Update dependency rails to v7.1.3.2 - autoclosed #335
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
7.0.7.2
->7.1.3.2
Release Notes
rails/rails (rails)
v7.1.3.2
Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
raise_on_missing_translations
not working correctly with thetranslate
method in controllers after the patch for CVE-2024-26143.Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v7.1.3.1
: 7.1.3.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Fix possible XSS vulnerability with the
translate
method in controllersCVE-2024-26143
Fix ReDoS in Accept header parsing
CVE-2024-26142
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v7.1.3
: 7.1.3Compare Source
Active Support
Handle nil
backtrace_locations
inActiveSupport::SyntaxErrorProxy
.Eugene Kenny
Fix
ActiveSupport::JSON.encode
to prevent duplicate keys.If the same key exist in both String and Symbol form it could
lead to the same key being emitted twice.
Manish Sharma
Fix
ActiveSupport::Cache::Store#read_multi
when using a cache namespaceand local cache strategy.
Mark Oleson
Fix
Time.now/DateTime.now/Date.today
to return results in a system timezone after#travel_to
.There is a bug in the current implementation of #travel_to:
it remembers a timezone of its argument, and all stubbed methods start
returning results in that remembered timezone. However, the expected
behaviour is to return results in a system timezone.
Aleksei Chernenkov
Fix
:unless_exist
option forMemoryStore#write
(et al) when using acache namespace.
S. Brent Faulkner
Fix ActiveSupport::Deprecation to handle blaming generated code.
Jean Boussier, fatkodima
Active Model
Active Record
Fix Migrations with versions older than 7.1 validating options given to
add_reference
.Hartley McGuire
Ensure
reload
sets correct owner for each association.Dmytro Savochkin
Fix view runtime for controllers with async queries.
fatkodima
Fix
load_async
to work with query cache.fatkodima
Fix polymorphic
belongs_to
to correctly use parent'squery_constraints
.fatkodima
Fix
Preloader
to not generate a query for already loaded association withquery_constraints
.fatkodima
Fix multi-database polymorphic preloading with equivalent table names.
When preloading polymorphic associations, if two models pointed to two
tables with the same name but located in different databases, the
preloader would only load one.
Ari Summer
Fix
encrypted_attribute?
to take into account context properties passed toencrypts
.Maxime Réty
Fix
find_by
to work correctly in presence of composite primary keys.fatkodima
Fix async queries sometimes returning a raw result if they hit the query cache.
ShipPart.async_count
could return a raw integer rather than a Promiseif it found the result in the query cache.
fatkodima
Fix
Relation#transaction
to not apply a default scope.The method was incorrectly setting a default scope around its block:
Jean Boussier
Fix calling
async_pluck
on anone
relation.Model.none.async_pluck(:id)
was returning a naked valueinstead of a promise.
Jean Boussier
Fix calling
load_async
on anone
relation.Model.none.load_async
was returning a broken result.Lucas Mazza
TrilogyAdapter: ignore
host
ifsocket
parameter is set.This allows to configure a connection on a UNIX socket via DATABASE_URL:
Jean Boussier
Fix
has_secure_token
calls the setter method on initialize.Abeid Ahmed
Allow using
object_id
as a database column name.It was available before rails 7.1 and may be used as a part of polymorphic relationship to
object
whereobject
can be any other database record.Mikhail Doronin
Fix
rails db:create:all
to not touch databases before they are created.fatkodima
Action View
Better handle SyntaxError in Action View.
Mario Caropreso
Fix
word_wrap
with empty string.Jonathan Hefner
Rename
ActionView::TestCase::Behavior::Content
toActionView::TestCase::Behavior::RenderedViewContent
.Make
RenderedViewContent
inherit fromString
. Make private API with:nodoc:
.Sean Doyle
Fix detection of required strict locals.
Further fix
render @​collection
compatibility with strict localsJean Boussier
Action Pack
Fix including
Rails.application.routes.url_helpers
directly in anActiveSupport::Concern.
Jonathan Hefner
Fix system tests when using a Chrome binary that has been downloaded by
Selenium.
Jonathan Hefner
Active Job
Do not trigger immediate loading of
ActiveJob::Base
when loadingActiveJob::TestHelper
.Maxime Réty
Preserve the serialized timezone when deserializing
ActiveSupport::TimeWithZone
arguments.Joshua Young
Fix ActiveJob arguments serialization to correctly serialize String subclasses having custom serializers.
fatkodima
Action Mailer
Action Cable
Active Storage
Fix N+1 query when fetching preview images for non-image assets.
