Releases: rails/rails
7.2.0.beta2
Active Support
-
Define
Digest::UUID.nil_uuid
, which returns the so-called nil UUID.Xavier Noria
Active Model
- No changes.
Active Record
-
The payload of
sql.active_record
Active Support notifications now has the current transaction in the:transaction
key.Xavier Noria
-
The payload of
transaction.active_record
Active Support notifications now has the transaction the event is related to in the:transaction
key.Xavier Noria
-
Define
ActiveRecord::Transaction#uuid
, which returns a UUID for the database transaction. This may be helpful when tracing database activity. These UUIDs are generated only on demand.Xavier Noria
Action View
- No changes.
Action Pack
- Include the HTTP Permissions-Policy on non-HTML Content-Types
[CVE-2024-28103]
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
-
Bring
ActionCable::Connection::TestCookieJar
in alignment withActionDispatch::Cookies::CookieJar
in regards to setting the cookie value.Before:
cookies[:foo] = { value: "bar" } puts cookies[:foo] # => { value: "bar" }
After:
cookies[:foo] = { value: "bar" } puts cookies[:foo] # => "bar"
Justin Ko
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- Sanitize ActionText HTML ContentAttachment in Trix edit view
[CVE-2024-32464]
Railties
- No changes.
7.1.3.4
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- Include the HTTP Permissions-Policy on non-HTML Content-Types
[CVE-2024-28103]
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- Sanitize ActionText HTML ContentAttachment in Trix edit view
[CVE-2024-32464]
Railties
- No changes.
7.0.8.4
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- Include the HTTP Permissions-Policy on non-HTML Content-Types
[CVE-2024-28103]
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
6.1.7.8
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- Include the HTTP Permissions-Policy on non-HTML Content-Types
[CVE-2024-28103]
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
7.2.0.beta1
Active Support
-
Support
duration
type inActiveSupport::XmlMini
.heka1024
-
Remove deprecated
ActiveSupport::Notifications::Event#children
andActiveSupport::Notifications::Event#parent_of?
.Rafael Mendonça França
-
Remove deprecated support to call the following methods without passing a deprecator:
deprecate
deprecate_constant
ActiveSupport::Deprecation::DeprecatedObjectProxy.new
ActiveSupport::Deprecation::DeprecatedInstanceVariableProxy.new
ActiveSupport::Deprecation::DeprecatedConstantProxy.new
assert_deprecated
assert_not_deprecated
collect_deprecations
Rafael Mendonça França
-
Remove deprecated
ActiveSupport::Deprecation
delegation to instance.Rafael Mendonça França
-
Remove deprecated
SafeBuffer#clone_empty
.Rafael Mendonça França
-
Remove deprecated
#to_default_s
fromArray
,Date
,DateTime
andTime
.Rafael Mendonça França
-
Remove deprecated support to passing
Dalli::Client
instances toMemCacheStore
.Rafael Mendonça França
-
Remove deprecated
config.active_support.use_rfc4122_namespaced_uuids
.Rafael Mendonça França
-
Remove deprecated
config.active_support.remove_deprecated_time_with_zone_name
.Rafael Mendonça França
-
Remove deprecated
config.active_support.disable_to_s_conversion
.Rafael Mendonça França
-
Remove deprecated support to bolding log text with positional boolean in
ActiveSupport::LogSubscriber#color
.Rafael Mendonça França
-
Remove deprecated constants
ActiveSupport::LogSubscriber::CLEAR
andActiveSupport::LogSubscriber::BOLD
.Rafael Mendonça França
-
Remove deprecated support for
config.active_support.cache_format_version = 6.1
.Rafael Mendonça França
-
Remove deprecated
:pool_size
and:pool_timeout
options for the cache storage.Rafael Mendonça França
-
Warn on tests without assertions.
ActiveSupport::TestCase
now warns when tests do not run any assertions.
