Releases: rails/rails
7.1.0.beta1
Active Support
-
Add
drb
,mutex_m
andbase64
that are bundled gem candidates for Ruby 3.4Yasuo Honda
-
When using cache format version >= 7.1 or a custom serializer, expired and
version-mismatched cache entries can now be detected without deserializing
their values.Jonathan Hefner
-
Make all cache stores return a boolean for
#delete
Previously the
RedisCacheStore#delete
would return1
if the entry
exists and0
otherwise. Now it returns true if the entry exists and false
otherwise, just like the other stores.The
FileStore
would returnnil
if the entry doesn't exists and returns
false
now as well.Petrik de Heus
-
Active Support cache stores now support replacing the default compressor via
a:compressor
option. The specified compressor must respond todeflate
andinflate
. For example:module MyCompressor def self.deflate(string) # compression logic... end def self.inflate(compressed) # decompression logic... end end config.cache_store = :redis_cache_store, { compressor: MyCompressor }
Jonathan Hefner
-
Active Support cache stores now support a
:serializer
option. Similar to
the:coder
option, serializers must respond todump
andload
. However,
serializers are only responsible for serializing a cached value, whereas
coders are responsible for serializing the entireActiveSupport::Cache::Entry
instance. Additionally, the output from serializers can be automatically
compressed, whereas coders are responsible for their own compression.Specifying a serializer instead of a coder also enables performance
optimizations, including the bare string optimization introduced by cache
format version 7.1.The
:serializer
and:coder
options are mutually exclusive. Specifying
both will raise anArgumentError
.Jonathan Hefner
-
Fix
ActiveSupport::Inflector.humanize(nil)
raisingNoMethodError: undefined method `end_with?' for nil:NilClass
.James Robinson
-
Don't show secrets for
ActiveSupport::KeyGenerator#inspect
.Before:
ActiveSupport::KeyGenerator.new(secret).inspect "#<ActiveSupport::KeyGenerator:0x0000000104888038 ... @secret=\"\\xAF\\bFh]LV}q\\nl\\xB2U\\xB3 ... >"
After:
ActiveSupport::KeyGenerator::Aes256Gcm(secret).inspect "#<ActiveSupport::KeyGenerator:0x0000000104888038>"
Petrik de Heus
-
Improve error message when EventedFileUpdateChecker is used without a
compatible version of the Listen gemHartley McGuire
-
Add
:report
behavior for DeprecationSetting
config.active_support.deprecation = :report
uses the error
reporter to report deprecation warnings toActiveSupport::ErrorReporter
.Deprecations are reported as handled errors, with a severity of
:warning
.Useful to report deprecations happening in production to your bug tracker.
Étienne Barrié
-
Rename
Range#overlaps?
to#overlap?
and add alias for backwards compatibilityChristian Schmidt
-
Fix
EncryptedConfiguration
returning incorrect values for someHash
methodsHartley McGuire
-
Don't show secrets for
MessageEncryptor#inspect
.Before:
ActiveSupport::MessageEncryptor.new(secret, cipher: "aes-256-gcm").inspect "#<ActiveSupport::MessageEncryptor:0x0000000104888038 ... @secret=\"\\xAF\\bFh]LV}q\\nl\\xB2U\\xB3 ... >"
After:
ActiveSupport::MessageEncryptor.new(secret, cipher: "aes-256-gcm").inspect "#<ActiveSupport::MessageEncryptor:0x0000000104888038>"
Petrik de Heus
-
Don't show contents for
EncryptedConfiguration#inspect
.Before:
Rails.application.credentials.inspect "#<ActiveSupport::EncryptedConfiguration:0x000000010d2b38e8 ... @config={:secret=>\"something secret\"} ... @key_file_contents=\"915e4ea054e011022398dc242\" ...>"
After:
Rails.application.credentials.inspect "#<ActiveSupport::EncryptedConfiguration:0x000000010d2b38e8>"
Petrik de Heus
-
ERB::Util.html_escape_once
always returns anhtml_safe
string.This method previously maintained the
html_safe?
property of a string on the return
value. Because this string has been escaped, however, not marking it ashtml_safe
causes
entities to be double-escaped.As an example, take this view snippet:
<p><%= html_escape_once("this & that & the other") %></p>
Before this change, that would be double-escaped and render as:
<p>this &amp; that &amp; the other</p>
After this change, it renders correctly as:
<p>this & that & the other</p>
Fixes #48256
Mike Dalessio
-
Deprecate
SafeBuffer#clone_empty
.This method has not been used internally since Rails 4.2.0.