Aaron Patterson & Justin Searls
Fix all Active Storage database related models to respect
ActiveRecord::Base.table_name_prefix
configuration.Chedli Bourguiba
Fix
ActiveStorage::Representations::ProxyController
not returning the properpreview image variant for previewable files.
Chedli Bourguiba
Fix
ActiveStorage::Representations::ProxyController
to proxy untrackedvariants.
Chedli Bourguiba
Fix direct upload forms when submit button contains nested elements.
Marc Köhlbrugge
When using the
preprocessed: true
option, avoid enqueuing transform jobsfor blobs that are not representable.
Chedli Bourguiba
Process preview image variant when calling
ActiveStorage::Preview#processed
.For example,
attached_pdf.preview(:thumb).processed
will now immediatelygenerate the full-sized preview image and the
:thumb
variant of it.Previously, the
:thumb
variant would not be generated until a further callto e.g.
processed.url
.Chedli Bourguiba and Jonathan Hefner
Prevent
ActiveRecord::StrictLoadingViolationError
when strict loading isenabled and the variant of an Active Storage preview has already been
processed (for example, by calling
ActiveStorage::Preview#url
).Jonathan Hefner
Fix
preprocessed: true
option for named variants of previewable files.Nico Wenterodt
Action Mailbox
Action Text
Railties
Make sure
config.after_routes_loaded
hook runs on boot.Rafael Mendonça França
Fix
config.log_level
not being respected when using aBroadcastLogger
Édouard Chin
Fix isolated engines to take
ActiveRecord::Base.table_name_prefix
into consideration.This will allow for engine defined models, such as inside Active Storage, to respect
Active Record table name prefix configuration.
Chedli Bourguiba
The
bin/rails app:template
command will no longer add potentially unwantedgem platforms via
bundle lock --add-platform=...
commands.Jonathan Hefner
v7.1.2
: 7.1.2Compare Source
Active Support
Fix
:expires_in
option forRedisCacheStore#write_multi
.fatkodima
Fix deserialization of non-string "purpose" field in Message serializer
Jacopo Beschi
Prevent global cache options being overwritten when setting dynamic options
inside a
ActiveSupport::Cache::Store#fetch
block.Yasha Krasnou
Fix missing
require
resulting inNoMethodError
when runningbin/rails secrets:show
orbin/rails secrets:edit
.Stephen Ierodiaconou
Ensure
{down,up}case_first
returns non-frozen string.Jonathan Hefner
Fix
#to_fs(:human_size)
to correctly work with negative numbers.Earlopain
Fix
BroadcastLogger#dup
so that it duplicates the logger'sbroadcasts
.Andrew Novoselac
Fix issue where
bootstrap.rb
overwrites thelevel
of aBroadcastLogger
'sbroadcasts
.Andrew Novoselac
Fix
ActiveSupport::Cache
to handle outdated Marshal payload from Rails 6.1 format.Active Support's Cache is supposed to treat a Marshal payload that can no longer be
deserialized as a cache miss. It fail to do so for compressed payload in the Rails 6.1
legacy format.
Jean Boussier
Fix
OrderedOptions#dig
for array indexes.fatkodima
Fix time travel helpers to work when nested using with separate classes.
fatkodima
Fix
delete_matched
for file cache store to work with keys longer than themax filename size.
fatkodima and Jonathan Hefner
Fix compatibility with the
semantic_logger
gem.The
semantic_logger
gem doesn't behave exactly like stdlib logger in thatSemanticLogger#level
returns a Symbol while stdlibLogger#level
returns an Integer.This caused the various
LogSubscriber
classes in Rails to break when assigned aSemanticLogger
instance.Jean Boussier, ojab
Active Model
Make
==(other)
method of AttributeSet safe.Dmitry Pogrebnoy
Active Record
Fix renaming primary key index when renaming a table with a UUID primary key
in PostgreSQL.
fatkodima
Fix
where(field: values)
queries whenfield
is a serialized attribute(for example, when
field
usesActiveRecord::Base.serialize
or is a JSONcolumn).
João Alves
Prevent marking broken connections as verified.
Daniel Colson
Don't mark Float::INFINITY as changed when reassigning it
When saving a record with a float infinite value, it shouldn't mark as changed
Maicol Bentancor
ActiveRecord::Base.table_name
now returnsnil
instead of raising"undefined method
abstract_class?
for Object:Class".a5-stable
Fix upserting for custom
:on_duplicate
and:unique_by
consisting of allinserts keys.
fatkodima
Fixed an issue where saving a
record could innappropriately
dup
its attributes.Jonathan Hefner
Dump schema only for a specific db for rollback/up/down tasks for multiple dbs.
fatkodima
Fix
NoMethodError
when casting a PostgreSQLmoney
value that uses acomma as its radix point and has no leading currency symbol. For example,
when casting
"3,50"
.Andreas Reischuck and Jonathan Hefner
Re-enable support for using
enum
with non-column-backed attributes.Non-column-backed attributes must be previously declared with an explicit
type. For example:
Jonathan Hefner
Raise on
foreign_key:
being passed as an array in associationsNikita Vasilevsky
Return back maximum allowed PostgreSQL table name to 63 characters.
fatkodima
Fix detecting
IDENTITY
columns for PostgreSQL < 10.fatkodima
Action View
Fix the
number_to_human_size
view helper to correctly work with negative numbers.Earlopain
Automatically discard the implicit locals injected by collection rendering for template that can't accept them
When rendering a collection, two implicit variables are injected, which breaks templates with strict locals.
Now they are only passed if the template will actually accept them.
Yasha Krasnou, Jean Boussier
Fix
@rails/ujs
callingstart()
an extra time when using bundlersHartley McGuire, Ryunosuke Sato
Fix the
capture
view helper compatibility with HAML and SlimWhen a blank string was captured in HAML or Slim (and possibly other template engines)
it would instead return the entire buffer.
Jean Boussier
Action Pack
Fix a race condition that could cause a
Text file busy - chromedriver
error with parallel system tests
Matt Brictson
Fix
StrongParameters#extract_value
to include blank valuesOtherwise composite parameters may not be parsed correctly when one of the
component is blank.
fatkodima, Yasha Krasnou, Matthias Eiglsperger
Add
racc
as a dependency since it will become a bundled gem in Ruby 3.4.0Hartley McGuire
Support handling Enumerator for non-buffered responses.
Zachary Scott
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Compile ESM package that can be used directly in the browser as actiontext.esm.js
Matias Grunberg
Fix using actiontext.js with Sprockets
Matias Grunberg
Upgrade Trix to 2.0.7
Hartley McGuire
Fix using Trix with Sprockets
Hartley McGuire
Railties
Fix running
db:system:change
when app has no Dockerfile.Hartley McGuire
If you accessed
config.eager_load_paths
and friends, later changes toconfig.paths
were not reflected in the expected auto/eager load paths.Now, they are.
This bug has been latent since Rails 3.
Fixes #49629.
Xavier Noria
v7.1.1
: 7.1.1Compare Source
Active Support
Add support for keyword arguments when delegating calls to custom loggers from
ActiveSupport::BroadcastLogger
.Jenny Shen
NumberHelper
: handle objects respondingto_d
.fatkodima
Fix RedisCacheStore to properly set the TTL when incrementing or decrementing.
This bug was only impacting Redis server older than 7.0.
Thomas Countz
Fix MemoryStore to prevent race conditions when incrementing or decrementing.
Pierre Jambet
Active Model
Active Record
Fix auto populating IDENTITY columns for PostgreSQL.
fatkodima
Fix "ArgumentError: wrong number of arguments (given 3, expected 2)" when
down migrating
rename_table
in older migrations.fatkodima
Do not require the Action Text, Active Storage and Action Mailbox tables
to be present when running when running test on CI.
Rafael Mendonça França
Action View
Updated
@rails/ujs
files to ignore certain data-* attributes when element is contenteditable.This fix was already landed in >= 7.0.4.3, < 7.1.0.
[CVE-2023-23913]
Ryunosuke Sato
Action Pack
Active Job
Don't log enqueuing details when the job wasn't enqueued.
Dustin Brown
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Ensures the Rails generated Dockerfile uses correct ruby version and matches Gemfile.
Abhay Nikam
v7.1.0
: 7.1.0Compare Source
Active Support
Fix
AS::MessagePack
withENV["RAILS_MAX_THREADS"]
.Jonathan Hefner
Add a new public API for broadcasting logs
This feature existed for a while but was until now a private API.
Broadcasting log allows to send log message to difference sinks (STDOUT, a file ...) and
is used by default in the development environment to write logs both on STDOUT and in the
"development.log" file.
Basic usage:
Adding other sink(s) to the broadcast:
Remove a sink from the broadcast:
Edouard Chin
Fix Range#overlap? not taking empty ranges into account on Ruby < 3.3
Nobuyoshi Nakada, Shouichi Kamiya, Hartley McGuire
Use Ruby 3.3 Range#overlap? if available
Yasuo Honda
Add
bigdecimal
as Active Support dependency that is a bundled gem candidate for Ruby 3.4.bigdecimal
3.1.4 or higher version will be installed.Ruby 2.7 and 3.0 users who want
bigdecimal
version 2.0.0 or 3.0.0 behavior as a default gem,pin the
bigdecimal
version in your application Gemfile.Koichi ITO
Add
drb
,mutex_m
andbase64
that are bundled gem candidates for Ruby 3.4Yasuo Honda
When using cache format version >= 7.1 or a custom serializer, expired and
version-mismatched cache entries can now be detected without deserializing
their values.
Jonathan Hefner
Make all cache stores return a boolean for
#delete
Previously the
RedisCacheStore#delete
would return1
if the entryexists and
0
otherwise. Now it returns true if the entry exists and falseotherwise, just like the other stores.
The
FileStore
would returnnil
if the entry doesn't exists and returnsfalse
now as well.Petrik de Heus
Active Support cache stores now support replacing the default compressor via
a
:compressor
option. The specified compressor must respond todeflate
and
inflate
. For example:compression logic...
decompression logic...
Active Support cache stores now support a
:serializer
option. Similar tothe
:coder
option, serializers must respond todump
andload
. However,serializers are only responsible for serializing a cached value, whereas
coders are responsible for serializing the entire
ActiveSupport::Cache::Entry
instance. Additionally, the output from serializers can be automatically
compressed, whereas coders are responsible for their own compression.
Specifying a serializer instead of a coder also enables performance
optimizations, including the bare string optimization introduced by cache
format version 7.1.
The
:serializer
and:coder
options are mutually exclusive. Specifyingboth will raise an
ArgumentError
.Jonathan Hefner
Fix
ActiveSupport::Inflector.humanize(nil)
raisingNoMethodError: undefined method `end_with?' for nil:NilClass
.James Robinson
Don't show secrets for
ActiveSupport::KeyGenerator#inspect
.Before:
After:
Petrik de Heus
Improve error message when EventedFileUpdateChecker is used without a
compatible version of the Listen gem
Hartley McGuire
Add
:report
behavior for DeprecationSetting
config.active_support.deprecation = :report
uses the errorreporter to report deprecation warnings to
ActiveSupport::ErrorReporter
.Deprecations are reported as handled errors, with a severity of
:warning
.Useful to report deprecations happening in production to your bug tracker.
Étienne Barrié
Rename
Range#overlaps?
to#overlap?
and add alias for backwards compatibilityChristian Schmidt
Fix
EncryptedConfiguration
returning incorrect values for someHash
methods
Hartley McGuire
Don't show secrets for
MessageEncryptor#inspect
.Before:
After:
Petrik de Heus
Don't show contents for
EncryptedConfiguration#inspect
.Before:
After:
Petrik de Heus
ERB::Util.html_escape_once
always returns anhtml_safe
string.This method previously maintained the
html_safe?
property of a string on the returnvalue. Because this string has been escaped, however, not marking it as
html_safe
causesentities to be double-escaped.
As an example, take this view snippet:
Before this change, that would be double-escaped and render as:
After this change, it renders correctly as:
Fixes #48256
Mike Dalessio
Deprecate
SafeBuffer#clone_empty
.This method has not been used internally since Rails 4.2.0.
Mike Dalessio
MessageEncryptor
,MessageVerifier
, andconfig.active_support.message_serializer
now accept
:message_pack
and:message_pack_allow_marshal
as serializers.These serializers require the
msgpack
gem(>= 1.7.0).
The Message Pack format can provide improved performance and smaller payload
sizes. It also supports round-tripping some Ruby types that are not supported
by JSON. For example:
BEFORE with config.active_support.message_serializer = :json
=> [{"a"=>1}, {"b"=>2}, "1.0", "1969-12-31T18:00:00.000-06:00"]
=> [Hash, Hash, String, String]
AFTER with config.active_support.message_serializer = :message_pack
=> [{:a=>1}, {"b"=>2}, 0.1e1, 1969-12-31 18:00:00.000123 -0600]
=> [Hash, ActiveSupport::HashWithIndifferentAccess, BigDecimal, Time]
A new
7.1
cache format is available which includes an optimization forbare string values such as view fragments.
The
7.1
cache format is used by default for new apps, and existing appscan enable the format by setting
config.load_defaults 7.1
or by settingconfig.active_support.cache_format_version = 7.1
inconfig/application.rb
or a
config/environments/*.rb
file.Cache entries written using the
6.1
or7.0
cache formats can be readwhen using the
7.1
format. To perform a rolling deploy of a Rails 7.1upgrade, wherein servers that have not yet been upgraded must be able to
read caches from upgraded servers, leave the cache format unchanged on the
first deploy, then enable the
7.1
cache format on a subsequent deploy.Jonathan Hefner
Active Support cache stores can now use a preconfigured serializer based on
ActiveSupport::MessagePack
via the:serializer
option:The
:message_pack
serializer can reduce cache entry sizes and improveperformance, but requires the
msgpack
gem(>= 1.7.0).
The
:message_pack
serializer can read cache entries written by the defaultserializer, and the default serializer can now read entries written by the
:message_pack
serializer. These behaviors make it easy to migrate betweenserializer without invalidating the entire cache.
Jonathan Hefner
Object#deep_dup
no longer duplicate named classes and modules.Before:
After:
Jean Boussier
Consistently raise an
ArgumentError
if theActiveSupport::Cache
key is blank.Joshua Young
Deprecate usage of the singleton
ActiveSupport::Deprecation
.All usage of
ActiveSupport::Deprecation
as a singleton is deprecated, the most common one beingActiveSupport::Deprecation.warn
. Gem authors should now create their own deprecator (ActiveSupport::Deprecation
object), and use it to emit deprecation warnings.
Calling any of the following without specifying a deprecator argument is also deprecated:
Use of
ActiveSupport::Deprecation.silence
and configuration methods likebehavior=
,disallowed_behavior=
,disallowed_warnings=
should now be aimed at the application's deprecators.code that emits deprecation warnings
Add
Object#with
to set and restore public attributes around a blockJean Boussier
Remove deprecated support to generate incorrect RFC 4122 UUIDs when providing a namespace ID that is not one of the
constants defined on
Digest::UUID
.Rafael Mendonça França
Deprecate
config.active_support.use_rfc4122_namespaced_uuids
.Rafael Mendonça França
Remove implicit conversion of objects into
String
byActiveSupport::SafeBuffer
.Rafael Mendonça França
Remove deprecated
active_support/core_ext/range/include_time_with_zone
file.Rafael Mendonça França
Deprecate
config.active_support.remove_deprecated_time_with_zone_name
.Rafael Mendonça França
Remove deprecated override of
ActiveSupport::TimeWithZone.name
.Rafael Mendonça França
Deprecate
config.active_support.disable_to_s_conversion
.Rafael Mendonça França
Remove deprecated option to passing a format to
#to_s
inArray
,Range
,Date
,DateTime
,Time
,BigDecimal
,Float
and,Integer
.Rafael Mendonça França
Remove deprecated
ActiveSupport::PerThreadRegistry
.Rafael Mendonça França
Remove deprecated override of
Enumerable#sum
.Rafael Mendonça França
Deprecated initializing a
ActiveSupport::Cache::MemCacheStore
with an instance ofDalli::Client
.Deprecate the undocumented option of providing an already-initialized instance of
Dalli::Client
toActiveSupport::Cache::MemCacheStore
. Such clients could be configured with unrecognized options, which could lead to unexpected behavior. Instead, provide addresses as documented.aledustet
Stub
Time.new()
inTimeHelpers#travel_to
Inside the
travel_to
blockTime.new
is stubbedRaise
ActiveSupport::MessageEncryptor::InvalidMessage
fromActiveSupport::MessageEncryptor#decrypt_and_verify
regardless of cipher.Previously, when a
MessageEncryptor
was using a non-AEAD cipher such asAES-256-CBC, a corrupt or tampered message would raise
ActiveSupport::MessageVerifier::InvalidSignature
. Now, all ciphers raisethe same error:
=> raises ActiveSupport::MessageEncryptor::InvalidMessage
BEFORE:
=> raises ActiveSupport::MessageVerifier::InvalidSignature
AFTER:
=> raises ActiveSupport::MessageEncryptor::InvalidMessage
Support
nil
original values when usingActiveSupport::MessageVerifier#verify
.Previously,
MessageVerifier#verify
did not work withnil
originalvalues, though both
MessageVerifier#verified
andMessageEncryptor#decrypt_and_verify
do:=> nil
=> nil
BEFORE:
=> raises ActiveSupport::MessageVerifier::InvalidSignature
AFTER:
=> nil
Maintain
html_safe?
on html_safe strings when sliced withslice
,slice!
, orchr
method.Previously,
html_safe?
was only maintained when the html_safe strings were slicedwith
[]
method. Now,slice
,slice!
, andchr
methods will maintainhtml_safe?
like[]
method.maintain html_safe? after the slice!
Add
Object#in?
support for open ranges.Ignacio Galindo
config.i18n.raise_on_missing_translations = true
now raises on any missing translation.Previously it would only raise when called in a view or controller. Now it will raise
anytime
I18n.t
is provided an unrecognised key.If you do not want this behaviour, you can customise the i18n exception handler. See the
upgrading guide or i18n guide for more information.
Alex Ghiculescu
ActiveSupport::CurrentAttributes
now raises if a restricted attribute name is used.Attributes such as
set
andreset
cannot be used as they clash with theCurrentAttributes
public API.Alex Ghiculescu
HashWithIndifferentAccess#transform_keys
now takes a Hash argument, justas Ruby's
Hash#transform_keys
does.Akira Matsuda
delegate
now defines method with proper arity when delegating to a Class.With this change, it defines faster method (3.5x faster with no argument).
However, in order to gain this benefit, the delegation target method has to
be defined before declaring the delegation.
This defines 3.5 times faster method than before
This works but silently falls back to old behavior because
delegate
cannot find the definition ofx
assert_difference
message now includes what changed.This makes it easier to debug non-obvious failures.
Before:
After:
Alex Ghiculescu
Add ability to match exception messages to
assert_raises
assertionInstead of this
you can now write this
fatkodima
Add
Rails.env.local?
shorthand forRails.env.development? || Rails.env.test?
.DHH
ActiveSupport::Testing::TimeHelpers
now accepts namedwith_usec
argumentto
freeze_time
,travel
, andtravel_to
methods. Passing true preventstruncating the destination time with
change(usec: 0)
.KevSlashNull, and serprex
ActiveSupport::CurrentAttributes.resets
now accepts a method nameThe block API is still the recommended approach, but now both APIs are supported:
Alex Ghiculescu
Ensure
ActiveSupport::Testing::Isolation::Forking
closes pipesPreviously,
Forking.run_in_isolation
opened two ends of a pipe. The forkprocess closed the read end, wrote to it, and then terminated (which
presumably closed the file descriptors on its end). The parent process
closed the write end, read from it, and returned, never closing the read
end.
This resulted in an accumulation of open file descriptors, which could
cause errors if the limit is reached.
Sam Bostock
Fix
Time#change
andTime#advance
for times around the end of DaylightSaving Time.
Previously, when
Time#change
orTime#advance
constructed a time insidethe final stretch of Daylight Saving Time (DST), the non-DST offset would
always be chosen for local times:
DST ended just before 2021-11-07 2:00:00 AM in US/Eastern.
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
=> 2021-11-06 01:00:00 -0400
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-08 01:00:00 -0500
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-06 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0400
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
=> 2021-11-08 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
=> 2021-11-07 01:00:00 -0500
Fix MemoryStore to preserve entries TTL when incrementing or decrementing
This is to be more consistent with how MemCachedStore and RedisCacheStore behaves.
Jean Boussier
Rails.error.handle
andRails.error.record
filter now by multiple error classes.Martin Spickermann
Class#subclasses
andClass#descendants
now automatically filter reloaded classes.Previously they could return old implementations of reloadable classes that have been
dereferenced but not yet garbage collected.
They now automatically filter such classes like
DescendantTracker#subclasses
andDescendantTracker#descendants
.Jean Boussier
Rails.error.report
now marks errors as reported to avoid reporting them twice.In some cases, users might want to report errors explicitly with some extra context
before letting it bubble up.
This also allows to safely catch and report errors outside of the execution context.
Jean Boussier
Add
assert_error_reported
andassert_no_error_reported
Allows to easily asserts an error happened but was handled
...
ActiveSupport::Deprecation
behavior callbacks can now receive thedeprecator instance as an argument. This makes it easier for such callbacks
to change their behavior based on the deprecator's state. For example,
based on the deprecator's
debug
flag.3-arity and splat-args callbacks such as the following will now be passed
the deprecator instance as their third argument:
->(message, callstack, deprecator) { ... }
->(*args) { ... }
->(message, *other_args) { ... }
2-arity and 4-arity callbacks such as the following will continue to behave
the same as before:
->(message, callstack) { ... }
->(message, callstack, deprecation_horizon, gem_name) { ... }
->(message, callstack, *deprecation_details) { ... }
Jonathan Hefner
ActiveSupport::Deprecation#disallowed_warnings
now affects the instance onwhich it is configured.
This means that individual
ActiveSupport::Deprecation
instances can beconfigured with their own disallowed warnings, and the global
ActiveSupport::Deprecation.disallowed_warnings
now only affects the globalActiveSupport::Deprecation.warn
.Before
After
Note that global
ActiveSupport::Deprecation
methods such asActiveSupport::Deprecation.warn
and
ActiveSupport::Deprecation.disallowed_warnings
have been deprecated.Jonathan Hefner
Add italic and underline support to
ActiveSupport::LogSubscriber#color
Previously, only bold text was supported via a positional argument.
This allows for bold, italic, and underline options to be specified
for colored logs.
Gannon McGibbon
Add
String#downcase_first
method.This method is the corollary of
String#upcase_first
.Mark Schneider
thread_mattr_accessor
will call.dup.freeze
on non-frozen default values.This provides a basic level of protection against different threads trying
to mutate a shared default object.
Jonathan Hefner
Add
raise_on_invalid_cache_expiration_time
config toActiveSupport::Cache::Store
Specifies if an
ArgumentError
should be raised ifRails.cache
fetch
orwrite
are given an invalidexpires_at
orexpires_in
time.Options are
true
, andfalse
. Iffalse
, the exception will be reportedas
handled
and logged instead. Defaults totrue
ifconfig.load_defaults >= 7.1
.Trevor Turk
ActiveSupport::Cache:Store#fetch
now passes an options accessor to the block.It makes possible to override cache options:
set cache's TTL to match token's TTL
default
option ofthread_mattr_accessor
now applies through inheritance andalso across new threads.
Previously, the
default
value provided was set only at the moment of definingthe attribute writer, which would cause the attribute to be uninitialized in
descendants and in other threads.
Fixes #43312.
Thierry Deo
Redis cache store is now compatible with redis-rb 5.0.
Jean Boussier
Add
skip_nil:
support toActiveSupport::Cache::Store#fetch_multi
.Daniel Alfaro
Add
quarter
method to date/timeMatt Swanson
Fix
NoMethodError
on customActiveSupport::Deprecation
behavior.ActiveSupport::Deprecation.behavior=
was supposed to accept any objectthat responds to
call
, but in fact its internal implementation assumed thatthis object could respond to
arity
, so it was restricted to onlyProc
objects.This change removes this
arity
restriction of custom behaviors.Ryo Nakamura
Support
:url_safe
option forMessageEncryptor
.The
MessageEncryptor
constructor now accepts a:url_safe
option, similarto the
MessageVerifier
constructor. When enabled, this option ensuresthat messages use a URL-safe encoding.
Jonathan Hefner
Add
url_safe
option toActiveSupport::MessageVerifier
initializerActiveSupport::MessageVerifier.new
now takes optionalurl_safe
argument.It can generate URL-safe strings by passing
url_safe: true
.This option is
false
by default to be backwards compatible.Shouichi Kamiya
Enable connection pooling by default for
MemCacheStore
andRedisCacheStore
.If you want to disable connection pooling, set
:pool
option tofalse
when configuring the cache store:fatkodima
Add
force:
support toActiveSupport::Cache::Store#fetch_multi
.fatkodima
Deprecated
:pool_size
and:pool_timeout
options for configuring connection pooling in cache stores.Use
pool: true
to enable pooling with default settings:Or pass individual options via
:pool
option:fatkodima
Allow #increment and #decrement methods of
ActiveSupport::Cache::Store
subclasses to set new values.
Previously incrementing or decrementing an unset key would fail and return
nil. A default will now be assumed and the key will be created.
Andrej Blagojević, Eugene Kenny
Add
skip_nil:
support toRedisCacheStore
Joey Paris
ActiveSupport::Cache::MemoryStore#write(name, val, unless_exist:true)
nowcorrectly writes expired keys.
Alan Savage
ActiveSupport::ErrorReporter
now accepts and forward asource:
parameter.This allow libraries to signal the origin of the errors, and reporters
to easily ignore some sources.
Jean Boussier
Fix and add protections for XSS in
ActionView::Helpers
andERB::Util
.Add the method
ERB::Util.xml_name_escape
to escape dangerous charactersin names of tags and names of attributes, following the specification of XML.
Álvaro Martín Fraguas
Respect
ActiveSupport::Logger.new
's:formatter
keyword argumentThe stdlib
Logger::new
allows passing a:formatter
keyword argument toset the logger's formatter. Previously
ActiveSupport::Logger.new
ignoredthat argument by always setting the formatter to an instance of
ActiveSupport::Logger::SimpleFormatter
.Steven Harman
Deprecate preserving the pre-Ruby 2.4 behavior of
to_time
With Ruby 2.4+ the default for +to_time+ changed from converting to the
local system time to preserving the offset of the receiver. At the time Rails
supported older versions of Ruby so a compatibility layer was added to assist
in the migration process. From Rails 5.0 new applications have defaulted to
the Ruby 2.4+ behavior and since Rails 7.0 now only supports Ruby 2.7+
this compatibility layer can be safely removed.
To minimize any noise generated the deprecation warning only appears when the
setting is configured to
false
as that is the only scenario where theremoval of the compatibility layer has any effect.
Andrew White
Pathname.blank?
only returns true forPathname.new("")
Previously it would end up calling
Pathname#empty?
which returned trueif the path existed and was an empty directory or file.
That behavior was unlikely to be expected.
Jean Boussier
Deprecate
Notification::Event
's#children
and#parent_of?
John Hawthorn
Change the default serializer of
ActiveSupport::MessageVerifier
fromMarshal
toActiveSupport::JSON
when usingconfig.load_defaults 7.1
.Messages serialized with
Marshal
can still be read, but new messages willbe serialized with
ActiveSupport::JSON
. For more information, seehttps://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer.
Saba Kiaei, David Buckley, and Jonathan Hefner
Change the default serializer of
ActiveSupport::MessageEncryptor
fromMarshal
toActiveSupport::JSON
when usingconfig.load_defaults 7.1
.Messages serialized with
Marshal
can still be read, but new messages willbe serialized with
ActiveSupport::JSON
. For more information, seehttps://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer.
Zack Deveau, Martin Gingras, and Jonathan Hefner
Add
ActiveSupport::TestCase#stub_const
to stub a constant for the duration of a yield.DHH
Fix
ActiveSupport::EncryptedConfiguration
to be compatible with Psych 4Stephen Sugden
Improve
File.atomic_write
error handlingDaniel Pepper
Fix
Class#descendants
andDescendantsTracker#descendants
compatibility with Ruby 3.1.The native
Class#descendants
was reverted prior to Ruby 3.1 release,but
Class#subclasses
was kept, breaking the feature detection.Jean Boussier
Active Model
Remove change in the typography of user facing error messages.
For example, “can’t be blank” is again “can't be blank”.
Rafael Mendonça França
Support composite identifiers in
to_key
to_key
avoids wrapping#id
value into anArray
if#id
already an arrayNikita Vasilevsky
Add
ActiveModel::Conversion.param_delimiter
to configure delimiter being used into_param
Nikita Vasilevsky
undefine_attribute_methods
undefines alias attribute methods along with attribute methods.Nikita Vasilevsky
Error.full_message now strips ":base" from the message.
zzak
Add a load hook for
ActiveModel::Model
(namedactive_model
) to match the load hook forActiveRecord::Base
and allow for overriding aspects of theActiveModel::Model
class.Lewis Buckley
Improve password length validation in ActiveModel::SecurePassword to consider byte size for BCrypt
compatibility.
The previous password length validation only considered the character count, which may not
accurately reflect the 72-byte size limit imposed by BCrypt. This change updates the validation
to consider both character count and byte size while keeping the character length validation in place.
ChatGPT, Guillermo Iguaran
has_secure_password
now generates an#{attribute}_salt
method that returns the saltused to compute the password digest. The salt will change whenever the password is changed,
so it can be used to create single-use password reset tokens with
generates_token_for
:Lázaro Nixon
Improve typography of user facing error messages. In English contractions,
the Unicode APOSTROPHE (
U+0027
) is now RIGHT SINGLE QUOTATION MARK(
U+2019
). For example, "can't be blank" is now "can’t be blank".Jon Dufresne
Add class to
ActiveModel::MissingAttributeError
error message.Show which class is missing the attribute in the error message:
=> ActiveModel::MissingAttributeError: missing attribute 'user_id' for Pet
Raise
NoMethodError
inActiveModel::Type::Value#as_json
to avoid unpredictableresults.
Vasiliy Ermolovich
Custom attribute types that inherit from Active Model built-in types and do
not override the
serialize
method will now benefit from an optimizationwhen serializing attribute values for the database.
For example, with a custom type like the following:
Serializing the
email
attribute for the database will be roughly twice asfast. More expensive
cast
operations will likely see greater improvements.Jonathan Hefner
has_secure_password
now supports password challenges via apassword_challenge
accessor and validation.A password challenge is a safeguard to verify that the current user is
actually the password owner. It can be used when changing sensitive model
fields, such as the password itself. It is different than a password
confirmation, which is used to prevent password typos.
When
password_challenge
is set, the validation checks that the value'sdigest matches the currently persisted
password_digest
(i.e.password_digest_was
).This allows a password challenge to be done as part of a typical
update
call, just like a password confirmation. It also allows a password
challenge error to be handled in the same way as other validation errors.
For example, in the controller, instead of:
...
...
Support infinite ranges for
LengthValidator
s:in
/:within
optionsfatkodima
Add support for beginless ranges to inclusivity/exclusivity validators:
Bo Jeanes
Make validators accept lambdas without record argument
Before
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.