This is helpful in detecting broken tests that do not perform intended assertions.fatkodima
-
Support
hexBinary
type inActiveSupport::XmlMini
.heka1024
-
Deprecate
ActiveSupport::ProxyObject
in favor of Ruby's built-inBasicObject
.Earlopain
-
stub_const
now accepts aexists: false
parameter to allow stubbing missing constants.Jean Boussier
-
Make
ActiveSupport::BacktraceCleaner
copy filters and silencers on dup and clone.Previously the copy would still share the internal silencers and filters array,
causing state to leak.Jean Boussier
-
Updating Astana with Western Kazakhstan TZInfo identifier.
Damian Nelson
-
Add filename support for
ActiveSupport::Logger.logger_outputs_to?
.logger = Logger.new('/var/log/rails.log') ActiveSupport::Logger.logger_outputs_to?(logger, '/var/log/rails.log')
Christian Schmidt
-
Include
IPAddr#prefix
when serializing anIPAddr
using the
ActiveSupport::MessagePack
serializer.This change is backward and forward compatible — old payloads can
still be read, and new payloads will be readable by older versions of Rails.Taiki Komaba
-
Add
default:
support forActiveSupport::CurrentAttributes.attribute
.class Current < ActiveSupport::CurrentAttributes attribute :counter, default: 0 end
Sean Doyle
-
Remove deprecated support for the pre-Ruby 2.4 behavior of
to_time
returning aTime
object with local timezone.Rafael Mendonça França
-
Deprecate
config.active_support.to_time_preserves_timezone
.Rafael Mendonça França
-
Deprecate
DateAndTime::Compatibility.preserve_timezone
.Rafael Mendonça França
-
Yield instance to
Object#with
block.client.with(timeout: 5_000) do |c| c.get("/commits") end
Sean Doyle
-
Use logical core count instead of physical core count to determine the
default number of workers when parallelizing tests.Jonathan Hefner
-
Fix
Time.now/DateTime.now/Date.today
to return results in a system timezone after#travel_to
.There is a bug in the current implementation of #travel_to:
it remembers a timezone of its argument, and all stubbed methods start
returning results in that remembered timezone. However, the expected
behavior is to return results in a system timezone.Aleksei Chernenkov
-
Add
ErrorReported#unexpected
to report precondition violations.For example:
def edit if published? Rails.error.unexpected("[BUG] Attempting to edit a published article, that shouldn't be possible") return false end # ... end
The above will raise an error in development and test, but only report the error in production.
Jean Boussier
-
Make the order of read_multi and write_multi notifications for
Cache::Store#fetch_multi
operations match the order they are executed in.Adam Renberg Tamm
-
Make return values of
Cache::Store#write
consistent.The return value was not specified before. Now it returns
true
on a successful write,
nil
if there was an error talking to the cache backend, andfalse
if the write failed
for another reason (e.g. the key already exists andunless_exist: true
was passed).Sander Verdonschot
-
Fix logged cache keys not always matching actual key used by cache action.
Hartley McGuire
-
Improve error messages of
assert_changes
andassert_no_changes
.assert_changes
error messages now display objects with.inspect
to make it easier
to differentiate nil from empty strings, strings from symbols, etc.
assert_no_changes
error messages now surface the actual value.pcreux
-
Fix
#to_fs(:human_size)
to correctly work with negative numbers.Earlopain
-
Fix
BroadcastLogger#dup
so that it duplicates the logger'sbroadcasts
.Andrew Novoselac
-
Fix issue where
bootstrap.rb
overwrites thelevel
of aBroadcastLogger
'sbroadcasts
.Andrew Novoselac
-
Fix compatibility with the
semantic_logger
gem.The
semantic_logger
gem doesn't behave exactly like stdlib logger in that
SemanticLogger#level
returns a Symbol while stdlibLogger#level
returns an Integer.This caused the various
LogSubscriber
classes in Rails to break when assigned a
SemanticLogger
instance.Jean Boussier, ojab
-
Fix MemoryStore to prevent race conditions when incrementing or decrementing.
