337402f3dcd5aee1dff3fd980256742bb0cfa06c47315257d11d69a0a  activejob-5.1.6.gem
7e3d2904a524a18c4f710a170243eac706279a36142289431d3c504df665c881  activemodel-5.1.6.gem
1da0546d452cc9b25b900bc2616b57d1e41e24039c33466b46d7add27fdf13c7  activerecord-5.1.6.gem
94d2f2a9fe1a7421165e0014eaa4c8eb2d229f72dc9815cf7c2f0c595f05b521  activesupport-5.1.6.gem
b8301a87151de3feb7cbdf57a66842bb668493f4cec464fd0f67d4c7173b6051  rails-5.1.6.gem
482a97c40ff61f4e8aed5f449a5f54fcb3890ddd53c3a7dc0efd02a9da139e79  railties-5.1.6.gem

As always, huge thanks to the many contributors who helped with this release.

Rails 5.2.0.RC2, AWS authentication options and more

Hello fellow Rubyists, this is Wojtek bringing you the polished set of latest Rails news.
We do like to “polish” things here in Poland ;-)

Rails 5.2.0.RC2 released

Aiming for 5.2.0 final version to be released before the RailsConf in April. Help us test it, to have a solid and stable release.

This Week’s Contributors

Big thanks to 16 people who contributed to Rails this week! If you’d like to join them, check out the list of open issues.

Allow full use of the AWS S3 SDK authentication options

It’s now possible to use environment variables and IAM roles to authenticate to AWS in Active Storage.

Support mysql2 gem version 0.5

New version of mysql2 gem brings some bugfixes and features but also some backward incompatibilites. Check them out in changelog.

Memoize the result of calculating path to translation

Speeds up usage of I18n.translate. Benchmark included in the comments.

Use ASCII-8BIT paths in ActionDispatch::Static

Fixes encoding incompatibilites between Rack and Rails middlewares.

Remove support for Qu gem from Active Job

Qu gem wasn’t compatible since Rails 5.1. Development was stopped in 2014 and maintainers have confirmed its demise.

There were many more changes to Rails’ codebase, which you can check out here.
Until next week!

Rails 5.2.0 RC2: Active Storage, Redis Cache Store, HTTP/2 Early Hints, CSP, Credentials

It’s almost time for RailsConf, and we’re determined to get the final version of Rails 5.2 released before then. So here’s the hopefully last release candidate before that can happen. We’ve put a ton of into ironing out all the issues with Active Storage in particular, now that more and more applications are starting to use it in production.

You can peruse the nearly 200 commits since the first release candidate from the beginning of the year to see everything that has been fixed.

If you’re about to start a new application, I feel confident enough in this release to recommend that you should base it off this RC2. If you like to keep up with the latest release, now is also a great time to update your existing application.

You can read in even more detail about everything that’s new in Rails 5.2 in the newly finished release notes.

Enjoy Rails 5.2 and hope to see a good portion of everybody at RailsConf in a month or so!

Recap of the highlights of Rails 5.2 from the beta announcement

It’s been too hard to deal with file uploads in Rails for too long. Sure, there’s been a lot of fine plugins available, but it was overdue that we incorporated something right into the framework. So now we have!

With the new Active Storage framework in Rails 5.2, we’ve solved for the modern approach of uploading files straight to the cloud. Out of the box, there’s support for Amazon’s S3, Google’s Cloud Storage, and Microsoft Azure Cloud File Storage.

If you’re dealing with images, you can create variants on the fly. If you’re dealing with videos or PDFs, you can create previews on the fly. And regardless of the type, you can analyze uploads for metadata extraction asynchronously.

Active Storage was extracted from Basecamp 3 by George Claghorn and yours truly. So not only is the framework already used in production, it was born from production. There’s that Extraction Design guarantee stamp alright!

Speaking of extractions, Jeremy Daer has untangled the long jungle twine of hacks we were using at Basecamp to employ Redis for general partial, fragment, and other Rails caching jobs. There’s a sparkling new Redis Cache Store that incorporates all those years of veteran hacks into a cohesive unit that anyone can use.

This new Redis Cache Store supports Redis::Distributed, for Memcached-like sharding across Redises. It’s fault tolerant, so will treat failures like misses, rather than kill the request with an exception. It even supports distributed MGETs for that full partial collection caching goodness.

This comes together with a massive leap forward for cache efficiency with key recycling and compression both available by default. For Basecamp, it meant improving the cache lifetime by two orders of magnitude! We went from having caches trashed in as little as a day to having caches last for months. If you’re using partial caching and the nesting doll strategy, your cache lifetime will improve dramatically between these two changes.

We’ve also embraced the cherry of HTTP/2 with early hints through the work of Aaron Patterson and Eileen Uchitelle. This means we can automatically instruct the web server to send required style sheet and JavaScript assets early. Which means faster full page delivery, as who wouldn’t want that?

On the topic of performance, Rails now ships with Bootsnap in the default Gemfile, created by our friends at Shopify. It generally reduces application boot times by over 50%.

Rails has always been in the forefront of making your web applications more secure, leading the way with built-in CSRF and XSS protection and we’ve enhanced that further in Rails 5.2 with the addition of a new DSL that allows you to configure a Content Security Policy for your application. You can configure a global default policy and then override it on a per-resource basis and even use lambdas to inject per-request values into the header such as account subdomains in a multi-tenant application.

But it’s not all just new starry-eyed wonders. In Rails 5.1, we added encrypted secrets. These secrets were like the old secrets but, uhm, more secret, because, you know, ENCRYPTION! Confusing? Yes. Why would you want secrets that weren’t really secret? Well, you don’t.

In Rails 5.2, we’ve rectified the mess by deprecating the two different kinds of secrets and introduced a new shared concept called Credentials. Credentials, like AWS access keys and other forms of logins and passwords, were the dominant use case for secrets, so why not just call a spade a spade. So spade it is!

Credentials are always encrypted. This means they’re safe to check into revision control, as long as you keep the key out of it. That means atomic deploys, no need to mess with a flurry of environment variables, and other benefits of having all credentials that the app needs in one place, safe and secure.

In addition, we’ve opened up the API underlying Credentials, so you can easily deal with other encrypted configurations, keys, and files.

Since Rails 5.1, we’ve also made great strides with Webpacker. So Rails 5.2 is meant to pair beautifully with the new Webpacker 3.0 release. Rails has fully embraced modern JavaScript with a pre-configured build pipeline run by Webpack. We keep strengthening that relationship.

Time column improvements and bugfixes!

Hello everyone! This is Greg bringing you the latest news from the Rails world.

This Week’s Contributors

15 people contributed to Rails this week! If you’d like to join them, why not check out the list of open issues?

Time column improvements

This commit applies precision when assigning values to time columns, fixes issues with time columns not being normalised on SQLite and ensures that the date component from a time is stripped for MySQL and PostgreSQL.

RedisCacheStore configuration fix

When RedisCacheStore is initialised it  should take a redis instance but it didn’t before this patch.

Fix multiline expression indexes for postgresql

This commit fixes an issue with Active Record’s PostgreSQL adapter when an index is defined by an expression.

That’s it for this week. Many more changes were introduced to Rails than were featured here, check out the full week of commit activity to learn more!

Until next time!

Rails 5.1.5, parallel testing and more!

Hello everyone! This is Roque bringing you the latest news from the Rails world.

Rails 5.1.5 released 🎉

Release 5.1.5 is out, but you can still help the community by testing 5.2.0.rc1 to ensure it is solid.

This Week’s Contributors

26 people contributed to Rails the past week! If you’d like to join them, why not check out the list of open issues?

On writing software well: pilot episode

This is first of a serie of episodes recently released by DHH. Check out the full list on YouTube.

Parallel testing

In Rails 6.0.0, new application will run tests in parallel by default. The number of parallel workers is customizable, and which one will have its own temporary database. I recommend reading the awesome pull request description. Good job!

Custom serializers for Active Job arguments

This brings more flexibility on how arguments are passed to jobs. Arguments can be serialized using a simple interface described here.

Add #create_or_find_by

This is similar to #find_or_create_by, but avoids querying the table first before attempting to insert a row. The new approach relies on unique constraints to try inserting a row first, and selecting later. This is very helpful to high throughput application that could have data changes between a SELECT and a INSERT.

Add support for connection pooling on Redis cache store

This will keep the number of Redis connections under control.

That’s it for this week. Many more changes were introduced to Rails than were featured here, check out the full week of commit activity to learn more!

Until next time!

Rails 5.1.5 has been released

Hi everyone,

I am happy to announce that Rails 5.1.5 has been released.

CHANGES since 5.1.4

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 5.1.5:

$ shasum -a 256 *-5.1.5.gem
877ff84da386dafdd5d8fc5f8fccd2d87be59cbbfdd2dcac378fb3672c3eb554  actioncable-5.1.5.gem
9c690209cdd6da82ab335db6195f8179afd5e36ed64a70d63a1c78f34d3150e4  actionmailer-5.1.5.gem
ed592c0b6a729bd5b96daa11b7a9cc9f930c5fd69650184519d3957e0063eeaa  actionpack-5.1.5.gem
47ac593df4dc8b1e9e80be8118c61dba0046dc53dd470eecdab1af33233bcc95  actionview-5.1.5.gem
e063e2042173723a5b135efbe9c4c1cd9a0cf49b28047ae8ef7113b8fc43ecef  activejob-5.1.5.gem
dddd51d8682d96c14adc5b9064b8c8ed544e4de8bfe69845d80464c2e78a61fe  activemodel-5.1.5.gem
fc11c06b9cd40b9871c6a82d6497bb0755991846fb3712a1433ee5ad23fc3572  activerecord-5.1.5.gem
d9b548c63c547b8d6b4c98ca6f8a61d21833ea33a09e7a2295156344d2996c5a  activesupport-5.1.5.gem
fee9771fc53f3060875267a6789aea9e35975e5c344ff5c3175e27be92a01561  rails-5.1.5.gem
fa9747717cc279d4dce56a7a75a230dfce8f166a5be120bc2f2f38b91925aa43  railties-5.1.5.gem

As always, huge thanks to the many contributors who helped with this release.

Rails 5.2.0 and 5.1.5 release candidates, marshaling performance and more!

Hey there, news attenuated people of planet Rails! It’s your trusty prudent editor / local dimwit Kasper here with This Week in Rails. As always we both cover and cower at the highlight reel of Rails’ past week.

Lets slow our roll a bit to pursue what’s meaningful not merely what’s expedient!

Help test Rails 5.2.0.rc1 and 5.1.5.rc1

This week came the release candidate of the next Rails release. Bundle it, run your tests, boot a server — maybe even try it a bit in production. That’ll really help ensure 5.2.0 is solid gold.

If you’re not 5.2 ready yet, Rails 5.1.5.rc1 is also ready to test.

This Week’s Contributors

29 contributors crossed the tangled weave of the web this week to get their commits lobbed straight on to Rails’ master branch. That master branch, by the way, is now targeting Rails 6.0.

Disable CSP by default

Rails 5.2 ships with a DSL to declare Content Security Policies. The default policy interfered with Rails’ UJS and required some extra that the team didn’t have time for to do now. So the aim is to have a default security policy in place for Rails 6.0.

Active Record: recovers marshaling performance

Loading and dumping marshaled Active Record instances is now back to the speeds they were at in Rails 4.2. Peachy keen.

X-Request-Id respects Apache’s @-signs

Apache X-Request-Id headers can contain @-signs. While I don’t wanna speak out of school, I do feel quite comfortable yelling: WHY SHOULD THEY HAVE ALL THE FUN! So now we can flaunt that ability too. don’t @ me, though.

That’s it for this week. Many more changes were introduced to Rails than were featured here, check out the full week of commit activity to learn more!

Until next time!

Rails 5.1.5.rc1 has been released!

Hi everyone,

I am happy to announce that Rails 5.1.5.rc1 has been released.

If no regressions are found, expect the final release on Tuesday, February 6, 2018. If you find one, please open an issue on GitHub and mention me (@rafaelfranca) on it, so that we can fix it before the final release.

CHANGES since 5.1.4

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 5.1.5.rc1:

$ shasum -a 256 *-5.1.5.rc1.gem
3efbb4f001a97abce94694a09ebd9108277d1978b6b7290a2bfb431c121021de  actioncable-5.1.5.rc1.gem
7b06628240fc5fee17a56b8d50ecc47469c6be54f3e25cdbd46aa79a0f8f0bc6  actionmailer-5.1.5.rc1.gem
70c6b43e55bad35fc1977fa33b3ec56ab630996befa7cfcb350865fadb9a588a  actionpack-5.1.5.rc1.gem
a88146826ae7753cf50607fe56dfeff7cf80de88a3e6fbf54102365f666ab0d8  actionview-5.1.5.rc1.gem
66ec7a29c5b36f30027a752d0e6c1960c0e22da7a4a1fa81fb122c068fe1dd7d  activejob-5.1.5.rc1.gem
6156e7530215cc9c1aff5a9fa08f587fe014c9fed07f03e7ef159233b5460e4c  activemodel-5.1.5.rc1.gem
2cc375e96454fc3222e620f3183482365baa1c8d9da7f905dde7c86d9b1c5132  activerecord-5.1.5.rc1.gem
f451182d63ba5f1229f91d5e96c4eaf31be1261509576d0a3c6118a275472cb4  activesupport-5.1.5.rc1.gem
aab580fb652a277b9b3801cecd8d93735de02ca650481bf34cef71de6f51f064  rails-5.1.5.rc1.gem
0a42aaed4a53a4f503358c26e797e6593fbf02ec20537205f9f75818e81ea0c5  railties-5.1.5.rc1.gem

As always, huge thanks to the many contributors who helped with this release.

