-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update dependency rails to v7.2.2.1 #315
Open
renovate
wants to merge
1
commit into
main
Choose a base branch
from
renovate/ruby-on-rails-packages
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
changed the title
chore(deps): update dependency rails to v7.0.4.3
chore(deps): update dependency rails to v7.0.5
May 28, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
May 28, 2023 10:13
dbb8865
to
2e9f628
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.0.5
chore(deps): update dependency rails to v7.0.6
Jun 29, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
June 29, 2023 21:58
2e9f628
to
6d8eb65
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.0.6
chore(deps): update dependency rails to v7.0.7
Aug 10, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
August 10, 2023 00:46
6d8eb65
to
9d52635
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.0.7
chore(deps): update dependency rails to v7.0.7.2
Aug 22, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
August 22, 2023 21:13
9d52635
to
d32427a
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
September 13, 2023 01:18
d32427a
to
d531010
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.0.7.2
chore(deps): update dependency rails to v7.0.8
Sep 13, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
October 5, 2023 11:08
d531010
to
bdb1c08
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.0.8
chore(deps): update dependency rails to v7.1.0
Oct 5, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
November 6, 2023 06:50
bdb1c08
to
1cbe121
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.0
chore(deps): update dependency rails to v7.1.1
Nov 6, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
November 11, 2023 01:44
1cbe121
to
f23d781
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.1
chore(deps): update dependency rails to v7.1.2
Nov 11, 2023
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
January 17, 2024 01:09
f23d781
to
e70eaa9
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.2
chore(deps): update dependency rails to v7.1.3
Jan 17, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
February 21, 2024 21:23
e70eaa9
to
0501cf6
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.3
chore(deps): update dependency rails to v7.1.3.1
Feb 21, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
February 22, 2024 01:58
0501cf6
to
dfb18a6
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.3.1
chore(deps): update dependency rails to v7.1.3.2
Feb 22, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
May 17, 2024 02:14
dfb18a6
to
c00c9c7
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.3.2
chore(deps): update dependency rails to v7.1.3.3
May 17, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
June 4, 2024 20:03
c00c9c7
to
6571acc
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.3.3
chore(deps): update dependency rails to v7.1.3.4
Jun 4, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
August 10, 2024 02:41
6571acc
to
9b0c490
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.1.3.4
chore(deps): update dependency rails to v7.2.0
Aug 10, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
August 13, 2024 16:21
9b0c490
to
6edb615
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
August 22, 2024 21:36
6edb615
to
5bc6edb
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.0
chore(deps): update dependency rails to v7.2.1
Aug 22, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
August 28, 2024 09:37
5bc6edb
to
59fe28a
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
October 15, 2024 21:03
59fe28a
to
368001e
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.1
chore(deps): update dependency rails to v7.2.1.1
Oct 15, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
October 23, 2024 22:57
368001e
to
9c031f4
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.1.1
chore(deps): update dependency rails to v7.2.1.2
Oct 23, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
October 31, 2024 04:36
9c031f4
to
db20aaa
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.1.2
chore(deps): update dependency rails to v7.2.2
Oct 31, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
November 17, 2024 16:46
db20aaa
to
ba61fe6
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
December 2, 2024 12:22
ba61fe6
to
c1b0e98
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
December 10, 2024 14:26
c1b0e98
to
925c085
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
December 10, 2024 22:06
925c085
to
57fb384
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.2
chore(deps): update dependency rails to v7.2.2.1
Dec 10, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
None yet
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
7.0.4
->7.2.2.1
Release Notes
rails/rails (rails)
v7.2.2.1
: 7.2.2.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v7.2.2
: 7.2.2Compare Source
Active Support
Include options when instrumenting
ActiveSupport::Cache::Store#delete
andActiveSupport::Cache::Store#delete_multi
.Adam Renberg Tamm
Print test names when running
rails test -v
for parallel tests.John Hawthorn, Abeid Ahmed
Active Model
Fix regression in
alias_attribute
to work with user defined methods.alias_attribute
would wrongly assume the attribute accessor was generated by Active Model.Jean Boussier
Active Record
Fix support for
query_cache: false
indatabase.yml
.query_cache: false
would no longer entirely disable the Active Record query cache.zzak
Set
.attributes_for_inspect
to:all
by default.For new applications it is set to
[:id]
in config/environment/production.rb.In the console all the attributes are always shown.
Andrew Novoselac
PG::UnableToSend: no connection to the server
is now retryable as a connection-related exceptionKazuma Watanabe
Fix marshalling of unsaved associated records in 7.1 format.
The 7.1 format would only marshal associated records if the association was loaded.
But associations that would only contain unsaved records would be skipped.
