What is docrails?

Over the years I have seen some confusion about what is exactly
docrails
and how it relates to the documentation of Ruby on Rails.

This post explains everything you want to know about this aspect of the project.

What is docrails?

docrails is a branch of Ruby on Rails with
public write access where anyone can push doc fixes.

If you see a typo, you’d like to correct a factual error, complement some
existing documentation, add a useful example… before docrails existed you had
to open a pull request (or the equivalent in those days) and follow the ordinary
workflow to get it accepted. docrails allows you to clone the repo, edit, and
push. Done!

ZOMG, that’s awesome! Tell me more!

Changes to the code base need review before they are pushed. Each individual new
feature or bug fix needs the perspective and responsability of core team
members to take a decision about it.

Documentation fixes, though, are much more likely to be fine as they are. So,
docrails has a public write policy to ease the workflow for contributors.

All commits have to be reviewed anyway, so docrails needs the same effort from
Rails committers than going through pull requests, please everyone give big
props to Vijay Dev who is nowadays in charge
of this time consuming task.

The point of docrails is to provide a way to contribute to the Rails documentation
that is fast and easy for contributors.

But wait, I am editing some separate thing?

docrails is a separate branch because it has a different access policy, but
you are editing the actual Ruby on Rails documentation.

Every few days, once all new commits are reviewed docrails is merged into
master, and master is merged into docrails. Also, very important edits may be
cherry-picked into stable branches at the discrection of who merges.

What is allowed in docrails?

You can freely push changes to any RDoc, guides, and READMEs.

No code can be touched at all. That’s a hard rule. No matter how insignificant,
not even a one character typo in a string literal.

CHANGELOGs cannot be edited either.

Is docrails a documentation project?

No, Ruby on Rails has no documentation project. Treating documentation as a
separate aspect of the project would be similar to treating testing as an
external part of the project.

Documentation is an integral part of the development of Ruby on Rails.
Contributing a feature or bug fix means contributing its code, test coverage,
and documentation.

I am preparing a pull request, should I document later via docrails?

No, docrails is meant only for quick doc fixes.

Pull requests should be complete: code, tests, and docs. If a pull request lacks
any of those in general it won’t be accepted as is.

Also, updating docs does not only mean that you edit the RDoc next to the code
you are touching. Often the change needs grepping the project tree to find
instances of what the pull request is about, to update examples, revise
explanations affected by your change, or writing new documentation.

Tidbit: run ack -a to have guides included in the search.

I made a doc fix, when is it going to be online?

Rails releases are a complete set. The documentation itself is part of the
release. The fix is going to be online in the stable API or
guides websites when
the branch that contains the fix gets released.

Edits merged into master are always online in the edge API
and edge guides,
which are regenerated after every push to master. Thus, edits done via docrails
are online in the edge docs website after the next docrails/master cross-merge.

Can I open pull requests for documentation fixes in Ruby on Rails?

Absolutely. Specially if you are unsure about the fix. But if you feel confident
just push to docrails.

Please do not open pull requests in docrails.

Note that docrails has no issues tab. The reason is docrails is not a project,
as explained above, only a way to bypass pull requests. Documentation issues are
Ruby on Rails issues and belong to the Ruby on Rails project just as any other
kind of issue.

Does Ruby on Rails has documenters?

No, documentation comes with each push to master. Everyone documents Rails.

The only exception is guide authors. Guide authors take the task to write an
entire new guide about a certain topic, and they are allowed to push early
drafts to docrails for convenience (only guides in the public index are
considered to be published).

That’s for new guides. Once published, guides maintenance happens in master as
everything else.

[ANN] Rails 3.2.2 has been released!

Rails 3.2.2 has been released. This release contains various bug fixes and two important security fixes. All users are recommended to upgrade as soon as possible.

CHANGES

For information regarding the possible vulnerabilities, please see the announcements here and here.

Some highlights from this release are:

  • Log files are always flushed

  • Failing tests will exit with nonzero status code

  • Elimination of calls to deprecated methods

  • Query cache instrumentation includes bindings in the payload

  • Hidden checkbox values are not set if the value is nil

  • Various Ruby 2.0 compatibility fixes

For a comprehensive list, see the commits on github.

[ANN] Rails 3.1.4 has been released!

Rails 3.1.4 has been released. This release contains various bug fixes and two important security fixes. All users are recommended to upgrade as soon as possible.

CHANGES

For information regarding the possible vulnerabilities, please see the announcements here and here.

Some highlights from this release are:

  • thrrubyrhino is added to the Gemfile for JRuby users

  • Routing cache improvements

  • Assets group may be skipped with the --skip-sprockets flag

  • Various Ruby 2.0 compatibility fixes

For a comprehensive list, see the commits on github.

[ANN] Rails 3.0.12 has been released!

Rails 3.0.12 has been released. This release contains various bug fixes and two important security fixes. All users are recommended to upgrade as soon as possible.

CHANGES

For information regarding the possible vulnerabilities, please see the announcements here and here.

Some highlights from this release are:

  • require and load will return the value from the superclass

  • ActiveModel confirmation validation fixes

  • Increasing rack dependency

For a comprehensive list, see the commits on github.

Edge Rails: PATCH is the new primary HTTP method for updates

What is PATCH?

The HTTP method PUT means resource creation or replacement at some given URL.

Think files, for example. If you upload a file to S3 at some URL, you want
either to create the file at that URL or replace an existing file if there’s
one. That is PUT.

Now let’s say a web application has an Invoice model with a paid flag that
indicates whether the invoice has been paid. How do you set that flag in a
RESTful way? Submitting paid=1 via PUT to /invoices/:id does not conform to
HTTP semantics, because such request would not be sending a complete representation of the invoice for replacement.

With the constraints of the methods GET, POST, PUT, DELETE, the traditional answer
is to define the paid flag of a given invoice to be a resource by itself. So,
you define a route to be able to PUT paid=1 to /invoices/:id/paid. You have
to do that because PUT does not allow partial updates to a resource.

Now let’s think about ordinary edit forms in typical Ruby on Rails applications.
How many times are we sending a complete representation for replacement? Not
always, perhaps we could say that it is even rare in practice that you do so.
For example, the conventional created_at and updated_at timestamps normally
can’t be set by end-users, though they are often considered to belong to the
representation of resources that map to records.

PUT in addition is an idempotent method. You should be able to replay a request
as many times as you want and get the same resource, something that sometimes
is violated by conventional idioms for creating children resources using
nested attributes while updating a parent resource.

There’s nothing theoretical preventing PUT from doing partial updates, but when
HTTP was being standarized the replacement semantics were already deployed.

Because of that, the PATCH method was defined in 1995 and standarized later.
PATCH is a method that is not safe,
nor idempotent, and allows full and partial updates and side-effects on other resources.

In practice, as you see, PATCH suits everyday web programming way better than
PUT for updating resources. In Ruby on Rails it corresponds naturally to the way
we use update_attributes for updating records.

Thus, PATCH is going to be the primary method for updates in Rails 4.0.

Routing

This is an important change, but we plan to do it in a way that is backwards
compatible.

When a resource is declared in config/routes.rb, for example,

resources :users

the action in UsersController to update a user is still update in Rails 4.0.