Mike Dalessio
-
MessageEncryptor
,MessageVerifier
, andconfig.active_support.message_serializer
now accept:message_pack
and:message_pack_allow_marshal
as serializers.
These serializers require themsgpack
gem
(>= 1.7.0).The Message Pack format can provide improved performance and smaller payload
sizes. It also supports round-tripping some Ruby types that are not supported
by JSON. For example:verifier = ActiveSupport::MessageVerifier.new("secret") data = [{ a: 1 }, { b: 2 }.with_indifferent_access, 1.to_d, Time.at(0, 123)] message = verifier.generate(data) # BEFORE with config.active_support.message_serializer = :json verifier.verified(message) # => [{"a"=>1}, {"b"=>2}, "1.0", "1969-12-31T18:00:00.000-06:00"] verifier.verified(message).map(&:class) # => [Hash, Hash, String, String] # AFTER with config.active_support.message_serializer = :message_pack verifier.verified(message) # => [{:a=>1}, {"b"=>2}, 0.1e1, 1969-12-31 18:00:00.000123 -0600] verifier.verified(message).map(&:class) # => [Hash, ActiveSupport::HashWithIndifferentAccess, BigDecimal, Time]
The
:message_pack
serializer can fall back to deserializing with
ActiveSupport::JSON
when necessary, and the:message_pack_allow_marshal
serializer can fall back to deserializing withMarshal
as well as
ActiveSupport::JSON
. Additionally, the:marshal
,:json
, and
:json_allow_marshal
serializers can now fall back to deserializing with
ActiveSupport::MessagePack
when necessary. These behaviors ensure old
messages can still be read so that migration is easier.Jonathan Hefner
-
A new
7.1
cache format is available which includes an optimization for
bare string values such as view fragments.The
7.1
cache format is used by default for new apps, and existing apps
can enable the format by settingconfig.load_defaults 7.1
or by setting
config.active_support.cache_format_version = 7.1
inconfig/application.rb
or aconfig/environments/*.rb
file.Cache entries written using the
6.1
or7.0
cache formats can be read
when using the7.1
format. To perform a rolling deploy of a Rails 7.1
upgrade, wherein servers that have not yet been upgraded must be able to
read caches from upgraded servers, leave the cache format unchanged on the
first deploy, then enable the7.1
cache format on a subsequent deploy.Jonathan Hefner
-
Active Support cache stores can now use a preconfigured serializer based on
ActiveSupport::MessagePack
via the:serializer
option:config.cache_store = :redis_cache_store, { serializer: :message_pack }
The
:message_pack
serializer can reduce cache entry sizes and improve
performance, but requires themsgpack
gem
(>= 1.7.0).The
:message_pack
serializer can read cache entries written by the default
serializer, and the default serializer can now read entries written by the
:message_pack
serializer. These behaviors make it easy to migrate between
serializer without invalidating the entire cache.Jonathan Hefner
-
Object#deep_dup
no longer duplicate named classes and modules.Before:
hash = { class: Object, module: Kernel } hash.deep_dup # => {:class=>#<Class:0x00000001063ffc80>, :module=>#<Module:0x00000001063ffa00>}
After:
hash = { class: Object, module: Kernel } hash.deep_dup # => {:class=>Object, :module=>Kernel}
Jean Boussier
-
Consistently raise an
ArgumentError
if theActiveSupport::Cache
key is blank.Joshua Young
-
Deprecate usage of the singleton
ActiveSupport::Deprecation
.All usage of
ActiveSupport::Deprecation
as a singleton is deprecated, the most common one being
ActiveSupport::Deprecation.warn
. Gem authors should now create their own deprecator (ActiveSupport::Deprecation
object), and use it to emit deprecation warnings.Calling any of the following without specifying a deprecator argument is also deprecated:
- Module.deprecate
- deprecate_constant
- DeprecatedObjectProxy
- DeprecatedInstanceVariableProxy
- DeprecatedConstantProxy
- deprecation-related test assertions
Use of
ActiveSupport::Deprecation.silence
and configuration methods likebehavior=
, `disallowe...