Jean Boussier
Fix incorrect SQL query when passing an empty hash to
ActiveRecord::Base.insert
.David Stosik
Allow to save records with polymorphic join tables that have
inverse_of
specified.
Markus Doits
Fix association scopes applying on the incorrect join when using a polymorphic
has_many through:
.Joshua Young
Fix
dependent: :destroy
for bi-directional has one through association.Fixes #50948.
In the above example
left.destroy
wouldn't destroy its associatedRight
record.
Andy Stewart
Properly handle lazily pinned connection pools.
Fixes #53147.
When using transactional fixtures with system tests to similar tools
such as capybara, it could happen that a connection end up pinned by the
server thread rather than the test thread, causing
"Cannot expire connection, it is owned by a different thread"
errors.Jean Boussier
Fix
ActiveRecord::Base.with
to accept more than two sub queries.Fixes #53110.
The above now works as expected.
fatkodima
Properly release pinned connections with non joinable connections.
Fixes #52973
When running system tests with transactional fixtures on, it could happen that
the connection leased by the Puma thread wouldn't be properly released back to the pool,
causing "Cannot expire connection, it is owned by a different thread" errors in later tests.
Jean Boussier
Make Float distinguish between
float4
andfloat8
in PostgreSQL.Fixes #52742
Ryota Kitazawa, Takayuki Nagatomi
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Action View
Action Pack
Fix non-GET requests not updating cookies in
ActionController::TestCase
.Jon Moss, Hartley McGuire
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.2.1.2
: 7.2.1.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Fix NoMethodError in
block_format
helperMichael Leimstaedtner
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.2.1.1
: 7.2.1.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Avoid regex backtracking in HTTP Token authentication
[CVE-2024-47887]
Avoid regex backtracking in query parameter filtering
[CVE-2024-41128]
Active Job
Action Mailer
Avoid regex backtracking in
block_format
helper[CVE-2024-47889]
Action Cable
Active Storage
Action Mailbox
Action Text
Avoid backtracing in plain_text_for_blockquote_node
[CVE-2024-47888]
Railties
Guides
v7.2.1
: 7.2.1Compare Source
Active Support
Active Model
Active Record
Fix detection for
enum
columns with parallelized tests and PostgreSQL.Rafael Mendonça França
Allow to eager load nested nil associations.
fatkodima
Fix swallowing ignore order warning when batching using
BatchEnumerator
.fatkodima
Fix memory bloat on the connection pool when using the Fiber
IsolatedExecutionState
.Jean Boussier
Restore inferred association class with the same modularized name.
Justin Ko
Fix
ActiveRecord::Base.inspect
to properly explain how to load schema information.Jean Boussier
Check invalid
enum
options for the new syntax.The options using
_
prefix in the old syntax are invalid in the new syntax.Rafael Mendonça França
Fix
ActiveRecord::Encryption::EncryptedAttributeType#type
to returnactual cast type.
Vasiliy Ermolovich
Fix
create_table
with:auto_increment
option for MySQL adapter.fatkodima
Action View
Action Pack
Fix
Request#raw_post
raisingNoMethodError
whenrack.input
isnil
.Hartley McGuire
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Strip
content
attribute if the key is present but the value is emptyJeremy Green
Railties
Fix
rails console
for application with non default application constant.The wrongly assumed the Rails application would be named
AppNamespace::Application
,which is the default but not an obligation.
Jean Boussier
Fix the default Dockerfile to include the full sqlite3 package.
Prior to this it only included
libsqlite3
, so it wasn't enough torun
rails dbconsole
.Jerome Dalbert
Don't update public directory during
app:update
command for API-only Applications.y-yagi
Don't add bin/brakeman if brakeman is not in bundle when upgrading an application.
Etienne Barrié
Remove PWA views and routes if its an API only project.
Jean Boussier
Simplify generated Puma configuration
DHH, Rafael Mendonça França
v7.2.0
Compare Source
v7.1.5.1
: 7.1.5.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v7.1.5
: 7.1.5Compare Source
Active Support
Active Model
Fix regression in
alias_attribute
to work with user defined methods.alias_attribute
would wrongly assume the attribute accessor was generated by Active Model.Jean Boussier
Active Record
Fix marshalling of unsaved associated records in 7.1 format.
The 7.1 format would only marshal associated records if the association was loaded.
But associations that would only contain unsaved records would be skipped.
