Update dependency rails to v8 #185
Merged
+124
−86
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
'~> 6.1.7.3'
->'~> 8.0.0.0'
Release Notes
rails/rails (rails)
v8.0.0.1
: 8.0.0.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v8.0.0
: 8.0.0Compare Source
Active Support
Remove deprecated support to passing an array of strings to
ActiveSupport::Deprecation#warn
.Rafael Mendonça França
Remove deprecated support to setting
attr_internal_naming_format
with a@
prefix.Rafael Mendonça França
Remove deprecated
ActiveSupport::ProxyObject
.Rafael Mendonça França
Don't execute i18n watcher on boot. It shouldn't catch any file changes initially,
and unnecessarily slows down boot of applications with lots of translations.
Gannon McGibbon, David Stosik
Fix
ActiveSupport::HashWithIndifferentAccess#stringify_keys
to stringify all keys not just symbols.Previously:
After this change:
This change can be seen as a bug fix, but since it behaved like this for a very long time, we're deciding
to not backport the fix and to make the change in a major release.
Jean Boussier
Include options when instrumenting
ActiveSupport::Cache::Store#delete
andActiveSupport::Cache::Store#delete_multi
.Adam Renberg Tamm
Print test names when running
rails test -v
for parallel tests.John Hawthorn, Abeid Ahmed
Deprecate
Benchmark.ms
core extension.The
benchmark
gem will become bundled in Ruby 3.5Earlopain
ActiveSupport::TimeWithZone#inspect
now uses ISO 8601 style time likeTime#inspect
John Hawthorn
ActiveSupport::ErrorReporter#report
now assigns a backtrace to unraised exceptions.Previously reporting an un-raised exception would result in an error report without
a backtrace. Now it automatically generates one.
Jean Boussier
Add
escape_html_entities
option toActiveSupport::JSON.encode
.This allows for overriding the global configuration found at
ActiveSupport.escape_html_entities_in_json
for specific calls toto_json
.This should be usable from controllers in the following manner:
Nigel Baillie
Raise when using key which can't respond to
#to_sym
inEncryptedConfiguration
.As is the case when trying to use an Integer or Float as a key, which is unsupported.
zzak
Deprecate addition and since between two
Time
andActiveSupport::TimeWithZone
.Previously adding time instances together such as
10.days.ago + 10.days.ago
or10.days.ago.since(10.days.ago)
produced a nonsensical future date. This behavior is deprecated and will be removed in Rails 8.1.Nick Schwaderer
Support rfc2822 format for Time#to_fs & Date#to_fs.
Akshay Birajdar
Optimize load time for
Railtie#initialize_i18n
. FilterI18n.load_path
s passed to the file watcher to only thoseunder
Rails.root
. Previously the watcher would grab all available locales, including those in gemswhich do not require a watcher because they won't change.
Nick Schwaderer
Add a
filter
option toin_order_of
to prioritize certain values in the sorting without filtering the resultsby these values.
Igor Depolli
Improve error message when using
assert_difference
orassert_changes
with aproc by printing the proc's source code (MRI only).
Richard Böhme, Jean Boussier
Add a new configuration value
:zone
forActiveSupport.to_time_preserves_timezone
and rename the previoustrue
value to:offset
. The new default value is:zone
.Jason Kim, John Hawthorn
Align instrumentation
payload[:key]
in ActiveSupport::Cache to follow the same pattern, with namespaced and normalized keys.Frederik Erbs Spang Thomsen
Fix
travel_to
to set usec 0 whenwith_usec
isfalse
and the given argument String or DateTime.mopp
Active Model
Add
:except_on
option for validations. Grants the ability to skip validations in specified contexts.Drew Bragg
Make
ActiveModel::Serialization#read_attribute_for_serialization
publicSean Doyle
Add a default token generator for password reset tokens when using
has_secure_password
.16 minutes later...