PUT requests to /users/:id in Rails 4.0 get routed to update as they are
today. So, if you have an API that gets real PUT requests it is going to work.

In Rails 4.0, though, the router also routes PATCH requests to /users/:id to
the update action.

So, in Rails 4.0 both PUT and PATCH are routed to update.

Forms

Forms of persisted resources:

form_for @user

get “patch” in the hidden field “_method”. The RFC is deliberately vague about
the way to represent changes in a PATCH request. Submitting a form is
perfectly valid, client and server must simply agree on the accepted ways
to update a resource.

Let me emphasize that the “_method” hack is a workaround for the limitations in
web browsers. As you probably know Rails routes real HTTP methods. That is, actual
PUT, DELETE, and now, PATCH requests are routed to their respective actions.

General availability

PATCH requests are available in all places where the rest of the methods are
available today. There is a patch macro for the routes DSL, :via understands
the symbol :patch. Tests can issue PATCH requests, request objects respond to
patch?, etc. Please see the original commit for details (with an important
followup here).

Will my web server understand PATCH?

Yes, it should. I have personally tried Apache, nginx, Phusion Passenger,
Unicorn, Thin, and WEBrick. They all understood PATCH requests out of the box.

Also, HTTP clients should be in general able to issue PATCH requests. For example
in curl(1) you’d execute:

curl -d'user[name]=wadus' -X PATCH http://localhost:3000/users/1

Credits

We would like to thank David Lee for this
contribution and endless patience to keep interested in this even after months
of discussion
.

Also I would like to
highlight the quality of the patch itself. It is excellent: code, tests, all
docs revised, comments in code revised. Everything carefully and
thoroughly updated. An exemplar patch.

Rails 3.2.1 has been released

Rails 3.2.1 is out, with some fixes and doc improvements. Please check the CHANGELOGs gist for details.

Rails 3.2.0: Faster dev mode & routing, explain queries, tagged logger, store

So we didn’t quite make the December release date as we intended, but hey, why break a good tradition and start hitting release targets now! In any case, your patience has been worldly rewarded young grasshopper: Rails 3.2 is done, baked, tested, and ready to roll!

I’ve been running on 3-2-stable for a few months working on Basecamp Next and it’s been a real treat. The new faster dev mode in particular is a major step up over 3.1.

Do remember that this is the last intended release series that’s going to support Ruby 1.8.7. The master git branch for Rails is now targeting Rails 4.0, which will require Ruby 1.9.3 and above. So now is a great time to start the work on getting your app ready for the current version of Ruby. Let’s not hang around old versions forever and a Sunday like those Python guys :).

There’s a v3.2.0 tag on Github and we of course we still have the 3-2-stable branch as well. You can see all the glorious details of everything that was changed in our CHANGELOG compilation.

For documentation, we have the 3.2 release notes with upgrade instructions, both the API docs and the guides have been generated for 3.2 as well, and there’s a brand new 3.2-compatible version of Agile Web Development with Rails. A smörgåsbord indeed!

Note: If you’re having trouble installing the gems under Ruby 1.8.7, you’ve probably hit a RubyGems bug with YAML that’s been fixed in RubyGems 1.8.15. You can upgrade RubyGems using “gem update—system”.

If you can’t be bothered with the full release notes, here’s a reprint of a few feature highlights from when we did the first release candidate:

Faster dev mode & routing

The most noticeable new feature is that development mode got a ton and a half faster. Inspired by Active Reload, we now only reload classes from files you’ve actually changed. The difference is dramatic on a larger application.

Route recognition also got a bunch faster thanks to the new Journey engine and we made linking much faster as well (especially apparent when you’re having 100+ links on a single page).

Explain queries

We’ve added a quick and easy way to explain quieries generated by ARel. In the console, you can run something like puts Person.active.limit(5).explain and you’ll get the query ARel produces explained (so you can easily see whether its using the right indexes). There’s even a default threshold in development mode where if a query takes more than half a second to run, it’s automatically explained inline—how about that!

Tagged logger

When you’re running a multi-user, multi-account application, it’s a great help to be able to filter the log by who did what. Enter the TaggedLogging wrapper. It works like this:

Logger = ActiveSupport::TaggedLogging.new(Logger.new(STDOUT))
Logger.tagged("BCX") { Logger.info "Stuff" } # Logs "[BCX] Stuff" 
Logger.tagged("BCX") do
  Logger.tagged("Jason") do
    Logger.info "Stuff" # Logs "\[BCX\] \[Jason\] Stuff" 
  end
end

Active Record Store

Key/value stores are great, but it’s not always you want to go the whole honking way just for a little variable-key action. Enter the Active Record Store:

class User < ActiveRecord::Base
  store :settings, accessors: [ :color, :homepage ]
end
u = User.new(color: 'black', homepage: '37signals.com')
u.color                          # Accessor stored attribute
u.settings[:country] = 'Denmark' # Any attribute, even if not specified with an accessor

Rails 3.2.0.rc2 has been released!

Hi everyone,

Rails 3.2.0.rc2 has been released!

What to update in your apps

  • Update your Gemfile to depend on rails ~> 3.2.0.rc2
  • Update your Gemfile to depend on sass-rails ~> 3.2.3
  • Start moving any remaining Rails 2.3-style vendor/plugins/*. These are finally deprecated!

Extract your vendor/plugins to their own gems and bundle them in your Gemfile. If they’re tiny, not worthy of the own gem, fold it into your app as lib/myplugin/* and config/initializers/myplugin.rb.

Changes since RC1

ActionMailer

  • No changes

ActionPack

  • Add font_path helper method Santiago Pastorino

  • Depends on rack ~> 1.4.0 Santiago Pastorino

  • Add :gzip option to caches_page. The default option can be configured globally using page_cache_compression Andrey Sitnik

ActiveModel

  • No changes

ActiveRecord

  • No changes

ActiveResource

  • No changes

ActiveSupport

  • ActiveSupport::Base64 is deprecated in favor of ::Base64. Sergey Nartimov

Railties

  • Rails 2.3-style plugins in vendor/plugins are deprecated and will be removed in Rails 4.0. Move them out of vendor/plugins and bundle them in your Gemfile, or fold them in to your app as lib/myplugin/* and config/initializers/myplugin.rb. Santiago Pastorino

  • Guides are available as a single .mobi for the Kindle and free Kindle readers apps. Michael Pearson & Xavier Noria

  • Allow scaffold/model/migration generators to accept a “index” and “uniq” modifiers, as in: “tracking_id:integer:uniq” in order to generate (unique) indexes. Some types also accept custom options, for instance, you can specify the precision and scale for decimals as “price:decimal{7,2}”. Dmitrii Samoilov

Gem checksums

  • MD5 (actionmailer-3.2.0.rc2.gem) = 118c83b2cddaa935d1de7534cfb6c810
  • MD5 (actionpack-3.2.0.rc2.gem) = 6b18851bc26d5c8958672f27adda05ca
  • MD5 (activemodel-3.2.0.rc2.gem) = d82f4eed949dcff17f8bf2aed806679a
  • MD5 (activerecord-3.2.0.rc2.gem) = d07806fd5fc464f960200d20ceb2193a
  • MD5 (activeresource-3.2.0.rc2.gem) = f51af240ff4623b0b6f8a4293ffa50dc
  • MD5 (activesupport-3.2.0.rc2.gem) = 01380240c12e0380c9e61c97dd45f2f1
  • MD5 (rails-3.2.0.rc2.gem) = 134f923f7d821f514abf6bdf4af62ca7
  • MD5 (railties-3.2.0.rc2.gem) = 4b3ac0f9c5da16b90a1875e8199253d2

You can find an exhaustive list of changes on github. Along with the closed issues marked for v3.2.0.

You can also see issues we haven’t closed yet.

Thanks to everyone!

Rails/master is now 4.0.0.beta

The forthcoming 3.2.x release series will be the last branch of Rails that supports Ruby 1.8.7. There’s a new 3-2-stable branch in git to track the changes we need until 3.2.0 final is release and for managing point releases after that.

So for now you should stop floating on rails/master if your application is not compatible with Ruby 1.9.3. We have updated the version numbers to indicate this backwards incompatibility to be 4.0.0.beta. This doesn’t mean that 4.0 is anywhere close to being released, mind you. We’re simply doing this now because we’re dropping support for Ruby 1.8.7 in rails/master and people should know what’s up.

Major versions of Rails has been on about 2-year release cycle since 1.0 (released in 2005, followed by 2.0 in 2007, followed by 3.0 in 2010) and we intend to continue this pattern. The current internal target for Rails 4.0 is sometime in the Summer of 2012 — but we have blown every major release estimate in the past, so don’t bet your farm on it.

There’s not a lot of details about what we’re going to include in Rails 4.0 yet as the primary purpose for bumping the major version number is to drop Ruby 1.8.7 support. But unlike Rails 3.0, we intend for it to be a much smoother transition. The intention is not for this to be a REWRITE EVERYTHING release in the same way 3.0 was to some extent.

But we’re getting ahead of ourselves. First mission is to get Rails 3.2 out!

Rails 3.2 RC1: Faster dev mode & routing, explain queries, tagged logger, store

Once you’ve boarded the Rails train, you just know that every stop along the way is going to be a good time. This release candidate is no different and we’ve packed it with loving goodies without making upgrading a hassle.

Faster dev mode & routing

The most noticeable new feature is that development mode got a ton and a half faster. Inspired by Active Reload, we now only reload classes from files you’ve actually changed. The difference is dramatic on a larger application.

Route recognition also got a bunch faster thanks to the new Journey engine and we made linking much faster as well (especially apparent when you’re having 100+ links on a single page).

Explain queries

We’ve added a quick and easy way to explain quieries generated by ARel. In the console, you can run something like puts Person.active.limit(5).explain and you’ll get the query ARel produces explained (so you can easily see whether its using the right indexes). There’s even a default threshold in development mode where if a query takes more than half a second to run, it’s automatically explained inline—how about that!

Tagged logger

When you’re running a multi-user, multi-account application, it’s a great help to be able to filter the log by who did what. Enter the TaggedLogging wrapper. It works like this:

Logger = ActiveSupport::TaggedLogging.new(Logger.new(STDOUT))
Logger.tagged("BCX") { Logger.info "Stuff" } # Logs "[BCX] Stuff" 
Logger.tagged("BCX") do
  Logger.tagged("Jason") do
    Logger.info "Stuff" # Logs "\[BCX\] \[Jason\] Stuff" 
  end
end

Active Record Store

Key/value stores are great, but it’s not always you want to go the whole honking way just for a little variable-key action. Enter the Active Record Store:

class User < ActiveRecord::Base
  store :settings, accessors: [ :color, :homepage ]
end
u = User.new(color: 'black', homepage: '37signals.com')
u.color                          # Accessor stored attribute
u.settings[:country] = 'Denmark' # Any attribute, even if not specified with an accessor

These are just a few of the highlights. The full release notes detail every loving change.

Given that this is a release candidate, we’re ever so eager to hear your feedback. We hope it’ll be a quick RC phase, but please do spoil that plan by reporting bugs.

As always, you install a release candidate by doing gem install rails --pre.

What’s new in Edge Rails: EXPLAIN

There are some new features related to EXPLAIN in the forthcoming Ruby on Rails 3.2 we’d like
to share:

  • Running EXPLAIN manually
  • Automatic EXPLAIN for slow queries
  • Silencing automatic EXPLAIN

As of this writing they are available for the adapters sqlite3, mysql2, and
postgresql.

Running EXPLAIN Manually

You can now run EXPLAIN on the SQL generated by a relation this way:

User.where(:id => 1).joins(:posts).explain

The result of that method call is a string that carefully imitates the output of
database shells. For example, under MySQL you get something similar to

EXPLAIN for: SELECT `users`.* FROM `users` INNER JOIN `posts` ON `posts`.`user_id` = `users`.`id` WHERE `users`.`id` = 1
+----+-------------+-------+-------+---------------+---------+---------+-------+------+-------------+
| id | select_type | table | type  | possible_keys | key     | key_len | ref   | rows | Extra       |
+----+-------------+-------+-------+---------------+---------+---------+-------+------+-------------+
|  1 | SIMPLE      | users | const | PRIMARY       | PRIMARY | 4       | const |    1 |             |
|  1 | SIMPLE      | posts | ALL   | NULL          | NULL    | NULL    | NULL  |    1 | Using where |
+----+-------------+-------+-------+---------------+---------+---------+-------+------+-------------+
2 rows in set (0.00 sec)

and under PostgreSQL the same call yields something like

EXPLAIN for: SELECT "users".* FROM "users" INNER JOIN "posts" ON "posts"."user_id" = "users"."id" WHERE "users"."id" = 1
                                  QUERY PLAN
------------------------------------------------------------------------------
 Nested Loop Left Join  (cost=0.00..37.24 rows=8 width=0)
   Join Filter: (posts.user_id = users.id)
   ->  Index Scan using users_pkey on users  (cost=0.00..8.27 rows=1 width=4)
         Index Cond: (id = 1)
   ->  Seq Scan on posts  (cost=0.00..28.88 rows=8 width=4)
         Filter: (posts.user_id = 1)
(6 rows)

Please notes that explain runs the query or queries and asks the
database for their respective query plan afterwards. This is because due to eager loading a relation may trigger several queries to fetch the records and their associations, and in such cases, some queries need the result of
the previous ones.

If the relation triggers several queries the method still returns a single
string with all the query plans. This is an output meant for human consumption so we preferred to present
everything as a string in a format which is familiar right away rather than a structure.

Automatic EXPLAIN For Slow Queries

Rails 3.2 has the ability to help in detecting slow queries.

New applications get

config.active_record.auto_explain_threshold_in_seconds = 0.5

in config/environments/development.rb. Active Record monitors queries and if
they take more than that threshold their query plan will be logged using warn.

That works for anything running find_by_sql (which is almost everything, since
most of Active Record ends up calling that method). In the particular case of
relations, the threshold is compared against the total time needed to fetch the
records, not against the individual time taken by each involved query. Because
conceptually we are concerned with the cost of the call

User.where(:id => 1).joins(:posts).explain

rather than the cost of the different queries that call may trigger due to the
implementation.

By default the threshold is nil in the test and production environments, which
means the feature is disabled.

The value of that parameter is nil also if the threshold is not set, so
existing applications will need to add it by hand if they migrate to 3.2 to be
able to have automatic EXPLAIN enabled.

Silencing Automatic EXPLAIN

With automatic EXPLAIN enabled, it could still be the case that some queries are
just slow and you know they have to be. For example, a heavyweight report in the
backoffice.

The macro silence_auto_explain allows you to avoid having EXPLAIN run
repeatedly in those areas of code:

ActiveRecord::Base.silence_auto_explain do
  # no automatic EXPLAIN here
end

Interpreting Query Plans

The interpretation of the query plans is another topic, these are some pointers:

Happy debugging!

Rails 3.1.3 has been released

Rails 3.1.3 has been released. This release mainly contains fixes for regressions that popped up in 3.1.2.

Changes

Action Pack:

  • Downgrade sprockets to ~> 2.0.3. Using 2.1.0 caused regressions.

  • Fix using translate helper with a html translation which uses the :count option for pluralization.

    Jon Leighton

Active Record:

  • Perf fix: If we’re deleting all records in an association, don’t add a IN(..) clause to the query. GH 3672

    Jon Leighton

  • Fix bug with referencing other mysql databases in settablename. GH 3690

  • Fix performance bug with mysql databases on a server with lots of other databses. GH 3678

    Christos Zisopoulos and Kenny J

Railties:

  • New apps should be generated with a sass-rails dependency of 3.1.5, not 3.1.5.rc.2

As ever, you can see a full list of changes on Github.

Rails 3.1.2 has been released

Rails 3.1.2 has been released. This is a patch-level release containing bug fixes and an important security fix.

Possible XSS vulnerability in the translate helper method in Ruby on Rails

There is a vulnerability in the translate helper method which may allow an attacker to insert arbitrary code into a page.

  • Versions Affected: 3.0.0 and later, 2.3.X in combination with the rails_xss plugin
  • Not Affected: Pre-3.0.0 releases, without the rails_xss plugin, did no automatic XSS escaping, so are not considered vulnerable
  • Fixed Versions: 3.0.11, 3.1.2

Please see the rubyonrails-security posting and the changelog item below, for more details.

Changes

Action Mailer:

  • No changes

Action Pack:

  • Fix XSS security vulnerability in the translate helper method. When using interpolation
    in combination with HTML-safe translations, the interpolated input would not get HTML
    escaped. GH 3664

    Before:

    translate(‘foo_html’, :something => ‘<script>’) # => “…<script>…”

    After:

    translate(‘foo_html’, :something => ‘<script>’) # => “…&lt;script&gt;…”

    Sergey Nartimov

  • Upgrade sprockets dependency to ~> 2.1.0

  • Ensure that the format isn’t applied twice to the cache key, else it becomes impossible to target with expire_action.

    Christopher Meiklejohn

  • Swallow error when can’t unmarshall object from session.

    Bruno Zanchet

  • Implement a workaround for a bug in ruby-1.9.3p0 where an error would be raised while attempting to convert a template from one encoding to another.

    Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.

    The workaround is to load all conversions into memory ahead of time, and will only happen if the ruby version is exactly 1.9.3p0. The hope is obviously that the underlying problem will be resolved in the next patchlevel release of 1.9.3.

    Jon Leighton

  • Ensure users upgrading from 3.0.x to 3.1.x will properly upgrade their flash object in session (issues #3298 and #2509)

Active Model:

  • No changes

Active Record:

  • Fix problem with prepared statements and PostgreSQL when multiple schemas are used.
    GH #3232

    Juan M. Cuello

  • Fix bug with PostgreSQLAdapter#indexes. When the search path has multiple schemas, spaces
    were not being stripped from the schema names after the first.

    Sean Kirby

  • Preserve SELECT columns on the COUNT for finder_sql when possible. GH 3503

    Justin Mazzi

  • Reset prepared statement cache when schema changes impact statement results. GH 3335

    Aaron Patterson

  • Postgres: Do not attempt to deallocate a statement if the connection is no longer active.

    Ian Leitch

  • Prevent QueryCache leaking database connections. GH 3243

    Mark J. Titorenko

  • Fix bug where building the conditions of a nested through association could potentially
    modify the conditions of the through and/or source association. If you have experienced
    bugs with conditions appearing in the wrong queries when using nested through associations,
    this probably solves your problems. GH #3271

    Jon Leighton

  • If a record is removed from a has_many :through, all of the join records relating to that
    record should also be removed from the through association’s target.

    Jon Leighton

  • Fix adding multiple instances of the same record to a has_many :through. GH #3425

    Jon Leighton

  • Fix creating records in a through association with a polymorphic source type. GH #3247

    Jon Leighton

  • MySQL: use the information_schema than the describe command when we look for a primary key. GH #3440

    Kenny J

Active Resource:

  • No changes

Active Support:

  • No changes

Railties:

  • Engines: don’t blow up if db/seeds.rb is missing.

    Jeremy Kemper

  • rails new foo --skip-test-unit should not add the :test task to the rake default task.
    GH 2564

    José Valim

As ever, you can see a full list of commits between the versions on Github.

Rails 3.0.11 has been released

Rails 3.0.11 has been released. This is a patch-level release containing bug fixes and an important security fix.

Possible XSS vulnerability in the translate helper method in Ruby on Rails

There is a vulnerability in the translate helper method which may allow an attacker to insert arbitrary code into a page.

  • Versions Affected: 3.0.0 and later, 2.3.X in combination with the rails_xss plugin
  • Not Affected: Pre-3.0.0 releases, without the rails_xss plugin, did no automatic XSS escaping, so are not considered vulnerable
  • Fixed Versions: 3.0.11, 3.1.2

Please see the rubyonrails-security posting and the changelog item below, for more details.

Changes

Action Mailer:

  • No changes

Action Pack:

  • Fix XSS security vulnerability in the translate helper method. When using interpolation
    in combination with HTML-safe translations, the interpolated input would not get HTML
    escaped. GH 3664

    Before:

    translate(‘foo_html’, :something => ‘<script>’) # => “…<script>…”

    After:

    translate(‘foo_html’, :something => ‘<script>’) # => “…&lt;script&gt;…”

    Sergey Nartimov

  • Implement a workaround for a bug in ruby-1.9.3p0 where an error would be
    raised while attempting to convert a template from one encoding to another.

    Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.

    The workaround is to load all conversions into memory ahead of time, and will
    only happen if the ruby version is exactly 1.9.3p0. The hope is obviously
    that the underlying problem will be resolved in the next patchlevel release
    of 1.9.3.

  • Fix assert_select_email to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.

  • Fix url_for when passed a hash to prevent additional options (eg. :host, :protocol) from being added to the hash after calling it.

Active Model:

  • No changes

Active Record:

  • Exceptions from database adapters should not lose their backtrace.

  • Backport “ActiveRecord::Persistence#touch should not use default_scope” (GH #1519)

  • Psych errors with poor yaml formatting are proxied. Fixes GH #2645 and
    GH #2731

  • Fix ActiveRecord#exists? when passsed a nil value

Active Resource:

  • No changes

Active Support:

  • No changes

Railties:

  • Updated Prototype UJS to lastest version fixing multiples errors in IE [Guillermo Iguaran]

As ever, you can see a full list of commits between the versions on Github.

Rails 3.1.1 has been released!

Hi everyone,

Rails 3.1.1 has been released. This release requires at least sass-rails 3.1.4

CHANGES

ActionMailer

  • No changes

ActionPack

  • stylesheetlinktag(‘/stylesheets/application’) and similar helpers doesn’t
    throw Sprockets::FileOutsidePaths exception anymore [Santiago Pastorino]

  • Ensure defaultassethost_protocol is respected, closes #2980. [José Valim]

    Changing rake db:schema:dump to run :environment as well as :load_config,
    as running :load_config alone will lead to the dumper being run without
    including extensions such as those included in foreigner and
    spatial_adapter.

    This reverses a change made here:
    https://github.com/rails/rails/commit/5df72a238e9fcb18daf6ab6e6dc9051c9106d7bb#L0L324

    I’m assuming here that :load_config needs to be invoked
    separately from :environment, as it is elsewhere in the
    file for db operations, if not the alternative is to go
    back to “task :dump => :environment do”.

    [Ben Woosley]

  • Update to rack-cache 1.1.

    Versions prior to 1.1 delete the If-Modified-Since and If-Not-Modified
    headers when config.actioncontroller.performcaching is true. This has two
    problems:

    • unexpected inconsistent behaviour between development &
      production environments
    • breaks applications that use of these headers

    [Brendan Ribera]

  • Ensure that enhancements to assets:precompile task are only run once [Sam Pohlenz]

  • TestCase should respect the view_assigns API instead of pulling variables on
    its own. [José Valim]

  • javascriptpath and stylesheetpath now refer to /assets if asset pipelining
    is on. [Santiago Pastorino]

  • button_to support form option. Now you’re able to pass for example
    ‘data-type’ => ‘json’. [ihower]

  • imagepath and imagetag should use /assets if asset pipelining is turned
    on. Closes #3126 [Santiago Pastorino and christos]

  • Avoid use of existing precompiled assets during rake assets:precompile run.
    Closes #3119 [Guillermo Iguaran]

  • Copy assets to nondigested filenames too [Santiago Pastorino]

  • Give precedence to config.digest = false over the existence of
    manifest.yml asset digests [christos]

  • escape options for the stylesheetlinktag method [Alexey Vakhov]

  • Re-launch assets:precompile task using (Rake.)ruby instead of Kernel.exec so
    it works on Windows [cablegram]

  • env var passed to process shouldn’t be modified in process method. [Santiago
    Pastorino]

  • rake assets:precompile loads the application but does not initialize
    it.

    To the app developer, this means configuration add in
    config/initializers/* will not be executed.

    Plugins developers need to special case their initializers that are
    meant to be run in the assets group by adding :group => :assets. [José Valim]

  • Sprockets uses config.assets.prefix for asset_path [asee]

  • FileStore keyfilepath properly limit filenames to 255 characters. [phuibonhoa]

  • Fix Hash#toquery edge case with htmlsafe strings. [brainopia]

  • Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
    Useful for linking assets from static html files or from emails when the user
    could probably look at an older html email with an older asset. [Santiago Pastorino]

  • Don’t mount Sprockets server at config.assets.prefix if config.assets.compile is false. [Mark J. Titorenko]

  • Set relative url root in assets when controller isn’t available for Sprockets (eg. Sass files using asset_path). Fixes #2435 [Guillermo Iguaran]

  • Fix basic auth credential generation to not make newlines. GH #2882

  • Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn’t precompiled.
    Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. [Guillermo Iguaran]

  • CookieJar is now Enumerable. Fixes #2795

  • Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763 #2765 #2805 [Guillermo Iguaran]

  • Manifest is correctly placed in assets path when default assets prefix is changed. Fixes #2776 [Guillermo Iguaran]

  • Fixed stylesheetlinktag and javascriptincludetag to respect additional options passed by the users when debug is on. [Guillermo Iguaran]

  • Fix ActiveRecord#exists? when passsed a nil value

  • Fix assertselectemail to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.

ActiveModel

  • Remove hard dependency on bcrypt-ruby to avoid make ActiveModel dependent on a binary library.
    You must add the gem explicitly to your Gemfile if you want use ActiveModel::SecurePassword:

    gem ‘bcrypt-ruby’, ‘~> 3.0.0’

    See GH #2687. [Guillermo Iguaran]

ActiveRecord

  • Add deprecation for the preload_associations method. Fixes #3022.

    [Jon Leighton]

  • Don’t require a DB connection when loading a model that uses setprimarykey. GH #2807.

    [Jon Leighton]

  • Fix using select() with a habtm association, e.g. Person.friends.select(:name). GH #3030 and #2923.

    [Hendy Tanata]

  • Fix belongs_to polymorphic with custom primary key on target. GH #3104.

    [Jon Leighton]

  • CollectionProxy#replace should change the DB records rather than just mutating the array.
    Fixes #3020.

    [Jon Leighton]

  • LRU cache in mysql and sqlite are now per-process caches.

    • lib/activerecord/connectionadapters/mysql_adapter.rb: LRU cache
      keys are per process id.
    • lib/activerecord/connectionadapters/sqlite_adapter.rb: ditto
  • Database adapters use a statement pool for limiting the number of open
    prepared statments on the database. The limit defaults to 1000, but can
    be adjusted in your database config by changing ‘statement_limit’.

  • Fix clash between using ‘preload’, ‘joins’ or ‘eager_load’ in a default scope and including the
    default scoped model in a nested through association. (GH #2834.) [Jon Leighton]

  • Ensure we are not comparing a string with a symbol in HasManyAssociation#inverseupdatescounter_cache?.
    Fixes GH #2755, where a counter cache could be decremented twice as far as it was supposed to be.

    [Jon Leighton]

  • Don’t send any queries to the database when the foreign key of a belongs_to is nil. Fixes
    GH #2828. [Georg Friedrich]

  • Fixed findin_batches method to not include order from defaultscope. See GH #2832 [Arun Agrawal]

  • Don’t compute table name for abstract classes. Fixes problem with setting the primary key
    in an abstract class. See GH #2791. [Akira Matsuda]

  • Psych errors with poor yaml formatting are proxied. Fixes GH #2645 and
    GH #2731

  • Use the LIMIT word with the methods #last and #first. Fixes GH #2783 [Damien Mathieu]

ActiveResource

  • No changes

ActiveSupport

  • ruby193: String#prepend is also unsafe [Akira Matsuda]

  • Fix obviously breakage of Time.=== for Time subclasses [jeremyevans]

  • Added fix so that file store does not raise an exception when cache dir does
    not exist yet. This can happen if a delete_matched is called before anything
    is saved in the cache. [Philippe Huibonhoa]

  • Fixed performance issue where TimeZone lookups would require tzinfo each time [Tim Lucas]

  • ActiveSupport::OrderedHash is now marked as extractable when using Array#extract_options! [Prem Sichanugrist]

Railties

  • Add jquery-rails to Gemfile of plugins, test/dummy app needs it. Closes #3091. [Santiago Pastorino]

  • rake assets:precompile loads the application but does not initialize it.

    To the app developer, this means configuration add in
    config/initializers/* will not be executed.

