Ruby on Rails

Syndicate content
Updated: 2 min 55 sec ago

This week in Rails: Relation#or, file fixtures, kwargs and more!

16 hours 55 min ago

It is that time of the week again!

This is Greg, bringing you this week's interesting commits and pull requests from Rails.

Featured This week's Rails contributors

Let's start with a big thank you for all the people who helped this week to make Rails better!

New Stuff Added #or to ActiveRecord::Relation

A long waited feature is added to ActiveRecord and from now on you can combine two ActiveRecord relation with the or operator.

ActiveSupport::Testing::FileFixtures

With this addition to ActiveSupport::Testing there is no need to write custom helpers for testing features requiring a sample file (i.e. file uploads).

Use kwargs in the test's HTTP methods

Support for keyword arguments is added to the HTTP methods of the controller tests. An example of the new syntax:

Improved Improved performance of integration tests

delegate turned out to be a bottleneck at the URL generation in the integration tests. With this patch the integration tests of the applications should have a speedup.

Allow hyphenated names for plugins

From now on you can generate a Rails plugin with a hyphenated name (i.e. namespaced engines).

Deprecated *_via_redirect integration test methods are deprecated

The *_via_redirect methods are deprecated but do not fear, you can use follow_redirect! in your test suite for the same behaviour.

Fixed Fixed http basic authentication nil issue

When request.authorization returned nil, Rails raised a NoMethodError, but this is fixed now.

AR::Relation#group accepts SQL reserved keywords

This patch allows you to group by SQL reserved keywords with the group method of ActiveRecord.

One More Thing™ Arthur Nogueira Neves is a Rails Committer

Please welcome our newest Rails Committer!

Wrapping up

That's all for This week in Rails. As always, there are more changes than we have room to cover here, but feel free to check them out yourself!

P.S. If you enjoyed this newsletter, why not share it with your friends? :) If you wish to be part of this project please don't hesitate to contact Godfrey – there're a lot of ways you could help make this newsletter more awesome!

This week in Rails: model error details, drop table if exists and more!

Sat, 01/24/2015 - 01:01

It's Friday! Gotta get down on This Week in Rails!

This is Claudio, rushing to get you the weekly updates on interesting commits and pull requests from Rails.

Featured This week's Rails contributors

25 contributors helped Rails become a better framework. Keep the patches coming, and Rails 5 will be ready before you know it.

New Stuff ActiveModel::Errors#details

Given a user without an email, user.errors.details will return {email: [{error: :blank}]}. In some cases, this is more useful than the message {email: ["can't be blank"]} provided by user.errors.messages.
There's a good usage example in this blog post.

:if_exists option for drop_table

Writing drop_table(:users, if_exists: true) in a migration ensures that the migration will run without exceptions, whether or not the "users" table exists.

ActionController::Renderer

The ActionController::Base#render method can now output a template anywhere, even outside of a controller!

ActiveRecord::Base#accessed_fields

Calling @users = User.all to list all users works, but you can get better performance by indicating the exact fields you intend to access, for instance with @users = User.select(:name, :email).

The new @users.accessed_fields method will give you the list of fields accessed from the model, so you can easily optimize your queries using .select rather than .all.

Improved Speed up ActionController::Renderer

Everyone loves a pull request that speeds up Rails, especially if the performance gain is documented and verifiable.
When in doubt, always use benchmark/ips to provide benchmark results for comparison.

Wrapping up

That's all for This week in Rails. As always, there are more changes than we have room to cover here, but feel free to check them out yourself!

P.S. If you enjoyed this newsletter, why not share it with your friends? :) If you wish to be part of this project please don't hesitate to contact Godfrey – there're a lot of ways you could help make this newsletter more awesome!

This week in Rails: tokens migrations, method_source and more

Fri, 01/16/2015 - 22:30

Live from our servers, it's This Week in Rails!

As always we're your inside scoop of interesting commits, pull requests and more from Rails.

This is Kasper, and I'm ready to serve you this scoop. I tapped keys on the board in front of me to make words appear. It's quite the tapestry.

Let's get to it!

Featured This week's Rails contributors

33 contributors made this week happen. Pull Requests were merged, new friendships were made... I think I even heard someone say they saw a cat online. That's a rare sight, and part of what made this week special. Thanks everyone!

Tokens in migrations and model generators

As a follow up to last week's has_secure_token, both the migration and model generators can create token attributes.
rails g migration add_auth_token_to_users auth_token:token. rails g model user auth_token:token.
The model generator automatically adds has_secure_token :auth_token to your new model file.

New Stuff method_source added to the default Gemfile

On Rails 5 when you generate a new app, you'll find 'method_source' in your Gemfile. This gem extends the Method class with source and comment methods to aid your debugging. There's a good usage example in this comment.

Fixed Allow '1' or true for acceptance validation

Previously validates_acceptance_of would only accept '1' as a valid attribute value. Now you can assign true to an attribute and the validation will pass.

Time columns will be aware of application time zone

In Rails 5.1 your time columns will adhere to the time zone of your Rails application. To make the upgrade path smoother, the config.active_record.time_zone_aware_types option has been added. See the deprecation warning here for help.

One More Thing™ Validation callbacks tested with contexts

A feature you might not have heard about is validation contexts, which allow you to specify a context a callback should only be run for. Like this: before_validation callback, on: :create. The link shows a few tests being for this on before/after_validation. Here is a more advanced example.

Wrapping up

That's all for This week in Rails. As always, there are more changes than we have room to cover here, but feel free to check them out yourself!

P.S. If you enjoyed this newsletter, why not share it with your friends? :) If you wish to be part of this project please don't hesitate to contact Godfrey – there're a lot of ways you could help make this newsletter more awesome!

This week in Rails: a new beginning

Sat, 01/10/2015 - 02:00

Happy New Year, everyone!

It was only less than a year ago when I sent the first issue of This week in Rails to a total of 14 recipients, discussing some of the latest and greatest additions to the Rails codebase.

43 weeks later, this little hobby project has evolved into a true community effort –- we have assembled an amazing team of editors and other volunteers (join us!), keeping 2000 subscribers in the loop and highlighting some key contributions to our beloved web framework every week.

I am incredibly excited to announce that starting this week, we will be cross- posting the content from the newsletter to the Riding Rails blog. With this, we hope to reach even more members of our wonderful community, increase transparency, involve more of you in the decision-making processes and maybe even inspire some future contributors!

I would like to thank my team at Brewhouse and Goodbits for supporting the project and getting it off the ground, as well as all the volunteers who helped along the way. Of course, huge thank you to all of the Rails contributors who did all the hard work! <3 <3 <3

Without further ado, here is the first 2015 issue of This week in Rails!

Welcome to This week in Rails, your weekly inside scoop of interesting commits, pull requests and more from Rails.

Hi there this is Washington again!

Hope you all had the most gorgeous holidays ever doing things you love the most. The newsletter team is back to work and you should receive your Rails weekly news as usual. Here are some of the latest and greatest improvements, fixes and releases during the break.

Featured Ruby 2.2.0 Released

YAY! December 25th saw another important Ruby release. See the blog post for all the goodies in this new version and keep in mind Rails 5 will target Ruby 2.2+ exclusively. As of this week, Rails' master branch will only work on Ruby 2.2 or above.

Rails 4.0.13 and 4.1.9 have been released!

4.0.13 is last planned release for the 4.0 release series, so you should migrate off it as soon as possible. From here on, the 4.1 (you can thank Rafael) and 4.2 release series will continue to receive regular bug fixes. Consult the maintenance policy for details.

This week's Rails Contributors

Apparently holidays is no excuse for going to the beach all day long and having drinks away from computers. Rails community kept working hard during the break to keep improving the framework we appreciate so much. Thank you all!

New Stuff Halting callback chains by throwing :abort

As of Rails 5 callback chains won't be halted by returning false. Instead you should explicitly throw :abort. This will help keep things consistent among all frameworks included in Rails and avoid accidental halting caused by unexpected false return values.

New date helper

Working with days and weeks just got a bit easier. Keep in mind these new helpers on_weekend?, next_weekday, prev_weekday, next_day, prev_day. Perhaps you had even implemented them before yourself! Good thing Rails will have them out of the box now :)

has_secure_token in Active Record

Rails will ship with a new Active Record macro for generating base 58 tokens out of the box. There's probably a large amount of applications already using this feature. As of the next major release you won't need to add another dependency or implement it yourself.

Fixed More conventional filenames for mailers

Mailer generators now appends the _mailer suffix in the filename just like controller and jobs generators.

Rails 5.0 deprecations clean up

This week Rails got some more love with this major clean up (339 additions and 1,433 deletions) on its master branch. There's still some deprecations left though as the team figures how to best address them.

One More Thing™ Automatic type casting deprecated in Arel

Watch out library authors! Sean Griffin put a lot of effort into improving Arel extensibility. Please get in touch with him if you need APIs to help your use case. (See also these follow-up commits.)

Wrapping up

That's all for This week in Rails. As always, there are more changes than we have room to cover here, but feel free to check them out yourself!

P.S. If you enjoyed this newsletter, why not share it with your friends? :) If you wish to be part of this project please don't hesitate to contact Godfrey – there're a lot of ways you could help make this newsletter more awesome!

[ANN] Rails 4.1.9 and 4.0.13 have been released!

Tue, 01/06/2015 - 20:13

Hi everyone,

I am happy to announce that Rails 4.1.9 and 4.0.13 have been released.

This will be also the last release of 4.0 series as announced in a previous blog post.

As per our maintenance policy, the release of Rails 4.2.0 means bug fixes will only apply to 4-2-stable, regular security issues to 4.2.x, 4.1.x, and severe security issues to 4.2.x, 4.1.x, and 3.2.x. In addition to these already stated commitments, I agreed to also apply bug fixes to 4-1-stable until the Rails 5 release.

As before, we will announce in a future blog post when we will drop bug fixes support for Rails 4.1.

CHANGES since 4.0.12

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

CHANGES since 4.1.8

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you'd like to verify that your gem is the same as the one I've uploaded, please use these SHA-1 hashes.

Here are the checksums for 4.0.13:

$ shasum *4.0.13* 75f128ffb5813f6ec895a2f6c000a18531232bfb actionmailer-4.0.13.gem 7356b2d90904ea3e5854a5fd5c969ff5521ee6bf actionpack-4.0.13.gem 019bc6e77c2c430e52d93642bee8ad137ec288d8 activemodel-4.0.13.gem fb367963994f153f68b904b8508b215b60a6a0ca activerecord-4.0.13.gem 55cbd61d330d29fac50249d5ab9964e34a102f44 activesupport-4.0.13.gem e4d679c792f0a2faafe69fd87217320bc318fc03 rails-4.0.13.gem 856d1f60df48479c4faba3de6d3ffcfadeee2f6b railties-4.0.13.gem

Here are the checksums for 4.1.9:

$ shasum *4.1.9* 7d4a8ce21aa0429ec5fc05c64e2f64fa769a1c4a actionmailer-4.1.9.gem 37b3990b77669877ab675124662ca5c0e880e556 actionpack-4.1.9.gem baf6c54a9f411e9399dc7f9ad99aaa892a43293a actionview-4.1.9.gem cd9c214923ea0094fb65825b1866c3bc5b80fbdb activemodel-4.1.9.gem 330a753ec001e38834406c464e306c3c43e276b5 activerecord-4.1.9.gem 66904e1371b047348d0247c43b9f1c3c596671bf activesupport-4.1.9.gem 12a8b208566f4c822cc9199f51f60fd8baf010bc rails-4.1.9.gem 2c494849ac54b8b3238d23fe62c81da37ca08e1b railties-4.1.9.gem

I'd like to thank you all, every contributor who helped with this release.

[ANN] Rails 4.1.9.rc1 and 4.0.13.rc1 have been released!

Fri, 01/02/2015 - 00:56

Hi everyone,

I am happy to announce that Rails 4.1.9.rc1 and 4.0.13.rc1 have been released.

This is the first release of the year and it includes a lot of bug fixes. This will be also the last release of 4.0 series as announced in a previous blog post.

As per our maintenance policy, the release of Rails 4.2.0 means bug fixes will only apply to 4-2-stable, regular security issues to 4.2.x, 4.1.x, and severe security issues to 4.2.x, 4.1.x, and 3.2.x. In addition to these already stated commitments, I agreed to also apply bug fixes to 4-1-stable until the Rails 5 release.

As before, we will announce in a future blog post when we will drop bug fixes support for Rails 4.1.

If no regressions are found expect the final release this Tuesday, on January 6, 2015. If you find one, please open an issue on GitHub and mention me (@rafaelfranca) on it, so that we can fix it before the final release.

CHANGES since 4.0.12

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

CHANGES since 4.1.8

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you'd like to verify that your gem is the same as the one I've uploaded, please use these SHA-1 hashes.

Here are the checksums for 4.0.13.rc1:

$ shasum *4.0.13.rc1* bf4ddb5aa6eefc6e2495a1364974a5b396d94596 actionmailer-4.0.13.rc1.gem 2bf785e91159bba8fe324e2f48a72277f2b3cf33 actionpack-4.0.13.rc1.gem f9d92979e211ce7fa71252cf1b6b4ac94c7f0b91 activemodel-4.0.13.rc1.gem d5147f64e08a3f5aed4c22ff1ebf640ca6fc0ae3 activerecord-4.0.13.rc1.gem e6f1421262fd1064e973f3d2628c6129b4c20d17 activesupport-4.0.13.rc1.gem f7416fc8485bb8a622fb50e0dd2c3fa5ca4215fa rails-4.0.13.rc1.gem 8a0690bab5e43712e8e982fe02bf76ea989f9356 railties-4.0.13.rc1.gem

Here are the checksums for 4.1.9.rc1:

$ shasum *4.1.9.rc1* 8afbb9c71a8f6e0dff26daacde407fe35aac8375 actionmailer-4.1.9.rc1.gem a5fd439bc41844a3c02671d7425bfa71d96cfbf1 actionpack-4.1.9.rc1.gem a77aaa2f936445211e7455b3228a9bfe8f27a4ac actionview-4.1.9.rc1.gem 65a7acbf9ef9b47392a48ab4c9ace44f12ea1f60 activemodel-4.1.9.rc1.gem eb66d5c52f0740114de46e1a1b76a0079c723d1f activerecord-4.1.9.rc1.gem e758d54d7fabc7d23ff995646096f40d28df42a9 activesupport-4.1.9.rc1.gem 479a31dd8d9eea3de6f444139eaefc830c6db170 rails-4.1.9.rc1.gem dae65c526ec8ee3abab9a9e8807ad7b210b7941d railties-4.1.9.rc1.gem

I'd like to thank you all, every contributor who helped with this release.

Happy new year!

Rails 4.2: Active Job, Asynchronous Mails, Adequate Record, Web Console, Foreign Keys

Fri, 12/19/2014 - 21:00

We come bearing gifts! It's Rails 4.2, and the final version is ready just in time for Christmas. It's full of great toys, useful gizmos, and polished edges, courtesy of a fantastic community of merry elves who've been coding away with jolly glee for months.

This is probably also the most well-tested new major release of Rails in a long time. Through four betas and three release candidates, tons of people have helped ensure that regressions and bugs have been caught. Since the first beta, we have some 1600+ commits of spit and polish applied. So you have good reason to be excited!

To recap, here's a walkthrough of the major new goodies:

Active Job, ActionMailer #deliver_later

The headline feature for Rails 4.2 is the brand new Active Job framework, and its integrations. Active Job is an adapter layer on top of queuing systems like Resque, Delayed Job, Sidekiq, and more. You can write your jobs to Active Job, and they'll run on all these queues with no changes.

With an always-configured queue in place (though the default is just an inline runner), we can build on top of that where it makes sense. And the first place it makes sense is to send Action Mailer emails asynchronously. So we're introducing the #deliver_later method, which will do just that: Add your email to be sent as a job to a queue, so you don't bog down the controller or model. Voila!

The cherry on top is our new GlobalID library. It makes it easy to pass Active Record objects to jobs by serializing them in a generic form. This means you no longer have to manually pack and unpack your Active Records by passing ids. Just give the job the straight AR object, and it'll serialize it using GlobalID, and deserialize it at run time. So much easier!

Special thanks go out to Cristian Bica and Abdelkader Boudih for their outstanding work bringing this trinity of improvements to Rails!

Adequate Record

Aaron Patterson is always hunting for performance bounties in Rails, and with an improvement project called Adequate Record for Active Record, he's come up good. A lot of common queries are now no less than twice as fast in Rails 4.2! This is a great step forward for performance. While computers are constantly getting cheaper and performance is improving, nobody ever said "hey, get that free speed out of my framework". So there you go: Some free speed, buddy!

Web Console

Out of the wonderful Google Summer of Code for Rails campaign comes Web Console, which gives you a development console to inspect the state of affairs on all exception pages! It even allows you to jump between the different points in the backtrace, and you'll be able to inspect things right at that point.

It's a wonderful improvement to the debugging workflow. Thanks to Genadi Samokovarov and Ryan Dao for their work on this project.

Foreign Keys

Rails has long had a tumultuous relationship with foreign keys, but the drama days are now over. If you want to have foreign keys, you can have foreign keys, and Rails will still smile as it takes your order. The migration DSL gets add_foreign_key and remove_foreign_key and the standard schema.rb dumper will support maintaing these declarations. Foreign key support starts out as an exclusive to the MySQL and PostgreSQL adapters.

And so much more...

The above are just the highlights. We have many more goodies packed into this release than that. You can read a great summary in the release notes.

Maintenance consequences and Rails 5.0!

As per our maintenance policy, the release of Rails 4.2 means bug fixes will only apply to 4-2-stable, regular security issues to 4.2.x, 4.1.x, and severe security issues to 4.2.x, 4.1.x, and 3.2.x. In addition to these already stated commitments, the honorable Rafael França has agreed to also apply bug fixes to 4-1-stable. So everyone still on 4.1 and unable to move quickly can thank Rafael!

Rails 4.2 also marks the last big release in the 4.x series. With this release out, we're now working towards the big Rails 5.0! This means rails/master is now targeting 5.0.

Rails 5.0 will target Ruby 2.2+ exclusively. There are a bunch of optimizations coming in Ruby 2.2 that are going to be very nice, but most importantly for Rails, symbols are going to be garbage collected. This means we can shed a lot of weight related to juggling strings when we accept input from the outside world. It also means that we can convert fully to keyword arguments and all the other good stuff from the latest Ruby.

The release target for Rails 5.0 is currently Fall of 2015. So there's a while yet, but we're putting this out there for people to know, so gem maintainers and other Ruby implementations can know where we're going. We'll be working on putting out somewhat of a road map for the features when that's become a bit clearer.

Thanks to all and happy holidays!

It continues to be a pleasure and an honor to be involved with the amazing Ruby on Rails community – both contributors and users. The collaboration and resulting quality has never been better. Have a great holiday season and New Year's, and we'll see you all with more delicious releases in 2015!

[ANN] Rails 4.2.0.rc3 has been released!

Sat, 12/13/2014 - 03:00

Happy Friday everyone!

The Rails team has just released the third Release Candidate of Rails 4.2.0 today. For an overview of all the major changes in the 4.2 series, please refer to the release notes.

The RC3 release includes a few more minor patches over RC2. You can refer to the diff on Github for a full list of changes.

We would like to thank you again for assisting our team in testing the release candidates. Please continue to report any issues you discovered to our issue tracker and/or notify the maintainers of the relevant gems and plugins.

So far, we still haven't identify any major regressions for this release, meaning that we are still on track for our target to release the final version of 4.2.0 before Christmas time.

[ANN] Rails 4.2.0.rc2 has been released!

Fri, 12/05/2014 - 23:00

Happy Friday everyone!

The Rails team has just released the second Release Candidate of Rails 4.2.0 today. For an overview of all the major changes in the 4.2 series, please refer to the release notes.

The RC2 release includes some patches for a few minor issues that was reported in the last week. It also includes some improvements to the documentation and some enhancements that decreases the verbosity of the Active Job logs. You can refer to the diff on Github for a full list of changes.

We would like to thank you again for assisting our team in testing the release candidates. Please continue to report any issues you discovered to our issue tracker and/or notify the maintainers of the relevant gems and plugins.

If no other major issues are found, we expect to release the final version of 4.2.0 very soon, just in time for Christmas!

[ANN] Rails 4.2.0.rc1 has been released!

Fri, 11/28/2014 - 18:00

Happy Black Friday everyone!

The Rails team is very excited to announce that the first Release Candidate of Rails 4.2.0 has been released today. For an overview of all the major changes, please refer to the release notes.

We would like to thank everyone who have assisted our team in testing the beta and smoothing out all the rough edges. During the beta period, we have logged over 1500 commits by over 60 contributors and over 100 tickets and pull requests on GitHub.

In particular, thanks to contributors who have assisted in testing the release in their Real World™ applications, we have identified and addressed a number of performance issues since the last beta release.

With the release candidate out the door, we are now much closer to the final release of 4.2.0. Please consider testing this release with your applications if you haven't already – you can read the upgrade guide for detailed instructions. If you found any problems while upgrading, please report them to our issue tracker and/or notify the authors of the relevant gems and plugins.

Thank you all again, this release would not be possible without your help!

One More Thing™

The release of the first RC for the 4.2.0 series also marks the beginning of Rails 5 development. The 4-2-stable branch has been created today and all changes on the master branch will be targeted for Rails 5.0 and backported according to our maintenance policy. Read more about the grand plans for Rails 5!

Rails 4.0.11.1 and 4.1.7.1 have been released

Wed, 11/19/2014 - 19:16

Hi everyone!

Rails 4.0.11.1 and 4.1.7.1 have been released!

These two releases contain only security fix that was already released as 4.0.12 and 4.1.8. You can read more about the issue here (CVE-2014-7829).

4.0.12 and 4.1.8 were inadvertently based on their respective stable branches, and so incorporated additional changes beyond those necessary to resolve the security issue. In keeping with our security policy, it is our intention to include only the minimum necessary changes in security releases, to ensure everyone can upgrade without fear of regressions. As those releases included unrelated changes, we are providing new releases, based on the previous release, which contain only the security fix itself.

If you have already successfully upgraded to 4.0.12 or 4.1.8, no further action is required. Otherwise, if you are still on 4.0.11 or 4.1.7, please do upgrade to 4.0.11.1 or 4.1.7.1 at your earliest convenience.

The 3.2.21 release did incorporate a second change, but that change was intended: by policy, minor security-relevant bugs (which do not independently warrant a security release) are occasionally backported to 3-2-stable, and rolled into a subsequent security release.

The commits for 4.0.11.1 can be found here, and the commits for 4.1.7.1 can be found here.

Here are the checksums for 4.0.11.1:

$ shasum *4.0.11.1* f35d8d54b15b83b25aa6a46aa57b58cd9888b5cc actionmailer-4.0.11.1.gem 9d656c7959dc913fc208fa7ffdab265b73abb8f1 actionpack-4.0.11.1.gem bde6aa4985bff22ca7046f5ad855ccacee3e345e activemodel-4.0.11.1.gem 26d91f7d7f5cf828d25503326f6fe598f275cca3 activerecord-4.0.11.1.gem 2040d73aeb8ec84945e5ac5a1e060a703770f0a4 activesupport-4.0.11.1.gem 1dde2b45a0039ccef166030bdbc1948fa899a5e5 rails-4.0.11.1.gem 86cc0c06139bc085e830fbd0994a0bf7480e68dc railties-4.0.11.1.gem

Here are the checksums for 4.1.7.1:

$ shasum *4.1.7.1* 3e0c627e2f35293c7f963586ddedad84fe140c3b actionmailer-4.1.7.1.gem 038d1dd8eab2471f44cf456cbb8f94f4e413e069 actionpack-4.1.7.1.gem 6a6e2a188b58855748e0f400d6c562a779e76130 actionview-4.1.7.1.gem 6dcfeca9cb28490a4d3fde1cfbb9d14850130167 activemodel-4.1.7.1.gem b1d5b4bab0873e712f270fdb7ad8acb81d487a73 activerecord-4.1.7.1.gem 0af0c9e374f1a83f06db82457c219b29556233ca activesupport-4.1.7.1.gem 1fbef83600552fc18d83e61c39da752c7d6ba07c rails-4.1.7.1.gem f50d5902047d96b8836c3f6376ed9c212506268b railties-4.1.7.1.gem

<3<3<3<3

Rails 3.2.21, 4.0.12, and 4.1.8 have been released

Mon, 11/17/2014 - 15:44

Hello everyone!!! It's that time again.

I would like to announce that Rails 3.2.21, 4.0.12, and 4.1.8 have been released. These releases contain a security fix where the existence of arbitrary files on the file system can be leaked, but the contents of the file will not be leaked. The issue generally only impacts people who are using Rails to serve static assets, and will generally not impact people who use a proxy to serve static assets. This issue is similar to CVE-2014-7818, but is slightly different. You can read more about the issue here (CVE-2014-7829).

For ease of upgrading, the only changes in these releases are the security fixes.

Here are the checksums for the gems:

[aaron@TC release]$ shasum *3.2.21* 5f59bb7e463fa3a443593bdd650a258b34ae8db6 actionmailer-3.2.21.gem 1f7ffef317f7808aa3f6b3f63f292c136a827b7c actionpack-3.2.21.gem aaf186bc935b66e52e43a5e5c8b0af37b0444ccc activemodel-3.2.21.gem 9e5645ea4536238a3fec7f04e6f74a22db9057ec activerecord-3.2.21.gem fe64a4b4d5a0680ce2b05e4fb75d325454671c5f activeresource-3.2.21.gem 0a503dfc64a73980b18d799f9b80f02b3b1645b7 activesupport-3.2.21.gem b757a3161412742fd9f0323ff7ab6b31212e115c rails-3.2.21.gem 9cb5de52049319e1c837be75deaab0eba3695e42 railties-3.2.21.gem [aaron@TC release]$ shasum *4.0.12* c62e361241fd26a7e31ed3a9c87489bc5a86b12f actionmailer-4.0.12.gem f63c9d0e7a637c114b96cd864c12641e09eed373 actionpack-4.0.12.gem 2e9a64d08b9bcef0953132f1b9d4f295dfa167a4 activemodel-4.0.12.gem d3e59b3c9a0c5fc9045783905f53e49d4d6bc1ba activerecord-4.0.12.gem 6bf2468d9466b019d2ffaf21e44cb7a4d4ed8dde activesupport-4.0.12.gem d759db3bb1420c02c97852358e425b4a168198ff rails-4.0.12.gem 729345b543653507dfea3d2e158a870d49260548 railties-4.0.12.gem [aaron@TC release]$ shasum *4.1.8* db4fc0a8ac77332b96947480db7ff529c18ead44 actionmailer-4.1.8.gem 24cd5ff7bcc78a2d4997ebe6bc962f09e394f59e actionpack-4.1.8.gem 0c22174fbe03bf461aad27bf8ddebf7ae93988fa actionview-4.1.8.gem 2b2b98b8dfd96012b443a2ddf3cbf4267c378c4d activemodel-4.1.8.gem f263ff5ee5a4436184390aaf825d5072c71afc4e activerecord-4.1.8.gem c25e858743372f197ecfdbbbc5b1dbd71934947a activesupport-4.1.8.gem 4b96a78c669b7122f9ad905ee8f36772ac1bd8d9 rails-4.1.8.gem cbae764aa4a635f37c7bb52c84028dc032e1afea railties-4.1.8.gem [aaron@TC release]$

Happy RubyConf and have a great day!!! <3

[ANN] Rails 4.2.0.beta4 has been released!

Thu, 10/30/2014 - 22:00

The Rails team has just released Rails 4.2.0.beta4.

In addition to the security fixes in 4.2.0.beta3, this new release includes a number of bug fixes for issues reported since the 4.2.0.beta2 release.

If all goes according to plan, this should be the last beta release for 4.2.0 before we move into the Release Candidates phase. We would like to thank all of the early adopters who participated in the beta testing and reported issues, as well as the 64 contributors who submitted patches to help our team address these bugs.

Happy upgrading!

Rails 3.2.20, 4.0.11, 4.1.7, and 4.2.0.beta3 have been released

Thu, 10/30/2014 - 18:16

Hello everyone!!! It's that time again.