raises ActiveSupport::MessageVerifier::InvalidSignature since the token is expired
Add a load hook
active_model_translation
forActiveModel::Translation
.Shouichi Kamiya
Add
raise_on_missing_translations
option toActiveModel::Translation
.When the option is set,
human_attribute_name
raises an error if a translation of the given attribute is missing.ActiveModel::Translation.raise_on_missing_translations = false
ActiveModel::Translation.raise_on_missing_translations = true
Introduce
ActiveModel::AttributeAssignment#attribute_writer_missing
Provide instances with an opportunity to gracefully handle assigning to an
unknown attribute:
Sean Doyle
Active Record
Fix support for
query_cache: false
indatabase.yml
.query_cache: false
would no longer entirely disable the Active Record query cache.zzak
NULLS NOT DISTINCT works with UNIQUE CONSTRAINT as well as UNIQUE INDEX.
Ryuta Kamizono
The
db:prepare
task no longer loads seeds when a non-primary database is created.Previously, the
db:prepare
task would load seeds whenever a new databaseis created, leading to potential loss of data if a database is added to an
existing environment.
Introduces a new database config property
seeds
to control whether seedsare loaded during
db:prepare
which defaults totrue
for primary databaseconfigs and
false
otherwise.Fixes #53348.
Mike Dalessio
PG::UnableToSend: no connection to the server
is now retryable as a connection-related exceptionKazuma Watanabe
Fix strict loading propagation even if statement cache is not used.
Ryuta Kamizono
Allow
rename_enum
accepts two from/to name arguments asrename_table
does so.Ryuta Kamizono
Remove deprecated support to setting
ENV["SCHEMA_CACHE"]
.Rafael Mendonça França
Remove deprecated support to passing a database name to
cache_dump_filename
.Rafael Mendonça França
Remove deprecated
ActiveRecord::ConnectionAdapters::ConnectionPool#connection
.Rafael Mendonça França
Remove deprecated
config.active_record.sqlite3_deprecated_warning
.Rafael Mendonça França
Remove deprecated
config.active_record.warn_on_records_fetched_greater_than
.Rafael Mendonça França
Remove deprecated support for defining
enum
with keyword arguments.Rafael Mendonça França
Remove deprecated support to finding database adapters that aren't registered to Active Record.
Rafael Mendonça França
Remove deprecated
config.active_record.allow_deprecated_singular_associations_name
.Rafael Mendonça França
Remove deprecated
config.active_record.commit_transaction_on_non_local_return
.Rafael Mendonça França
Fix incorrect SQL query when passing an empty hash to
ActiveRecord::Base.insert
.David Stosik
Allow to save records with polymorphic join tables that have
inverse_of
specified.
Markus Doits
Fix association scopes applying on the incorrect join when using a polymorphic
has_many through:
.Joshua Young
Allow
ActiveRecord::Base#pluck
to accept hash arguments with symbol and string values.Joshua Young
Make Float distinguish between
float4
andfloat8
in PostgreSQL.Fixes #52742
Ryota Kitazawa, Takayuki Nagatomi
Allow
drop_table
to accept an array of table names.This will let you to drop multiple tables in a single call.
Gabriel Sobrinho
Add support for PostgreSQL
IF NOT EXISTS
via the:if_not_exists
optionon the
add_enum_value
method.Ariel Rzezak
When running
db:migrate
on a fresh database, load the databases schemas before running migrations.Andrew Novoselac, Marek Kasztelnik
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Deprecate
unsigned_float
andunsigned_decimal
short-hand column methods.As of MySQL 8.0.17, the UNSIGNED attribute is deprecated for columns of type FLOAT, DOUBLE,
and DECIMAL. Consider using a simple CHECK constraint instead for such columns.
https://dev.mysql.com/doc/refman/8.0/en/numeric-type-syntax.html
Ryuta Kamizono
Drop MySQL 5.5 support.
MySQL 5.5 is the only version that does not support datetime with precision,
which we have supported in the core. Now we support MySQL 5.6.4 or later, which
is the first version to support datetime with precision.
Ryuta Kamizono
Make Active Record asynchronous queries compatible with transactional fixtures.
