This Week in Rails

Your weekly inside scoop of interesting commits, pull requests and more from Rails.
June 30, 2023

A CVE, two new Rails releases in a week, config.autoload_lib, and more!

Happy Friday Everyone! This is Vipul, bringing you the latest changes in the Rails codebase. [CVE-2023-28362] Possible XSS via User Supplied Values to redirect_to If you haven't already, its time to upgrade your Rails application to the latest version! Rails versions, have been released with a security fix for a possibl...
Read more
June 23, 2023

Rails World website and ticket sales, CPK improvements and more!

Hi, it’s Greg, bringing you the latest changes in the Rails codebase. Rails World’s site is live! The Rails World conference website is live from today. It was created by Shona Chan, a junior developer from the Rails community. It was commissioned by the Rails Foundation, designed by Katya Sitko and created under the mentorship of Ayus...
Read more
June 16, 2023

SSL Enforcement, new Postgres enum features, and changes to Rails.application.secrets

Hi, it’s zzak. We’re officially half-way through June, and we’ve got a shorter edition this week but let’s hop in. Enable `force_ssl=true` in production by default This PR affects newly generated apps to make SSL enforcement the default behavior in production mode, ensuring all access to the application occurs over SSL, with Strict-Tra...
Read more
June 9, 2023

This Week In Rails - June 9, 2023

Hi! Emmanuel here writing from a train to Katowice! There have been quite a few developments in the Rails codebase over the last few weeks! Let's take a look at some of them, shall we? Create a class level #with_routing helper The with_routing helper can now be called at the class level. When called at this level, the routes will be se...
Read more
June 2, 2023

HTML5 sanitizer, path_params and more

Hi, Wojtek here. Let’s explore this week’s changes in the Rails codebase. Update Action View to use HTML5 standards-compliant sanitizers Add support for HTML5 standards-compliant sanitizers, and default to Rails::HTML5::Sanitizer in the Rails 7.1 configuration if it is supported. Action View’s HTML sanitizers can be configured by setti...
Read more
May 26, 2023

This Week In Rails - May 26, 2023

Hey! zzak here with another edition of This Week in Rails. Reminder: The Rails World CFP is open until June 16. Whether you’re a seasoned veteran or a newcomer to the Rails ecosystem, we encourage you to submit proposals that showcase forward-thinking ideas and push the boundaries of what’s possible with Rails. Rails 7.0.5 has been rel...
Read more
May 19, 2023

Rails World CFP, ActiveRecord.disconnect_all!, optimized where query and more!

Hello Everyone! This is Vipul, bringing you this week’s changes in the Rails codebase. Rails World Call for Papers now open This CFP is open until June 16, with space in the agenda for 26 talks on two tracks, and up to six workshops. Read the full announcement for more details and submit your proposal! Introduce ActiveRecord.disconnect...
Read more
May 12, 2023

Rails World CFP, picture_tag helper and more!

Hi, this is Greg, bringing you this week’s changes in the Rails codebase. Rails World Call for Papers now open This CFP is open until June 16, with space in the agenda for 26 talks on two tracks, and up to six workshops. Read the full announcement for more details and submit your proposal! Prevent duplicate filters for encrypted attrib...
Read more
May 5, 2023

This Week in Rails: Rails World tickets waiting list, caching improvements and more!

Hi, it’s Greg, bringing you this week’s changes in the Rails codebase. Rails World tickets waiting list Many of you asked if there is a waiting list where you can be informed when Rails World tickets go on sale, and the Rails Foundation listened. Sign up here to be alerted when we release Early Bird tickets:
Read more
April 28, 2023

End of April 2023 Edition

Hi, it’s zzak. ✈ RailsConf has come to a close, and Golden Week is upon us here in Japan. Lots to catch up on in This Week in Rails. Many documentation improvements to extend our SEO posture The venerable @p8 has been very busy trying to improve Rails documentation fortune with search engines. On the topic of documentation, the Postgre...
Read more
April 21, 2023

The beginning of Trilogy, ChatGPT as a contributor

Hi. Wojtek here. We had 88 contributors this week including ChatGPT! Let’s explore the changes. AppSignal is the newest contributing member of The Rails Foundation It’s the third company to join The Rails Foundation as a contributing member. Introduce adapter for Trilogy Trilogy is a client library for MySQL-compatible database servers...
Read more
April 14, 2023

A week dedicated to composite primary keys 😎

Saluton! That's Esperanto for "Hello!" 😜... Emmanuel Hayford here, let's see what's new in Rails as we gear up for Composite Primary Keys (CPKs) support. But first, here's a fine opportunity for junior Ruby on Rails developers: As part of preparations for the upcoming Rails World conference in Amsterdam, Netherlands this year, The Rail...
Read more
April 7, 2023

A new conference, new Action Mailer callbacks and more!

Hi, it’s Greg, bringing you the latest news about Ruby on Rails. We have exciting news from the Rails Foundation! The first-ever Rails World Conference is coming! Join the community on October 5 & 6 in Amsterdam, Netherlands, for keynotes, technical sessions, and all things Rails. A website with tickets and a CFP is coming soon! You ca...
Read more
March 31, 2023

March 31st 2023 edition 🌸

Hi, it’s zzak, writing in from Aomori, Japan, home of the great Jonan Scheffler. 2023 is officially 25% over, time to enjoy 🌸 and explore this week’s changes in the Rails codebase. Add debug gem back to the Gemfile template With the release of Ruby v3.2.2, which happened today, we can safely add the “debug” gem back to the Gemfile temp...
Read more
March 24, 2023

Composite primary keys improvements and more

Hi, it’s Wojtek with this week’s changes in the Rails codebase. Allow specifying WHERE clauses with column-tuple syntax. Querying through Active Record where now accepts a tuple syntax which accepts, as a key, an array of columns and, as a value, an array of corresponding tuples. This improves support for composite primary keys. Accept...
Read more
March 17, 2023

TestFixtures#fixture_path deprecation, FinderMethods#find support for composite primary key values, etc.

Kaixo! Long time no see. Emmanuel Hayford here. This week, a lot happened in Rails, so much so that to keep this edition short, I've had to cut some equally goodpull requests out. Here's what I have for you today: Allow querying by the whole record for composite query constraints Suppose you have defined an association between two mode...
Read more
March 10, 2023

This Week in Rails: Improve custom namespace autoloading, Object#with and more!

Hi, this is Greg, bringing you the latest changes in the Rails codebase. Lockdown rails app in production for security Current Dockerfile generated by Rails runs as a non-root user which prevents modification of the operating system but leaves wide open all gems and the application itself. This change locks down the application gems an...
Read more
March 3, 2023

🎎 First edition of March

Hi, it’s zzak. Let’s explore this week’s changes in the Rails codebase. Turbo v7.3.0 is out! Be sure to check the release notes to see what changed. Configurable digest algorithm for Active Record Encryption This adds a new option to configure the digest algorithm in Active Record Encryption. It sets SHA-256 as the new default starting...
Read more
February 24, 2023

The Rails Foundation update, perform_all_later in AJ and more

Hi, it’s Wojtek. Let’s dig into this week’s changes and announcements. Amanda Perino as new executive director for The Rails Foundation Please welcome Amanda to the job of leading the mission to improve the documentation, education, marketing, and events in the Rails ecosystem. Add ActiveJob.perform_all_later to enqueue multiple jobs a...
Read more
February 17, 2023

This Week in Rails: preloading associations with composite keys and more!

Hi, this is Greg, bringing you this week’s changes in the Rails codebase. Support preloading associations with composite keys This pull request adds support for Associations::Preloader to be able to preload associations associated by a composite foreign key (query_constraints) and by implication adds support for includes() relations. S...
Read more
February 10, 2023

Parameter filtering and an improved ActionView::Helpers::TagHelper#token_list

Përshëndetje! Emmanuel here with the usual stuff. filtered_path in ActionController::Instrumentation event payloads over fullpath For security reasons, some data need to be filtered before it reaches bad actors. Rails now filters parameters in paths that may include sensitive information in logs. Instead of passing fullpath to ActionCo...
Read more
February 3, 2023

Week 05: Spring is here?

Hi, it’s zzak, happy 節分! I’m very excited for spring, this winter has been tough! Let’s get into this week’s changes in the Rails codebase. Use infinitive form for all task descriptions verbs All the common rails commands and some extended commands use the infinitive form for the verb in the description: “Generate …”, “Start …”, “Run …...
Read more
January 27, 2023

New AssumeSSL middleware, raise on missing translations everywhere, and more

Hi, it's Wojtek. Let's explore this week's changes in the Rails codebase. Rails and have been released Released and versions addressing a compatibility issue with the and security releases from last week. Allow use of SSL-terminating reserve proxy that doesn't set headers Add ActionDispat...
Read more
January 20, 2023

Active Record regroup, CurrentAttributes name restrictions and more!

Hola, this is Greg, bringing you the latest changes from Rails. Raise exception when if a restricted attribute name is used with CurrentAttributes Attribute names like set and reset should not be used with ActiveSupport::CurrentAttributes, because they clash with its public API. With this change, an ArgumentError is raised when a restr...
Read more
January 13, 2023

An endpoint for uptime monitors, an improved help command, etc

Halløj. It's me again, bringing you the usual goodies from Rails. Show relevant commands when calling help This pull request improves the user experience by displaying the appropriate commands for the context in which the user is running rails -h or rails. When outside of a Rails application, the output will be the options for the rail...
Read more
January 6, 2023

First edition of 2023! 🥂

Long time no see! 新年明けましておめでとうございます!Zzak here to bring you the first This Week in Rails of.. *almost writes 2022*. 🤣 Spotlight I want to try something different, there has been one particular person that I feel deserves a Shout Out: Akira Matsuda. He has contributed 40 commits since the last episode..! His focus has been on incremental...
Read more
December 30, 2022

This Year in Rails, a summary of 2022!

Hey! This is Emmanuel, Greg and Wojciech, bringing you the summary of what happened with Rails in the past year. It was a busy year with 3131 commits from 491 contributors and 31 releases! We carefully selected the most significant pull requests for inclusion, but it is possible that we may have overlooked some due to the need to keep ...
Read more
December 23, 2022

Rails on Docker, local? environment inquirer and more!

Hi there, this is Greg, bringing you the latest changes in Rails! Only include all_queries default scopes on reload This pull request changes the current behaviour on reload, which applies all the default scopes, if any are marked as all_queries: true. The correct behaviour is to only apply all_queries: true default scopes on reload. A...
Read more
December 16, 2022

Documentation on preloading STIs, TimeHelpers improvement, etc

नमस्ते, This is Emmanuel Hayford with some updates from Rails! Hide changes to before_committed! behaviour behind config This PR introduces a new configuration option that will enable before_committed! callbacks on all enrolled records in a transaction by default in Rails 7.1. Previously, callbacks were only run on the first copy of a ...
Read more
December 9, 2022

Disabled IRB autocompletion, bugfixes and more!

Hi, this is Greg, bringing you the latest news about Rails. Replace method_source gem with Ripper With this change, Ripper is used to determine the last line number of a given test method to support running tests by line number. Disable Rails console IRB's autocompletion in production by default Autocompletion increases data transmissi...
Read more

See more posts »