I would like to announce that Rails 3.2.20, 4.0.11, 4.1.7, and 4.2.0.beta3 have been released. These releases contain a security fix where the existence of arbitrary files on the file system can be leaked, but the contents of the file will not be leaked. The issue generally only impacts people who are using Rails to serve static assets, and will generally not impact people who use a proxy to serve static assets. You can read more about the issue here (CVE-2014-7818). A release of sprockets has also been made to help with this issue. You can read about it here (CVE-2014-7819).

For ease of upgrading, the only changes in these releases are the security fixes.

Here are the checksums for the gems:

[aaron@TC release]$ shasum *3.2.20* b14ca1ad923e035ab2a7785e657c5653447c3149 actionmailer-3.2.20.gem d6fea767996a954e4bc95fd0ca101ec912fcb093 actionpack-3.2.20.gem 97f5bb424aee73fbbd319baab3fd35c3f5eeb5f4 activemodel-3.2.20.gem 32d76836675a4c88685c3904271b16d9d2338ce9 activerecord-3.2.20.gem 640d83a96accc24e6afcae3cc5b253e5d355983f activeresource-3.2.20.gem d1d0a19a589c62278e7d9ac4275d5f8d75df20b3 activesupport-3.2.20.gem f8b4d3c56d89760c02b37d4c67efd31dedd4df80 rails-3.2.20.gem 41c272d53dd748407210a2270ad17bc7c9f30594 railties-3.2.20.gem [aaron@TC release]$ shasum *4.0.11* 9718b62f4428a7e4bbf66df4ac57dd82d197905a actionmailer-4.0.11.gem f1aec3d29e781e3beb685852db00ecf495150077 actionpack-4.0.11.gem 2ba4ceeff0a76df850d6294e2e1da703f3f6e7cb activemodel-4.0.11.gem 714dca99a452adfec76b507241896ffd7978a254 activerecord-4.0.11.gem 2791791c5c1eeefb3eee76712656bf674a20867d activesupport-4.0.11.gem 56bb306d4f0309dcf3a804a97104a3ee26b64b94 rails-4.0.11.gem 243e265c879db8876cce8688374cb7f9bb752d7d railties-4.0.11.gem [aaron@TC release]$ shasum *4.1.7* 4e4ce2530ff8773af784340e17e925b3b2c8cb20 actionmailer-4.1.7.gem 81628e433ca4335409677a33cfe9b56627f6ae1a actionpack-4.1.7.gem 7dc2626f5bc85379c55e49a712f5c0e060340ca8 actionview-4.1.7.gem 83c8be73d22973c843d43a988b27a449d2ca8a9d activemodel-4.1.7.gem 001156373c248a20c69bcf1451d6f7166dac3ddb activerecord-4.1.7.gem 217f25a911f8e89cd2834849232555cbc47ca850 activesupport-4.1.7.gem a1d9bb181d718e7f6cf380136425444e627c2345 rails-4.1.7.gem 1b9c8d08afc8fa77786fef13c54d4e6985cdc6d6 railties-4.1.7.gem [aaron@TC release]$ shasum *4.2.0* e5d608e8ce32abdd73c73c91fd34cb8f7075a251 actionmailer-4.2.0.beta3.gem 2e2034c285943777ad325c35292e202a46b937c2 actionpack-4.2.0.beta3.gem a008833cd1045c926fb6f36ee03e3d34499a0aa9 actionview-4.2.0.beta3.gem 02f4438363419c59b33d85b2dda4d4cf741a6098 activejob-4.2.0.beta3.gem c8a7dc2134c885ad3b23d4c36be95abc1ec1b769 activemodel-4.2.0.beta3.gem 192e33ab3b9d54954ff834ce6ee7f67a9197cb36 activerecord-4.2.0.beta3.gem 00437ab52df0ed0dd9afe571d083c92c3cdbe361 activesupport-4.2.0.beta3.gem ca81d6ac9fdd658775d32a6dbfe248ee13f5c87b rails-4.2.0.beta3.gem cc302e363248e4bc2d245201f922c576f9fe6f15 railties-4.2.0.beta3.gem

Have a great day!!! <3