Previously transactional fixtures would disable asynchronous queries, because transactional
fixtures impose all queries use the same connection.
Now asynchronous queries will use the connection pinned by transactional fixtures, and behave
much closer to production.
Jean Boussier
Deserialize binary data before decrypting
This ensures that we call
PG::Connection.unescape_bytea
on PostgreSQL before decryption.Donal McBreen
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Add support for SQLite3 full-text-search and other virtual tables.
Previously, adding sqlite3 virtual tables messed up
schema.rb
.Now, virtual tables can safely be added using
create_virtual_table
.Zacharias Knudsen
Support use of alternative database interfaces via the
database_cli
ActiveRecord configuration option.T S Vallender
Add support for dumping table inheritance and native partitioning table definitions for PostgeSQL adapter
Justin Talbott
Add support for
ActiveRecord::Point
type casts usingHash
valuesThis allows
ActiveRecord::Point
to be cast or serialized from a hashwith
:x
and:y
keys of numeric values, mirroring the functionality ofexisting casts for string and array values. Both string and symbol keys are
supported.
Stephen Drew
Replace
SQLite3::Database#busy_timeout
with#busy_handler_timeout=
.Provides a non-GVL-blocking, fair retry interval busy handler implementation.
Stephen Margheim
SQLite3Adapter: Translate
SQLite3::BusyException
intoActiveRecord::StatementTimeout
.Matthew Nguyen
Include schema name in
enable_extension
statements indb/schema.rb
.The schema dumper will now include the schema name in generated
enable_extension
statements if they differ from the current schema.For example, if you have a migration:
then the generated schema dump will also contain:
Tony Novak
Fix
ActiveRecord::Encryption::EncryptedAttributeType#type
to returnactual cast type.
Vasiliy Ermolovich
SQLite3Adapter: Bulk insert fixtures.
Previously one insert command was executed for each fixture, now they are
aggregated in a single bulk insert command.
Lázaro Nixon
PostgreSQLAdapter: Allow
disable_extension
to be called with schema-qualified name.For parity with
enable_extension
, thedisable_extension
method can be called with a schema-qualifiedname (e.g.
disable_extension "myschema.pgcrypto"
). Note that PostgreSQL'sDROP EXTENSION
does notactually take a schema name (unlike
CREATE EXTENSION
), so the resulting SQL statement will only namethe extension, e.g.
DROP EXTENSION IF EXISTS "pgcrypto"
.Tony Novak
Make
create_schema
/drop_schema
reversible in migrations.Previously,
create_schema
anddrop_schema
were irreversible migration operations.Tony Novak
Support batching using custom columns.
do something with relation
Use SQLite
IMMEDIATE
transactions when possible.Transactions run against the SQLite3 adapter default to IMMEDIATE mode to improve concurrency support and avoid busy exceptions.
Stephen Margheim
Raise specific exception when a connection is not defined.
The new
ConnectionNotDefined
exception provides connection name, shard and role accessors indicating the details of the connection that was requested.Hana Harencarova, Matthew Draper
Delete the deprecated constant
ActiveRecord::ImmutableRelation
.Xavier Noria
Fix duplicate callback execution when child autosaves parent with
has_one
andbelongs_to
.Before, persisting a new child record with a new associated parent record would run
before_validation
,after_validation
,before_save
andafter_save
callbacks twice.Now, these callbacks are only executed once as expected.
Joshua Young
ActiveRecord::Encryption::Encryptor
now supports a:compressor
option to customize the compression algorithm used.You disable compression by passing
compress: false
.heka1024
Add condensed
#inspect
forConnectionPool
,AbstractAdapter
, andDatabaseConfig
.Hartley McGuire
Add
.shard_keys
,.sharded?
, &.connected_to_all_shards
methods.Nony Dutton
Add a
filter
option toin_order_of
to prioritize certain values in the sorting without filtering the resultsby these values.
Igor Depolli
Fix an issue where the IDs reader method did not return expected results
for preloaded associations in models using composite primary keys.
Jay Ang
Allow to configure
strict_loading_mode
globally or within a model.Defaults to
:all
, can be changed to:n_plus_one_only
.Garen Torikian
Add
ActiveRecord::Relation#readonly?
.Reflects if the relation has been marked as readonly.
Theodor Tonum
Improve
ActiveRecord::Store
to raise a descriptive exception if the column is not eitherstructured (e.g., PostgreSQL +hstore+/+json+, or MySQL +json+) or declared serializable via
ActiveRecord.store
.Previously, a
NoMethodError
would be raised when the accessor was read or written:Now, a descriptive
ConfigurationError
is raised:Mike Dalessio
Fix inference of association model on nested models with the same demodularized name.
E.g. with the following setup:
Before,
#post
would infer the model asNested::Post
, but now it correctly infersPost
.Joshua Young
Add public method for checking if a table is ignored by the schema cache.
Previously, an application would need to reimplement
ignored_table?
from the schema cache class to check if a table was set to be ignored. This adds a public method to support this and updates the schema cache to use that directly.Eileen M. Uchitelle
Action View
Remove deprecated support to passing a content to void tag elements on the
tag
builder.Rafael Mendonça França
Remove deprecated support to passing
nil
to themodel:
argument ofform_with
.Rafael Mendonça França
Enable DependencyTracker to evaluate renders with trailing interpolation.
Previously, the DependencyTracker would ignore this render, but now it will
mark all partials in the "maintenance_tasks/runs/info" folder as
dependencies.
Hartley McGuire
Rename
text_area
methods intotextarea
Old names are still available as aliases.
Sean Doyle
Rename
check_box*
methods intocheckbox*
.Old names are still available as aliases.
Jean Boussier
Action Pack
Fix routes with
::
in the path.Rafael Mendonça França
Maintain Rack 2 parameter parsing behaviour.
Matthew Draper
Remove
Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality
.Rafael Mendonça França
Improve
ActionController::TestCase
to expose a binary encodedrequest.body
.The rack spec clearly states:
Until now its encoding was generally UTF-8, which doesn't accurately reflect production
behavior.
Jean Boussier
Update
ActionController::AllowBrowser
to support passing method names to:block
Sean Doyle
Raise an
ArgumentError
when invalid:only
or:except
options are passed into#resource
and#resources
.Joshua Young
Fix non-GET requests not updating cookies in
ActionController::TestCase
.Jon Moss, Hartley McGuire
Update
ActionController::Live
to use a thread-pool to reuse threads across requests.Adam Renberg Tamm
Introduce safer, more explicit params handling method with
params#expect
such thatparams.expect(table: [ :attr ])
replacesparams.require(:table).permit(:attr)
Ensures params are filtered with consideration for the expected
types of values, improving handling of params and avoiding ignorable
errors caused by params tampering.
If the url is altered to ?person=hacked
Before
raises NoMethodError, causing a 500 and potential error reporting
After
raises ActionController::ParameterMissing, correctly returning a 400 error
Before
After
System Testing: Disable Chrome's search engine choice by default in system tests.
glaszig
Fix
Request#raw_post
raisingNoMethodError
whenrack.input
isnil
.Hartley McGuire
Remove
racc
dependency by manually writingActionDispatch::Journey::Scanner
.Gannon McGibbon
Speed up
ActionDispatch::Routing::Mapper::Scope#[]
by merging frame hashes.Gannon McGibbon
Allow bots to ignore
allow_browser
.Matthew Nguyen
Deprecate drawing routes with multiple paths to make routing faster.
You may use
with_options
or a loop to make drawing multiple paths easier.Before
After
Make
http_cache_forever
useimmutable: true
Nate Matykiewicz
Add
config.action_dispatch.strict_freshness
.When set to
true
, theETag
header takes precedence over theLast-Modified
header when both are present,as specified by RFC 7232, Section 6.
Defaults to
false
to maintain compatibility with previous versions of Rails, but is enabled as part ofRails 8.0 defaults.
heka1024
Support
immutable
directive in Cache-ControlCache-Control: public, max-age=60, immutable
Add
:wasm_unsafe_eval
mapping forcontent_security_policy
Before
After
Add
display_capture
andkeyboard_map
inpermissions_policy
Cyril Blaecke
Add
connect
route helper.Samuel Williams
Active Job
Remove deprecated
config.active_job.use_big_decimal_serializer
.Rafael Mendonça França
Deprecate
sucker_punch
as an adapter option.If you're using this adapter, change to
adapter: async
for the same functionality.Dino Maric, zzak
Use
RAILS_MAX_THREADS
inActiveJob::AsyncAdapter
. If it is not set, use 5 as default.heka1024
Action Mailer
Action Cable
Add an
identifier
to the event payload for the ActiveSupport::Notificationtransmit_subscription_confirmation.action_cable
andtransmit_subscription_rejection.action_cable
.Keith Schacht
Active Storage
Deprecate
ActiveStorage::Service::AzureStorageService
.zzak
Improve
ActiveStorage::Filename#sanitized
method to handle special characters more effectively.Replace the characters
"*?<>
with-
if they exist in the Filename to match the Filename convention of Win OS.Luong Viet Dung(Martin)
Improve InvariableError, UnpreviewableError and UnrepresentableError message.
Include Blob ID and content_type in the messages.
Petrik de Heus
Mark proxied files as
immutable
in their Cache-Control headerNate Matykiewicz
Action Mailbox
Action Text
Dispatch direct-upload events on attachment uploads
When using Action Text's rich textarea, it's possible to attach files to the
editor. Previously, that action didn't dispatch any events, which made it hard
to react to the file uploads. For instance, if an upload failed, there was no
way to notify the user about it, or remove the attachment from the editor.
This commits adds new events -
direct-upload:start
,direct-upload:progress
,and
direct-upload:end
- similar to how Active Storage's direct uploads work.Matheus Richard, Brad Rees
Add
store_if_blank
option tohas_rich_text
Pass
store_if_blank: false
to not createActionText::RichText
records when saving with a blank attribute, such as from an optional form parameter.Alex Ghiculescu
Strip
content
attribute if the key is present but the value is emptyJeremy Green
Rename
rich_text_area
methods intorich_textarea
Old names are still available as aliases.
Sean Doyle
Only sanitize
content
attribute when present in attachments.Petrik de Heus
Railties
Fix incorrect database.yml with
skip_solid
.Joé Dupuis
Set
Regexp.timeout
to1
s by default to improve security over Regexp Denial-of-Service attacks.Rafael Mendonça França
Remove deprecated support to extend Rails console through
Rails::ConsoleMethods
.Rafael Mendonça França
Remove deprecated file
rails/console/helpers
.Rafael Mendonça França
Remove deprecated file
rails/console/app
.Rafael Mendonça França
Remove deprecated
config.read_encrypted_secrets
.Rafael Mendonça França
Add Kamal support for devcontainers
Previously generated devcontainer could not use docker and therefore Kamal.
Joé Dupuis
Exit
rails g
with code 1 if generator could not be found.Previously
rails g
returned 0, which would make it harder to catch typos in scripts callingrails g
.Christopher Özbek
Remove
require_*
statements from application.css to align with the transition from Sprockets to Propshaft.With Propshaft as the default asset pipeline in Rails 8, the require_tree and require_self clauses in application.css are no longer necessary, as they were specific to Sprockets. Additionally, the comment has been updated to clarify that CSS precedence now follows standard cascading order without automatic prioritization by the asset pipeline.
Eduardo Alencar
Do not include redis by default in generated Dev Containers.
Now that applications use the Solid Queue and Solid Cache gems by default, we do not need to include redis
in the Dev Container. We will only include redis if
--skip-solid
is used when generating an app that usesActive Job or Action Cable.
When generating a Dev Container for an existing app, we will not include redis if either of the solid gems
are in use.
Andrew Novoselac
Use Solid Cable as the default Action Cable adapter in production, configured as a separate queue database in config/database.yml. It keeps messages in a table and continuously polls for updates. This makes it possible to drop the common dependency on Redis, if it isn't needed for any other purpose. Despite polling, the performance of Solid Cable is comparable to Redis in most situations. And in all circumstances, it makes it easier to deploy Rails when Redis is no longer a required dependency for Action Cable functionality.
DHH
Use Solid Queue as the default Active Job backend in production, configured as a separate queue database in config/database.yml. In a single-server deployment, it'll run as a Puma plugin. This is configured in
config/deploy.yml
and can easily be changed to use a dedicated jobs machine.DHH
Use Solid Cache as the default Rails.cache backend in production, configured as a separate cache database in config/database.yml.
DHH
Add Rails::Rack::SilenceRequest middleware and use it via
config.silence_healthcheck_path = path
to silence requests to "/up". This prevents the Kamal-required health checks from clogging up
the production logs.
DHH
Introduce
mariadb-mysql
andmariadb-trilogy
database options forrails new
When used with the
--devcontainer
flag, these options will usemariadb
as the database for theDev Container. The original
mysql
andtrilogy
options will usemysql
. Users who are notgenerating a Dev Container do not need to use the new options.
Andrew Novoselac
Deprecate
::STATS_DIRECTORIES
.The global constant
STATS_DIRECTORIES
has been deprecated in favor ofRails::CodeStatistics.register_directory
.Add extra directories with
Rails::CodeStatistics.register_directory(label, path)
:Petrik de Heus
Enable query log tags by default on development env
This can be used to trace troublesome SQL statements back to the application
code that generated these statements. It is also useful when using multiple
databases because the query logs can identify which database is being used.
Matheus Richard
Defer route drawing to the first request, or when url_helpers are called
Executes the first routes reload in middleware, or when a route set's
url_helpers receives a route call / asked if it responds to a route.
Previously, this was executed unconditionally on boot, which can
slow down boot time unnecessarily for larger apps with lots of routes.
Environments like production that have
config.eager_load = true
willcontinue to eagerly load routes on boot.
Gannon McGibbon
Generate form helpers to use
textarea*
methods instead oftext_area*
methodsSean Doyle
Add authentication generator to give a basic start to an authentication system using database-tracked sessions and password reset.
Generate with...
Generated files:
DHH
Add not-null type modifier to migration attributes.
Generating with...
Produces:
DHH
Add a
script
folder to applications, and a scripts generator.The new
script
folder is meant to hold one-off or general purpose scripts,such as data migration scripts, cleanup scripts, etc.
A new script generator allows you to create such scripts:
You can run the generated script using:
Jerome Dalbert, Haroon Ahmed
Deprecate
bin/rake stats
in favor ofbin/rails stats
.Juan Vásquez
Add internal page
/rails/info/notes
, that displays the same information asbin/rails notes
.Deepak Mahakale
Add Rubocop and GitHub Actions to plugin generator.
This can be skipped using --skip-rubocop and --skip-ci.
Chris Oliver
Use Kamal for deployment by default, which includes generating a Rails-specific config/deploy.yml.
This can be skipped using --skip-kamal. See more: https://kamal-deploy.org/
DHH
Guides
The guide Classic to Zeitwerk HOWTO that documented how to migrate from
the
classic
autoloader to Zeitwerk has been deleted.The last version of this guide can be found
here,
in case you need it.
Petrik de Heus
v7.2.2.1
: 7.2.2.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v7.2.2
: 7.2.2Compare Source
Active Support
Include options when instrumenting
ActiveSupport::Cache::Store#delete
andActiveSupport::Cache::Store#delete_multi
.Adam Renberg Tamm
Print test names when running
rails test -v
for parallel tests.John Hawthorn, Abeid Ahmed
Active Model
Fix regression in
alias_attribute
to work with user defined methods.alias_attribute
would wrongly assume the attribute accessor was generated by Active Model.Jean Boussier
Active Record
Fix support for
query_cache: false
indatabase.yml
.query_cache: false
would no longer entirely disable the Active Record query cache.zzak
Set
.attributes_for_inspect
to:all
by default.For new applications it is set to
[:id]
in config/environment/production.rb.In the console all the attributes are always shown.
