Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Colorize the unpermitted params log message #34617

merged 1 commit into from Dec 5, 2018


Copy link

@blahed blahed commented Dec 4, 2018


This small change simply colorizes the unpermitted params warning/error log output to make it easier for scanning and identifying issues with strong params. I've been helping out some junior/beginner engineers with rails and more than a few times they've run into issues where they're just overlooking the log message. Not ashamed to say that this still gets me every once in a while, mostly because I feel like I've scanned the log and I don't see the message, so I go looking elsewhere.

It seems like moving the default to :raise instead of :log is probably a good idea, but regardless if we'd raise an error, it seems like colorizing the log message makes sense as a parallel.

@rails-bot rails-bot bot added the actionpack label Dec 4, 2018
Copy link

@gmcgibbon gmcgibbon left a comment

We don't seem to colorize much in this log subscriber, but we do a lot in ActiveStorage and ActiveRecord, so why not this one?

@rafaelfranca rafaelfranca merged commit 7849e56 into rails:master Dec 5, 2018
2 checks passed
2 checks passed
codeclimate All good!
continuous-integration/travis-ci/pr The Travis CI build passed
Copy link

@cjolly cjolly commented Feb 28, 2019

I think this is a step in the right direction! It's silly for newbies (and grizzled vets, for that matter) to fight with this behavior that is a predominantly production security concern while developing an app locally. I've updated my raise by default PR #32206, hopefully it makes it into 6, too.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants