This Week in Rails

October 10, 2021

Autumn is here, and so is Rails 7 Alpha 2! ๐Ÿ‚

Hey! Zzak here with a JAM-PACKED edition of This Week In Rails. ๐Ÿ‡

This PR started nearly 2 and a half years ago, finally made its way into Rails!

A really neat feature, uses the Server-Timing header to emit durations for all ActiveSupport::Notifications. You can then view these metrics in your browser's Network Inspector

Allow link_to helper to infer link name from Model#to_s
If your model defines #to_s, you can now take advantage of this feature without having to supply a second argument to link_to.

Adds support for deferrable foreign key constraints in PostgreSQL
By default, foreign key constraints in PostgreSQL are checked after each statement. This works for most use cases, but becomes a major limitation when creating related records before the parent record is inserted into the database. Check out the PR for some examples and more detail.

GitHub Codespaces configuration
This PR adds support for GitHub Codespaces, which allows contributors to easily boot a fully functional environment to create patches and test changes to Rails.

Close Rails Guides menu dropdown by pressing Escape
A welcome UX patch that lets you close the menu dropdown by pressing the Escape key.

Improve margin styles for Rails Guides
We always appreciate when folks help improve our documentation, especially the visual aspect to make reading on multiple devices a pleasure.

Fix the diff highlight background for Rails Guides dark mode
Another great UX patch for Rails Guides that is always appreciated.

Suggest a CSP that's compatible with Turbo + import map
In order for CSP to work with Turbo and an import map, we need nonces to be generated. This PR changes the generated CSP initializer to use per-session nonces instead of per-request nonces which would have negative impact on caching.

Add Bootstrap and Bulma to the CSS processors' list
As support for more CSS processors are added to cssbundling-rails, we've updated the `rails new --help` text to include currently available options.

Don't overwrite default opts in rich_text_area_tag
This PR enables passing in a custom `direct_upload_url` or `blob_url_template` to `rich_text_area_tag`. In the case you want to use your own controller to authenticate requests or perform server-side validations.

Avoid comment statements in pg:dump
This PR adds the --no-comment flag to pg_dump to ensure COMMENT statements are omitted from the output when using PostgreSQL >= 11.

Require latest release candidate for selenium-webdriver in Rails new
Since the "rexml" gem was removed from Ruby version >= 3 the selenum-webdriver gem has been waiting for a release that includes their updated dependency on the standard library gem.

Support clearing acronyms from inflector
Previously attempting to clear acronyms in the Inflector breaks would result in a TypeError.

Allow permitting numeric params
ActionController::Parameters now lets you specify multiple parameters index by a number. This may be necessary if the parameters belong to a numeric key.

Check basic auth credentials before authenticate
This PR fixes a bug when sending invalid basic authorization header data when using `http_basic_authentication_with`.

Render host_authorization debug view only for local requests
This PR fixes a bug where debugging information was visible in production by restricting access to local requests only.

Add missing migrate command to Getting Started Rails Guide
This might seem like a minor patch, but contributions from folks learning Ruby on Rails for the first time is a healthy sign. Changes like these help ease the difficulty of learning and welcomes new contributors to the community.

Active Storage: deprecate invalid default content types
Blobs created with content_type `image/jpg`, `image/pjpeg`, `image/bmp`, `text/javascript` will now produce a deprecation warning, since these are not valid content types.

Allow configuring PostgreSQL connection password through socket URL
This PR allows you to specify your password using a socket URL, such as "postgres:///?user=user&password=secret&dbname=app".

Add autocomplete="off" to all generated hidden fields
Due to a longstanding Firefox bug, this PR ensures hidden fields such as CSRF token and HTTP method fields are not modified without the user's knowledge.

Add beginning_of_week option to weekday_options_for_select
Now you can specify the beginning of the week to this select field without depending on Date.beginning_of_week.

Action Mailer email_address_with_name now returns the email if name is blank
When sending an email using Action Mailer the object referencing the person you want to send it to may not have a name associated with it. For example, in the case this field is optional for your User record. In this case Action Mailer will now use the target email address.

Add missing DOM ids to rails/mailers/email.html template
This PR will help folks testing their Mailer Preview actions by using unique identifiers to select the mail data from the DOM instantly.

35 people contributed (over 120 commits!) to Rails since last time. All the changes can be checked here. Until next week!