7.0.8
Active Support
-
Fix
TimeWithZone
still using deprecated#to_s
whenENV
orconfig
to
disable it are set.Hartley McGuire
-
Fix CacheStore#write_multi when using a distributed Redis cache with a connection pool.
Fixes #48938.
Jonathan del Strother
Active Model
- No changes.
Active Record
-
Fix
change_column
not settingprecision: 6
ondatetime
columns when
using 7.0+ Migrations and SQLite.Hartley McGuire
-
Fix unscope is not working in specific case
Before:
Post.where(id: 1...3).unscope(where: :id).to_sql # "SELECT `posts`.* FROM `posts` WHERE `posts`.`id` >= 1 AND `posts`.`id` < 3"
After:
Post.where(id: 1...3).unscope(where: :id).to_sql # "SELECT `posts`.* FROM `posts`"
Fixes #48094.
Kazuya Hatanaka
-
Fix associations to a STI model including a
class_name
parameterclass Product < ApplicationRecord has_many :requests, as: :requestable, class_name: "ProductRequest", dependent: :destroy end # STI tables class Request < ApplicationRecord belongs_to :requestable, polymorphic: true validate :request_type, presence: true end class ProductRequest < Request belongs_to :user end
Accessing such association would lead to:
table_metadata.rb:22:in `has_column?': undefined method `key?' for nil:NilClass (NoMethodError)
Romain Filinto
-
Fix
change_table
setting datetime precision for 6.1 MigrationsHartley McGuire
-
Fix change_column setting datetime precision for 6.1 Migrations
Hartley McGuire
Action View
-
Fix
form_for
missing the hidden_method
input for models with a
namespaced route.Hartley McGuire
-
Fix
render collection: @records, cache: true
insidejbuilder
templatesThe previous fix that shipped in
7.0.7
assumed template fragments are always strings,
this isn't true withjbuilder
.Jean Boussier
Action Pack
-
Fix
HostAuthorization
potentially displaying the value of the
X_FORWARDED_HOST header when the HTTP_HOST header is being blocked.Hartley McGuire, Daniel Schlosser
Active Job
-
Fix Active Job log message to correctly report a job failed to enqueue
when the adapter raises anActiveJob::EnqueueError
.Ben Sheldon
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
-
Omit
webdrivers
gem dependency fromGemfile
templateSean Doyle
7.0.7.2
No changes between this and 7.0.7.2. This release was just to fix file permissions in the previous release.
7.0.7.1
Active Support
-
Use a temporary file for storing unencrypted files while editing
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- No changes.
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
v6.1.7.6
No changes between this and 6.1.7.5. This release was just to fix file permissions in the previous release.
6.1.7.5 Release
Active Support
-
Use a temporary file for storing unencrypted files while editing
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- No changes.
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
7.0.7
Active Support
-
Fix
Cache::NullStore
with local caching for repeated reads.fatkodima
-
Fix
to_s
with no arguments not respecting custom:default
formatsHartley McGuire
-
Fix
ActiveSupport::Inflector.humanize(nil)
raisingNoMethodError: undefined method `end_with?' for nil:NilClass
.James Robinson
-
Fix
Enumerable#sum
forEnumerator#lazy
.fatkodima, Matthew Draper, Jonathan Hefner
-
Improve error message when EventedFileUpdateChecker is used without a
compatible version of the Listen gemHartley McGuire
Active Model
-
Error.full_message now strips ":base" from the message.
zzak
-
Add a load hook for
ActiveModel::Model
(namedactive_model
) to match the load hook for
ActiveRecord::Base
and allow for overriding aspects of theActiveModel::Model
class.
Active Record
-
Restores functionality to the missing method when using enums and fixes.
paulreece
-
Fix
StatementCache::Substitute
with serialized type.ywenc
-
Fix
:db_runtime
on notification payload when application have multiple databases.Eileen M. Uchitelle
-
Correctly dump check constraints for MySQL 8.0.16+.