Pierre Jambet
-
Implement
HashWithIndifferentAccess#to_proc
.Previously, calling
#to_proc
onHashWithIndifferentAccess
object used inherited#to_proc
method from theHash
class, which was not able to access values using indifferent keys.fatkodima
Active Model
-
Fix a bug where type casting of string to
Time
andDateTime
doesn't
calculate minus minute value in TZ offset correctly.Akira Matsuda
-
Port the
type_for_attribute
method to Active Model. Classes that include
ActiveModel::Attributes
will now provide this method. This method behaves
the same for Active Model as it does for Active Record.class MyModel include ActiveModel::Attributes attribute :my_attribute, :integer end MyModel.type_for_attribute(:my_attribute) # => #<ActiveModel::Type::Integer ...>
Jonathan Hefner
Active Record
-
Fix inference of association model on nested models with the same demodularized name.
E.g. with the following setup:
class Nested::Post < ApplicationRecord has_one :post, through: :other end
Before,
#post
would infer the model asNested::Post
, but now it correctly infersPost
.Joshua Young
-
PostgreSQL
Cidr#change?
detects the address prefix change.Taketo Takashima
-
Change
BatchEnumerator#destroy_all
to return the total number of affected rows.Previously, it always returned
nil
.fatkodima
-
Support
touch_all
in batches.Post.in_batches.touch_all
fatkodima
-
Add support for
:if_not_exists
and:force
options tocreate_schema
.fatkodima
-
Fix
index_errors
having incorrect index in association validation errors.lulalala
-
Add
index_errors: :nested_attributes_order
mode.This indexes the association validation errors based on the order received by nested attributes setter, and respects the
reject_if
configuration. This enables API to provide enough information to the frontend to map the validation errors back to their respective form fields.lulalala
-
Add
Rails.application.config.active_record.postgresql_adapter_decode_dates
to opt out of decoding dates automatically with the postgresql adapter. Defaults to true.Joé Dupuis
-
Association option
query_constraints
is deprecated in favor offoreign_key
.Nikita Vasilevsky
-
Add
ENV["SKIP_TEST_DATABASE_TRUNCATE"]
flag to speed up multi-process test runs on large DBs when all tests run within default transaction.This cuts ~10s from the test run of HEY when run by 24 processes against the 178 tables, since ~4,000 table truncates can then be skipped.
DHH
-
Added support for recursive common table expressions.
Post.with_recursive( post_and_replies: [ Post.where(id: 42),
...
7.1.3.3
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- No changes.
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
-
Upgrade Trix to 2.1.1 to fix CVE-2024-34341.
Rafael Mendonça França
Railties
- No changes.
7.0.8.2
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- No changes.
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
-
Upgrade Trix to 1.3.2 to fix CVE-2024-34341.
Rafael Mendonça França
Railties
- No changes.
v7.1.3.2
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
- Fix
raise_on_missing_translations
not working correctly with the
translate
method in controllers after the patch for CVE-2024-26143.
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
7.1.3.1
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
-
Fix possible XSS vulnerability with the
translate
method in controllers -
Fix ReDoS in Accept header parsing
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
- No changes.
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.
7.0.8.1
Active Support
- No changes.
Active Model
- No changes.
Active Record
- No changes.
Action View
- No changes.
Action Pack
-
Fix possible XSS vulnerability with the
translate
method in controllers
Active Job
- No changes.
Action Mailer
- No changes.
Action Cable
- No changes.
Active Storage
-
Disables the session in
ActiveStorage::Blobs::ProxyController
andActiveStorage::Representations::ProxyController
in order to allow caching by default in some CDNs as CloudFlareFixes #44136
Bruno Prieto
Action Mailbox
- No changes.
Action Text
- No changes.
Railties
- No changes.