Andrew Novoselac
PG::UnableToSend: no connection to the server
is now retryable as a connection-related exceptionKazuma Watanabe
Fix marshalling of unsaved associated records in 7.1 format.
The 7.1 format would only marshal associated records if the association was loaded.
But associations that would only contain unsaved records would be skipped.
Jean Boussier
Fix incorrect SQL query when passing an empty hash to
ActiveRecord::Base.insert
.David Stosik
Allow to save records with polymorphic join tables that have
inverse_of
specified.
Markus Doits
Fix association scopes applying on the incorrect join when using a polymorphic
has_many through:
.Joshua Young
Fix
dependent: :destroy
for bi-directional has one through association.Fixes #50948.
In the above example
left.destroy
wouldn't destroy its associatedRight
record.
Andy Stewart
Properly handle lazily pinned connection pools.
Fixes #53147.
When using transactional fixtures with system tests to similar tools
such as capybara, it could happen that a connection end up pinned by the
server thread rather than the test thread, causing
"Cannot expire connection, it is owned by a different thread"
errors.Jean Boussier
Fix
ActiveRecord::Base.with
to accept more than two sub queries.Fixes #53110.
The above now works as expected.
fatkodima
Properly release pinned connections with non joinable connections.
Fixes #52973
When running system tests with transactional fixtures on, it could happen that
the connection leased by the Puma thread wouldn't be properly released back to the pool,
causing "Cannot expire connection, it is owned by a different thread" errors in later tests.
Jean Boussier
Make Float distinguish between
float4
andfloat8
in PostgreSQL.Fixes #52742
Ryota Kitazawa, Takayuki Nagatomi
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Action View
Action Pack
Fix non-GET requests not updating cookies in
ActionController::TestCase
.Jon Moss, Hartley McGuire
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.2.1.2
: 7.2.1.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Fix NoMethodError in
block_format
helperMichael Leimstaedtner
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.2.1.1
: 7.2.1.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Avoid regex backtracking in HTTP Token authentication
[CVE-2024-47887]
Avoid regex backtracking in query parameter filtering
[CVE-2024-41128]
Active Job
Action Mailer
Avoid regex backtracking in
block_format
helper[CVE-2024-47889]
Action Cable
Active Storage
Action Mailbox
Action Text
Avoid backtracing in plain_text_for_blockquote_node
[CVE-2024-47888]
Railties
Guides
v7.2.1
: 7.2.1Compare Source
Active Support
Active Model
Active Record
Fix detection for
enum
columns with parallelized tests and PostgreSQL.Rafael Mendonça França
Allow to eager load nested nil associations.
fatkodima
Fix swallowing ignore order warning when batching using
BatchEnumerator
.fatkodima
Fix memory bloat on the connection pool when using the Fiber
IsolatedExecutionState
.Jean Boussier
Restore inferred association class with the same modularized name.
Justin Ko
Fix
ActiveRecord::Base.inspect
to properly explain how to load schema information.Jean Boussier
Check invalid
enum
options for the new syntax.The options using
_
prefix in the old syntax are invalid in the new syntax.Rafael Mendonça França
Fix
ActiveRecord::Encryption::EncryptedAttributeType#type
to returnactual cast type.
Vasiliy Ermolovich
Fix
create_table
with:auto_increment
option for MySQL adapter.fatkodima
Action View
Action Pack
Fix
Request#raw_post
raisingNoMethodError
whenrack.input
isnil
.Hartley McGuire
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Strip
content
attribute if the key is present but the value is emptyJeremy Green
Railties
Fix
rails console
for application with non default application constant.The wrongly assumed the Rails application would be named
AppNamespace::Application
,which is the default but not an obligation.
Jean Boussier
Fix the default Dockerfile to include the full sqlite3 package.
Prior to this it only included
libsqlite3
, so it wasn't enough torun
rails dbconsole
.Jerome Dalbert
Don't update public directory during
app:update
command for API-only Applications.y-yagi
Don't add bin/brakeman if brakeman is not in bundle when upgrading an application.