    Plugins developers need to special case their initializers that are
    meant to be run in the assets group by adding :group => :assets.

SHA-1

  • 9337cff7772da034b0b34b73b85cf249f1a70f52 actionmailer-3.1.1.gem
  • 7bb1b8d096a6ff1ff46dcfb778bf86a5daca1b0d actionpack-3.1.1.gem
  • d5dc71e1a9a0e20d819f4dff27ff0697e99a7f64 activemodel-3.1.1.gem
  • 7245632cb3b38612628304c1e244855d0053f7be activerecord-3.1.1.gem
  • 6d09800202c2747e84249b8646f0fd480ed4924f activeresource-3.1.1.gem
  • 66df2fd144aab22f52819fd489e33a976d68a46b activesupport-3.1.1.gem
  • 6a35a49948bbd9f461839a1a271def90b23a851a rails-3.1.1.gem
  • 6979ef891bd03fb639b979af9fdc56781f9358d9 railties-3.1.1.gem

You can find an exhaustive list of changes on github. Along with the closed issues marked for v3.1.1.

Thanks to everyone!

[ANN] Rails 3.1.1.rc3

Hi everyone,

Rails 3.1.1.rc3 has been released. Please give it a try, it’s our chance to fix regressions you might find and make a beautiful 3.1.1 stable release. If there are no regressions I will be releasing 3.1.1 final next October 7th. If you find any regression please contact me ASAP by email, twitter or github.

CHANGES

ActionMailer

  • No changes

ActionPack

  • stylesheetlinktag(‘/stylesheets/application’) and similar helpers doesn’t
    throw Sprockets::FileOutsidePaths exception anymore [Santiago Pastorino]

  • Ensure defaultassethost_protocol is respected, closes #2980. [José Valim]

    Changing rake db:schema:dump to run :environment as well as :load_config,
    as running :load_config alone will lead to the dumper being run without
    including extensions such as those included in foreigner and
    spatial_adapter.

    This reverses a change made here:
    https://github.com/rails/rails/commit/5df72a238e9fcb18daf6ab6e6dc9051c9106d7bb#L0L324

    I’m assuming here that :load_config needs to be invoked
    separately from :environment, as it is elsewhere in the
    file for db operations, if not the alternative is to go
    back to “task :dump => :environment do”.

    [Ben Woosley]

  • Update to rack-cache 1.1.

    Versions prior to 1.1 delete the If-Modified-Since and If-Not-Modified
    headers when config.actioncontroller.performcaching is true. This has two
    problems:

    • unexpected inconsistent behaviour between development &
      production environments
    • breaks applications that use of these headers

    [Brendan Ribera]

  • Ensure that enhancements to assets:precompile task are only run once [Sam Pohlenz]

  • TestCase should respect the view_assigns API instead of pulling variables on
    its own. [José Valim]

  • javascriptpath and stylesheetpath now refer to /assets if asset pipelining
    is on. [Santiago Pastorino]

  • button_to support form option. Now you’re able to pass for example
    ‘data-type’ => ‘json’. [ihower]

  • imagepath and imagetag should use /assets if asset pipelining is turned
    on. Closes #3126 [Santiago Pastorino and christos]

  • Avoid use of existing precompiled assets during rake assets:precompile run.
    Closes #3119 [Guillermo Iguaran]

  • Copy assets to nondigested filenames too [Santiago Pastorino]

  • Give precedence to config.digest = false over the existence of
    manifest.yml asset digests [christos]

  • escape options for the stylesheetlinktag method [Alexey Vakhov]

  • Re-launch assets:precompile task using (Rake.)ruby instead of Kernel.exec so
    it works on Windows [cablegram]

  • env var passed to process shouldn’t be modified in process method. [Santiago
    Pastorino]

  • rake assets:precompile loads the application but does not initialize
    it.

    To the app developer, this means configuration add in
    config/initializers/* will not be executed.

    Plugins developers need to special case their initializers that are
    meant to be run in the assets group by adding :group => :assets. [José Valim]

  • Sprockets uses config.assets.prefix for asset_path [asee]

  • FileStore keyfilepath properly limit filenames to 255 characters. [phuibonhoa]

  • Fix Hash#toquery edge case with htmlsafe strings. [brainopia]

  • Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
    Useful for linking assets from static html files or from emails when the user
    could probably look at an older html email with an older asset. [Santiago Pastorino]

  • Don’t mount Sprockets server at config.assets.prefix if config.assets.compile is false. [Mark J. Titorenko]

  • Set relative url root in assets when controller isn’t available for Sprockets (eg. Sass files using asset_path). Fixes #2435 [Guillermo Iguaran]

  • Fix basic auth credential generation to not make newlines. GH #2882

  • Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn’t precompiled.
    Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. [Guillermo Iguaran]

  • CookieJar is now Enumerable. Fixes #2795

  • Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763 #2765 #2805 [Guillermo Iguaran]

  • Manifest is correctly placed in assets path when default assets prefix is changed. Fixes #2776 [Guillermo Iguaran]

  • Fixed stylesheetlinktag and javascriptincludetag to respect additional options passed by the users when debug is on. [Guillermo Iguaran]

  • Fix ActiveRecord#exists? when passsed a nil value

  • Fix assertselectemail to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.

ActiveModel

  • Remove hard dependency on bcrypt-ruby to avoid make ActiveModel dependent on a binary library.
    You must add the gem explicitly to your Gemfile if you want use ActiveModel::SecurePassword:

    gem ‘bcrypt-ruby’, ‘~> 3.0.0’

    See GH #2687. [Guillermo Iguaran]

ActiveRecord

  • Add deprecation for the preload_associations method. Fixes #3022.

    [Jon Leighton]

  • Don’t require a DB connection when loading a model that uses setprimarykey. GH #2807.

    [Jon Leighton]

  • Fix using select() with a habtm association, e.g. Person.friends.select(:name). GH #3030 and

    2923.

    [Hendy Tanata]

  • Fix belongs_to polymorphic with custom primary key on target. GH #3104.

    [Jon Leighton]

  • CollectionProxy#replace should change the DB records rather than just mutating the array.
    Fixes #3020.

    [Jon Leighton]

  • LRU cache in mysql and sqlite are now per-process caches.

    • lib/activerecord/connectionadapters/mysql_adapter.rb: LRU cache
      keys are per process id.
    • lib/activerecord/connectionadapters/sqlite_adapter.rb: ditto
  • Database adapters use a statement pool for limiting the number of open
    prepared statments on the database. The limit defaults to 1000, but can
    be adjusted in your database config by changing ‘statement_limit’.

  • Fix clash between using ‘preload’, ‘joins’ or ‘eager_load’ in a default scope and including the
    default scoped model in a nested through association. (GH #2834.) [Jon Leighton]

  • Ensure we are not comparing a string with a symbol in HasManyAssociation#inverseupdatescounter_cache?.
    Fixes GH #2755, where a counter cache could be decremented twice as far as it was supposed to be.

    [Jon Leighton]

  • Don’t send any queries to the database when the foreign key of a belongs_to is nil. Fixes
    GH #2828. [Georg Friedrich]

  • Fixed findin_batches method to not include order from defaultscope. See GH #2832 [Arun Agrawal]

  • Don’t compute table name for abstract classes. Fixes problem with setting the primary key
    in an abstract class. See GH #2791. [Akira Matsuda]

  • Psych errors with poor yaml formatting are proxied. Fixes GH #2645 and
    GH #2731

  • Use the LIMIT word with the methods #last and #first. Fixes GH #2783 [Damien Mathieu]

ActiveResource

  • No changes

ActiveSupport

  • ruby193: String#prepend is also unsafe [Akira Matsuda]

  • Fix obviously breakage of Time.=== for Time subclasses [jeremyevans]

  • Added fix so that file store does not raise an exception when cache dir does
    not exist yet. This can happen if a delete_matched is called before anything
    is saved in the cache. [Philippe Huibonhoa]

  • Fixed performance issue where TimeZone lookups would require tzinfo each time [Tim Lucas]

  • ActiveSupport::OrderedHash is now marked as extractable when using Array#extract_options! [Prem Sichanugrist]

Railties

  • Add jquery-rails to Gemfile of plugins, test/dummy app needs it. Closes #3091. [Santiago Pastorino]

  • rake assets:precompile loads the application but does not initialize it.

    To the app developer, this means configuration add in
    config/initializers/* will not be executed.

    Plugins developers need to special case their initializers that are
    meant to be run in the assets group by adding :group => :assets.

You can find an exhaustive list of changes on github. Along with the closed issues marked for v3.1.1. You can also take a look to what’s new between v3.1.1.rc2 and v3.1.1.rc3

You can also see issues we haven’t closed yet.

Thanks to everyone!

[ANN] Rails 3.1.1.rc2

Hi everyone,

Rails 3.1.1.rc2 has been released. Please give it a try, it’s our chance to fix regressions you might find and make a beautiful 3.1.1 stable release. If there are no regressions I will be releasing 3.1.1 final next October 3rd. If you find any regression please contact me ASAP by email, twitter or github.

## CHANGES

*ActionMailer*

* No changes

*ActionPack*

* Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
Useful for linking assets from static html files or from emails when the user
could probably look at an older html email with an older asset. [Santiago Pastorino]

* Don’t mount Sprockets server at config.assets.prefix if config.assets.compile is false. [Mark J. Titorenko]

* Set relative url root in assets when controller isn’t available for Sprockets (eg. Sass files using asset_path). Fixes #2435 [Guillermo Iguaran]

* Fix basic auth credential generation to not make newlines. GH #2882

* Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn’t precompiled.
Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. [Guillermo Iguaran]

* CookieJar is now Enumerable. Fixes #2795

* Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763 #2765 #2805 [Guillermo Iguaran]

* Manifest is correctly placed in assets path when default assets prefix is changed. Fixes #2776 [Guillermo Iguaran]

* Fixed stylesheet_link_tag and javascript_include_tag to respect additional options passed by the users when debug is on. [Guillermo Iguaran]

* Fix ActiveRecord#exists? when passsed a nil value

* Fix assert_select_email to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.

*ActiveModel*

* Remove hard dependency on bcrypt-ruby to avoid make ActiveModel dependent on a binary library.
You must add the gem explicitly to your Gemfile if you want use ActiveModel::SecurePassword:

gem ‘bcrypt-ruby’, ‘~> 3.0.0’

See GH #2687. [Guillermo Iguaran]

*ActiveRecord*

* Add deprecation for the preload_associations method. Fixes #3022.

[Jon Leighton]

* Don’t require a DB connection when loading a model that uses set_primary_key. GH #2807.

[Jon Leighton]

* Fix using select() with a habtm association, e.g. Person.friends.select(:name). GH #3030 and
#2923.

[Hendy Tanata]

* Fix belongs_to polymorphic with custom primary key on target. GH #3104.

[Jon Leighton]

* CollectionProxy#replace should change the DB records rather than just mutating the array.
Fixes #3020.

[Jon Leighton]

* LRU cache in mysql and sqlite are now per-process caches.

* lib/active_record/connection_adapters/mysql_adapter.rb: LRU cache
keys are per process id.
* lib/active_record/connection_adapters/sqlite_adapter.rb: ditto

* Database adapters use a statement pool for limiting the number of open
prepared statments on the database. The limit defaults to 1000, but can
be adjusted in your database config by changing ‘statement_limit’.

* Fix clash between using ‘preload’, ‘joins’ or ‘eager_load’ in a default scope and including the
default scoped model in a nested through association. (GH #2834.) [Jon Leighton]

* Ensure we are not comparing a string with a symbol in HasManyAssociation#inverse_updates_counter_cache?.
Fixes GH #2755, where a counter cache could be decremented twice as far as it was supposed to be.

[Jon Leighton]

* Don’t send any queries to the database when the foreign key of a belongs_to is nil. Fixes
GH #2828. [Georg Friedrich]

* Fixed find_in_batches method to not include order from default_scope. See GH #2832 [Arun Agrawal]

* Don’t compute table name for abstract classes. Fixes problem with setting the primary key
in an abstract class. See GH #2791. [Akira Matsuda]

* Psych errors with poor yaml formatting are proxied. Fixes GH #2645 and
GH #2731

* Use the LIMIT word with the methods #last and #first. Fixes GH #2783 [Damien Mathieu]

*ActiveResource*

* No changes

*ActiveSupport*

* Fixed performance issue where TimeZone lookups would require tzinfo each time [Tim Lucas]

* ActiveSupport::OrderedHash is now marked as extractable when using Array#extract_options! [Prem Sichanugrist]

*Railties*

* Add jquery-rails to Gemfile of plugins, test/dummy app needs it. Closes #3091. [Santiago Pastorino]

* `rake assets:precompile` loads the application but does not initialize it.

To the app developer, this means configuration add in
config/initializers/* will not be executed.

Plugins developers need to special case their initializers that are
meant to be run in the assets group by adding :group => :assets.

You can find an exhaustive list of changes on [github](https://github.com/rails/rails/compare/v3.1.0…v3.1.1.rc2). Along with the [closed issues marked for v3.1.1](https://github.com/rails/rails/issues?milestone=6&state=closed). You can also take a look to what’s new between [v3.1.1.rc1 and v3.1.1.rc2](https://github.com/rails/rails/compare/v3.1.1.rc1…v3.1.1.rc2)

You can also see issues [we haven’t closed yet](https://github.com/rails/rails/issues?milestone=8&state=open).

Thanks to everyone!

[ANN] Rails 3.1.1.rc1

Hi everyone,

Rails 3.1.1.rc1 has been released. Please give it a try, it’s our chance to fix regressions you might find and make a beautiful 3.1.1 stable release. If there are no regressions I will be releasing 3.1.1 final next September 16th during GoGaRuCo.

CHANGES

ActionMailer

  • No changes

ActionPack

  • Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
    Useful for linking assets from static html files or from emails when the user
    could probably look at an older html email with an older asset. [Santiago Pastorino]

  • Don’t mount Sprockets server at config.assets.prefix if config.assets.compile is false. [Mark J. Titorenko]

  • Set relative url root in assets when controller isn’t available for Sprockets (eg. Sass files using asset_path). Fixes #2435 [Guillermo Iguaran]

  • Fix basic auth credential generation to not make newlines. GH #2882

  • Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn’t precompiled.
    Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. [Guillermo Iguaran]

  • CookieJar is now Enumerable. Fixes #2795

  • Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763 #2765 #2805 [Guillermo Iguaran]

  • Manifest is correctly placed in assets path when default assets prefix is changed. Fixes #2776 [Guillermo Iguaran]

  • Fixed stylesheetlinktag and javascriptincludetag to respect additional options passed by the users when debug is on. [Guillermo Iguaran]

  • Fix ActiveRecord#exists? when passsed a nil value

  • Fix assertselectemail to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.