Steve Hill
-
Fix
ActiveRecord::QueryMethods#in_order_of
to includenil
s, to match the
behavior ofEnumerable#in_order_of
.For example,
Post.in_order_of(:title, [nil, "foo"])
will now include posts
withnil
titles, the same asPost.all.to_a.in_order_of(:title, [nil, "foo"])
.fatkodima
-
Revert "Fix autosave associations with validations added on
:base
of the associated objects."This change intended to remove the :base attribute from the message,
but broke many assumptions which key these errors were stored.zzak
-
Fix
#previously_new_record?
to return true for destroyed records.Before, if a record was created and then destroyed,
#previously_new_record?
would return true.
Now, any UPDATE or DELETE to a record is considered a change, and will result in#previously_new_record?
returning false.Adrianna Chang
-
Revert breaking changes to
has_one
relationship deleting the old record before the new one is validated.zzak
-
Fix support for Active Record instances being uses in queries.
As of
7.0.5
, query arguments were deep duped to avoid mutations impacting
the query cache, but this had the adverse effect to clearing the primary key when
the query argument contained anActiveRecord::Base
instance.This broke the
noticed
gem.Jean Boussier
Action View
-
Fix
render collection: @records, cache: true
to cache fragments as bare stringsPreviously it would incorrectly cache them as Action View buffers.
Jean Boussier
-
Don't double-encode nested
field_id
andfield_name
index valuesPass
index: @options
as a default keyword argument tofield_id
and
field_name
view helper methods.Sean Doyle
Action Pack
- No changes.
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
-
Update default scaffold templates to set 303 (See Other) as status code
on redirect for the update action for XHR requests other than GET or POST
to avoid issues (e.g browsers trying to follow the redirect using the
original request method resulting in double PATCH/PUT)Guillermo Iguaran
7.0.6
Active Support
-
Fix
EncryptedConfiguration
returning incorrect values for someHash
methodsHartley McGuire
-
Fix arguments being destructed
Enumerable#many?
with block.Andrew Novoselac
-
Fix humanize for strings ending with id.
fatkodima
Active Model
- No changes.
Active Record
-
Fix autosave associations with validations added on
:base
of the associated objects.fatkodima
-
Fix result with anonymous PostgreSQL columns of different type from json.
Oleksandr Avoiants
-
Preserve timestamp when setting an
ActiveSupport::TimeWithZone
value totimestamptz
attribute.fatkodima
-
Fix where on association with has_one/has_many polymorphic relations.
Before:
Treasure.where(price_estimates: PriceEstimate.all) #=> SELECT (...) WHERE "treasures"."id" IN (SELECT "price_estimates"."estimate_of_id" FROM "price_estimates")
Later:
Treasure.where(price_estimates: PriceEstimate.all) #=> SELECT (...) WHERE "treasures"."id" IN (SELECT "price_estimates"."estimate_of_id" FROM "price_estimates" WHERE "price_estimates"."estimate_of_type" = 'Treasure')
Lázaro Nixon
-
Fix decrementing counter caches on optimistically locked record deletion
fatkodima
-
Ensure binary-destined values have binary encoding during type cast.
Matthew Draper
-
Preserve existing column default functions when altering table in SQLite.
fatkodima
-
Remove table alias added when using
where.missing
orwhere.associated
.fatkodima
-
Fix
Enumerable#in_order_of
to only flatten first level to preserve nesting.Miha Rekar
Action View
- No changes.
Action Pack
- No changes.
Active Job
-
Fix error Active Job passed class with
permitted?
.Alex Baldwin
Action Mailer
- No changes.
Action Cable
-
Fix Action Cable Redis configuration with sentinels.
Dmitriy Ivliev
Active Storage
-
Fix retrieving rotation value from FFmpeg on version 5.0+.
In FFmpeg version 5.0+ the rotation value has been removed from tags.
Instead the value can be found in side_data_list. Along with
this update it's possible to have values of -90, -270 to denote the video
has been rotated.Haroon Ahmed
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
-
Avoid escaping paths when editing credentials.
Jonathan Hefner
v7.0.5.1
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
-
Raise an exception if illegal characters are provide to redirect_to
[CVE-2023-28362]Zack Deveau
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
v6.1.7.4
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
-
Raise an exception if illegal characters are provide to redirect_to
[CVE-2023-28362]Zack Deveau
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.