Etienne Barrié
Remove PWA views and routes if its an API only project.
Jean Boussier
Simplify generated Puma configuration
DHH, Rafael Mendonça França
v7.2.0
Compare Source
v7.1.5.1
: 7.1.5.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v7.1.5
: 7.1.5Compare Source
Active Support
Active Model
Fix regression in
alias_attribute
to work with user defined methods.alias_attribute
would wrongly assume the attribute accessor was generated by Active Model.Jean Boussier
Active Record
Fix marshalling of unsaved associated records in 7.1 format.
The 7.1 format would only marshal associated records if the association was loaded.
But associations that would only contain unsaved records would be skipped.
Jean Boussier
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.1.4.2
: 7.1.4.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Fix NoMethodError in
block_format
helperMichael Leimstaedtner
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.1.4.1
: 7.1.4.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Avoid regex backtracking in HTTP Token authentication
[CVE-2024-47887]
Avoid regex backtracking in query parameter filtering
[CVE-2024-41128]
Active Job
Action Mailer
Avoid regex backtracking in
block_format
helper[CVE-2024-47889]
Action Cable
Active Storage
Action Mailbox
Action Text
Avoid backtracing in plain_text_for_blockquote_node
[CVE-2024-47888]
Railties
Guides
v7.1.4
: 7.1.4Compare Source
Active Support
Improve compatibility for
ActiveSupport::BroadcastLogger
.Máximo Mussini
Pass options along to write_entry in handle_expired_entry method.
Graham Cooper
Fix Active Support configurations deprecations.
fatkodima
Fix teardown callbacks.
Tristan Starck
BacktraceCleaner
silence core internal methods by default.Jean Boussier
Fix
delegate_missing_to allow_nil: true
when called with implict selfJean Boussier
Work around a Ruby bug that can cause a VM crash.
This would happen if using
TaggerLogger
with a Procformatter on which you called
object_id
.Jean Boussier
Fix
ActiveSupport::Notifications.publish_event
to preserve units.This solves the incorrect reporting of time spent running Active Record
asynchronous queries (by a factor
1000
).Jean Boussier
Active Model
Active Record
Allow to eager load nested nil associations.
fatkodima
Fix
create_table
with:auto_increment
option for MySQL adapter.fatkodima
Don't load has_one associations during autosave.
Eugene Kenny
Fix migration ordering for
bin/rails db:prepare
across databases.fatkodima
Fix
alias_attribute
to ignore methods defined in parent classes.Jean Boussier
Fix a performance regression in attribute methods.
Jean Boussier
Fix Active Record configs variable shadowing.
Joel Lubrano
Fix running migrations on other databases when
database_tasks: false
on primary.fatkodima
Fix non-partial inserts for models with composite identity primary keys.
fatkodima
Fix
ActiveRecord::Relation#touch_all
with custom attribute aliased as attribute for update.fatkodima
Fix a crash when an Executor wrapped fork exit.
Joé Dupuis
Fix
destroy_async
job for owners with composite primary keys.fatkodima
Ensure pre-7.1 migrations use legacy index names when using
rename_table
.fatkodima
Allow
primary_key:
association option to be composite.Nikita Vasilevsky
Do not try to alias on key update when raw SQL is supplied.
Gabriel Amaral
Memoize
key_provider
fromkey
or deterministickey_provider
if any.Rosa Gutierrez
Fix
upsert
warning for MySQL.fatkodima
Fix predicate builder for polymorphic models referencing models with composite primary keys.
fatkodima
Fix
update_all/delete_all
on CPK model relation with join subquery.Nikita Vasilevsky
Remove memoization to accept
key_provider
overridden bywith_encryption_context
.John Hawthorn
Raise error for Trilogy when prepared_statements is true.
Trilogy doesn't currently support prepared statements. The error that
applications would see is a
StatementInvalid
error. This doesn't quite pointyou to the fact this isn
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.