Rails 5.2.0 RC1: Active Storage, Redis Cache Store, HTTP/2 Early Hints, CSP, Credentials

It’s been two months since the first beta release of Rails 5.2, and we’ve spent the time since to improve, polish, and tweak the release in all sorts of lovely ways for this first release candidate.

Our headline feature, the new Active Storage framework, has been expanded with deeper content-type identification, as well as a ton of other improvements. It also had a few extra months of battle-testing in production at both Basecamp and elsewhere. It’s a very solid framework out the box.

During the beta, we’ve also managed to squeeze in a few additional improvements. Like super-fast fixture loading, custom error handling on Active Job discarding, and call-site logging for Active Record queries in development. The wheels never stop turning!

So we’re getting close. Basecamp and lots of other shops have already been running the Rails 5.2 beta in production for months. Our target for either the next release candidate or final, depending on the severity of issues that may pop up, is before the end of February. But since this is a release candidate, we’ll already now move rails/master to rails/5-2-stable, and thus free up rails/master to target Rails 6.0 development.

Thanks again to everyone who continue to pour their love and support into Ruby on Rails!

Recap of the highlights of Rails 5.2 from the beta announcement

It’s been too hard to deal with file uploads in Rails for too long. Sure, there’s been a lot of fine plugins available, but it was overdue that we incorporated something right into the framework. So now we have!

With the new Active Storage framework in Rails 5.2, we’ve solved for the modern approach of uploading files straight to the cloud. Out of the box, there’s support for Amazon’s S3, Google’s Cloud Storage, and Microsoft Azure Cloud File Storage.

If you’re dealing with images, you can create variants on the fly. If you’re dealing with videos or PDFs, you can create previews on the fly. And regardless of the type, you can analyze uploads for metadata extraction asynchronously.

Active Storage was extracted from Basecamp 3 by George Claghorn and yours truly. So not only is the framework already used in production, it was born from production. There’s that Extraction Design guarantee stamp alright!

Speaking of extractions, Jeremy Daer has untangled the long jungle twine of hacks we were using at Basecamp to employ Redis for general partial, fragment, and other Rails caching jobs. There’s a sparkling new Redis Cache Store that incorporates all those years of veteran hacks into a cohesive unit that anyone can use.

This new Redis Cache Store supports Redis::Distributed, for Memcached-like sharding across Redises. It’s fault tolerant, so will treat failures like misses, rather than kill the request with an exception. It even supports distributed MGETs for that full partial collection caching goodness.

This comes together with a massive leap forward for cache efficiency with key recycling and compression both available by default. For Basecamp, it meant improving the cache lifetime by two orders of magnitude! We went from having caches trashed in as little as a day to having caches last for months. If you’re using partial caching and the nesting doll strategy, your cache lifetime will improve dramatically between these two changes.

We’ve also embraced the cherry of HTTP/2 with early hints through the work of Aaron Patterson and Eileen Uchitelle. This means we can automatically instruct the web server to send required style sheet and JavaScript assets early. Which means faster full page delivery, as who wouldn’t want that?

On the topic of performance, Rails now ships with Bootsnap in the default Gemfile, created by our friends at Shopify. It generally reduces application boot times by over 50%.

Rails has always been in the forefront of making your web applications more secure, leading the way with built-in CSRF and XSS protection and we’ve enhanced that further in Rails 5.2 with the addition of a new DSL that allows you to configure a Content Security Policy for your application. You can configure a global default policy and then override it on a per-resource basis and even use lambdas to inject per-request values into the header such as account subdomains in a multi-tenant application.

But it’s not all just new starry-eyed wonders. In Rails 5.1, we added encrypted secrets. These secrets were like the old secrets but, uhm, more secret, because, you know, ENCRYPTION! Confusing? Yes. Why would you want secrets that weren’t really secret? Well, you don’t.

In Rails 5.2, we’ve rectified the mess by deprecating the two different kinds of secrets and introduced a new shared concept called Credentials. Credentials, like AWS access keys and other forms of logins and passwords, were the dominant use case for secrets, so why not just call a spade a spade. So spade it is!

Credentials are always encrypted. This means they’re safe to check into revision control, as long as you keep the key out of it. That means atomic deploys, no need to mess with a flurry of environment variables, and other benefits of having all credentials that the app needs in one place, safe and secure.

In addition, we’ve opened up the API underlying Credentials, so you can easily deal with other encrypted configurations, keys, and files.

Since Rails 5.1, we’ve also made great strides with Webpacker. So Rails 5.2 is meant to pair beautifully with the new Webpacker 3.0 release. Rails has fully embraced modern JavaScript with a pre-configured build pipeline run by Webpack. We keep strengthening that relationship.