ActiveModel

  • Remove hard dependency on bcrypt-ruby to avoid make ActiveModel dependent on a binary library.
    You must add the gem explicitly to your Gemfile if you want use ActiveModel::SecurePassword:

    gem ‘bcrypt-ruby’, ‘~> 3.0.0’

    See GH #2687. [Guillermo Iguaran]

ActiveRecord

  • LRU cache in mysql and sqlite are now per-process caches.

    • lib/activerecord/connectionadapters/mysql_adapter.rb: LRU cache
      keys are per process id.
    • lib/activerecord/connectionadapters/sqlite_adapter.rb: ditto
  • Database adapters use a statement pool for limiting the number of open
    prepared statments on the database. The limit defaults to 1000, but can
    be adjusted in your database config by changing ‘statement_limit’.

  • Fix clash between using ‘preload’, ‘joins’ or ‘eager_load’ in a default scope and including the
    default scoped model in a nested through association. (GH #2834.) [Jon Leighton]

  • Ensure we are not comparing a string with a symbol in HasManyAssociation#inverseupdatescounter_cache?.
    Fixes GH #2755, where a counter cache could be decremented twice as far as it was supposed to be.

    [Jon Leighton]

  • Don’t send any queries to the database when the foreign key of a belongs_to is nil. Fixes
    GH #2828. [Georg Friedrich]

  • Fixed findin_batches method to not include order from defaultscope. See GH #2832 [Arun Agrawal]

  • Don’t compute table name for abstract classes. Fixes problem with setting the primary key
    in an abstract class. See GH #2791. [Akira Matsuda]

  • Psych errors with poor yaml formatting are proxied. Fixes GH #2645 and
    GH #2731

  • Use the LIMIT word with the methods #last and #first. Fixes GH #2783 [Damien Mathieu]

ActiveResource

  • No changes

ActiveSupport

  • Fixed performance issue where TimeZone lookups would require tzinfo each time [Tim Lucas]

  • ActiveSupport::OrderedHash is now marked as extractable when using Array#extract_options! [Prem Sichanugrist]

Railties

  • No changes

You can find an exhaustive list of changes on github. Along with the closed issues marked for v3.1.1.

You can also see issues we haven’t closed yet.

Thanks to everyone!

Rails 3.1.0 has been released!

Hi everybody!

It’s been 3 Months since RailsConf, so I think it’s time we released Rails 3.1.0. So, here it is! I’ve released Rails 3.1.0!

CHANGES

For a much more attractive and easy to read list of changes, please check out the awesome Rails 3.1.0 Release Notes on the Rails Guides site. For a less attractive list of changes, please continue to read!

Here are some highlights of the major changes in Rails 3.1.0:

ActionPack

  • ActionPack has been updated to include the new asset pipeline. Please see the rails guides on the asset pipeline.

  • Streaming response support has been added. This feature allows you to stream templates to the user before processing has actually finished. See the Rails Guides, or documentation in ActionController::Metal::Streaming for more information. Middleware have been refactored to support this feature.

  • RJS has been extracted to a gem.

ActiveModel

  • attr_accessible and friends now accepts :as as option to specify a role

  • Added ActiveModel::SecurePassword to encapsulate dead-simple password usage with BCrypt encryption and salting.

ActiveRecord

  • Prepared statement caches have been integrated. ActiveRecord::Base#create and simple finders will use a prepared statement and cache for more performant inserts and selects.

  • Associations have been refactored for greater simplicity and maintainability.

  • default_scope can take any object that responds to call.

  • PostgreSQL adapter only supports PostgreSQL version 8.2 and higher.

  • Migrations use instance methods rather than class methods. Rather than defining a self.up method, you should define an instance method up.

  • Migrations are reversible. When a new migration is generated, the migration will contain one method called change. Database changes made in this method will automatically know how to reverse themselves. For more information, see the documentation for ActiveRecord::Migration and ActiveRecord::Migration::CommandRecorder.

  • When a model is generated, add_index is added by default for belongs_to or references columns.

ActiveResource

  • The default format has been changed to JSON for all requests. If you want to continue to use XML you will need to set self.format = :xml in the class.

ActiveSupport

  • ActiveSupport::BufferedLogger set log encoding to BINARY, but still use text mode to output portable newlines.

  • Add Object#in? to test if an object is included in another object.

  • ActiveSupport::Dependencies::ClassCache class has been introduced for holding references to reloadable classes.

  • Added weeks_ago and prev_week to Date/DateTime/Time.

  • JSON decoding now uses the multi_json gem which also vendors a json engine called OkJson. The yaml backend has been removed in favor of OkJson as a default engine for 1.8.x, while the built in 1.9.x json implementation will be used by default.

Railties

  • The default database schema file is written as UTF-8.

  • Rack::Sendfile middleware is used only if x_sendfile_header is present.

  • Add alias r for rails runner.

  • jQuery is the new default JavaScript library.

  • Added config.force_ssl configuration which loads Rack::SSL middleware and force all requests to be under HTTPS protocol

For more info

For a more detailed list of changes, please see each of the CHANGELOG files checked in to the Rails repository on github.

For an even more detailed list of changes, please see the commit list between Rails 3.0.10 and 3.1.0.

The End

I am personally very proud of this release. I want to say thank you to the people testing our release candidates, the people submitting patches and sending in bug reports. I think that Rails 3.1.0 is the best release of Rails to date, and we could not have done it without you.

Please continue to create amazing things with this framework!

SHA-1

  • b68f74ced662145a4139409edf3c51db1159ead8 actionmailer-3.1.0.gem
  • 136474f270677ae75ad0f9599d26e89cf1d4bc7b actionpack-3.1.0.gem
  • e6b68453c08bb0da52ed1d422ba2f87a5e3aa794 activemodel-3.1.0.gem
  • dfbae15c0d395304812c22fbf18aa9daadbe20b4 activerecord-3.1.0.gem
  • 3f1f547e500d1ffc1f7c3ee4ab9eb1526157a870 activeresource-3.1.0.gem
  • f21627c2f429abfa8685d2147fadab6704c13869 activesupport-3.1.0.gem
  • 21c6592189fb358a066846754a8f7ce7a238fca6 rails-3.1.0.gem
  • 79cfa1eca232de9a45453829287e4438089b7955 railties-3.1.0.gem

<3 <3 <3

The Ruby on Rails API Switches to SDoc

The Ruby on Rails API is switching to SDoc starting with 3.1.

SDoc is a RDoc format created by Володя Колесников (@voloko) that has been powering railsapi.com for a long time.

Among other things, SDoc provides a search box with fuzzy match completion, tree browsing, keyboard navigation, and a really nice template.

You can already see the upgrade in the edge API.

We’d like to thank very much Володя for his work updating SDoc for the official API. Thanks man!