Jean Boussier
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.1.4.2
: 7.1.4.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Fix NoMethodError in
block_format
helperMichael Leimstaedtner
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.1.4.1
: 7.1.4.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Avoid regex backtracking in HTTP Token authentication
[CVE-2024-47887]
Avoid regex backtracking in query parameter filtering
[CVE-2024-41128]
Active Job
Action Mailer
Avoid regex backtracking in
block_format
helper[CVE-2024-47889]
Action Cable
Active Storage
Action Mailbox
Action Text
Avoid backtracing in plain_text_for_blockquote_node
[CVE-2024-47888]
Railties
Guides
v7.1.4
: 7.1.4Compare Source
Active Support
Improve compatibility for
ActiveSupport::BroadcastLogger
.Máximo Mussini
Pass options along to write_entry in handle_expired_entry method.
Graham Cooper
Fix Active Support configurations deprecations.
fatkodima
Fix teardown callbacks.
Tristan Starck
BacktraceCleaner
silence core internal methods by default.Jean Boussier
Fix
delegate_missing_to allow_nil: true
when called with implict selfJean Boussier
Work around a Ruby bug that can cause a VM crash.
This would happen if using
TaggerLogger
with a Procformatter on which you called
object_id
.Jean Boussier
Fix
ActiveSupport::Notifications.publish_event
to preserve units.This solves the incorrect reporting of time spent running Active Record
asynchronous queries (by a factor
1000
).Jean Boussier
Active Model
Active Record
Allow to eager load nested nil associations.
fatkodima
Fix
create_table
with:auto_increment
option for MySQL adapter.fatkodima
Don't load has_one associations during autosave.
Eugene Kenny
Fix migration ordering for
bin/rails db:prepare
across databases.fatkodima
Fix
alias_attribute
to ignore methods defined in parent classes.Jean Boussier
Fix a performance regression in attribute methods.
Jean Boussier
Fix Active Record configs variable shadowing.
Joel Lubrano
Fix running migrations on other databases when
database_tasks: false
on primary.fatkodima
Fix non-partial inserts for models with composite identity primary keys.
fatkodima
Fix
ActiveRecord::Relation#touch_all
with custom attribute aliased as attribute for update.fatkodima
Fix a crash when an Executor wrapped fork exit.
Joé Dupuis
Fix
destroy_async
job for owners with composite primary keys.fatkodima
Ensure pre-7.1 migrations use legacy index names when using
rename_table
.fatkodima
Allow
primary_key:
association option to be composite.Nikita Vasilevsky
Do not try to alias on key update when raw SQL is supplied.
Gabriel Amaral
Memoize
key_provider
fromkey
or deterministickey_provider
if any.Rosa Gutierrez
Fix
upsert
warning for MySQL.fatkodima
Fix predicate builder for polymorphic models referencing models with composite primary keys.
fatkodima
Fix
update_all/delete_all
on CPK model relation with join subquery.Nikita Vasilevsky
Remove memoization to accept
key_provider
overridden bywith_encryption_context
.John Hawthorn
Raise error for Trilogy when prepared_statements is true.
Trilogy doesn't currently support prepared statements. The error that
applications would see is a
StatementInvalid
error. This doesn't quite pointyou to the fact this isn't supported. So raise a more appropriate error
pointing to what to change.
Eileen M. Uchitelle
Fix loading schema cache when all databases have disabled database tasks.
fatkodima
Always request
primary_key
inRETURNING
if no other columns requested.Nikita Vasilevsky
Handle records being loaded with Marshal without triggering schema load
When using the old marshalling format for Active Record and loading
a serialized instance, it didn't trigger loading the schema and defining
attribute methods.
Jean Boussier
Prevent some constant redefinition warnings when defining
inherited
on models.Adrian Hirt
Fix a memory perfomance regression in attribute methods.
Attribute methods used much more memory and were slower to define than
they should have been.
Jean Boussier
Fix an issue that could cause database connection leaks.
If Active Record successfully connected to the database, but then failed
to read the server informations, the connection would be leaked until the
Ruby garbage collector triggers.
Jean Boussier
Fix an issue where the IDs reader method did not return expected results
for preloaded associations in models using composite primary keys.
Jay Ang
PostgreSQL
Cidr#change?
detects the address prefix change.Taketo Takashima
Fix Active Record serialization to not include instantiated but not loaded associations
Jean Boussier, Ben Kyriakou
Allow
Sqlite3Adapter
to usesqlite3
gem version2.x
Mike Dalessio
Strict loading using
:n_plus_one_only
does not eagerly load child associations.With this change, child associations are no longer eagerly loaded, to
match intended behavior and to prevent non-deterministic order issues caused
by calling methods like
first
orlast
. Asfirst
andlast
don't causean N+1 by themselves, calling child associations will no longer raise.
Fixes #49473.
Before:
SELECT * FROM posts WHERE person_id = 1; -- non-deterministic order
SELECT * FROM posts WHERE person_id = 1 ORDER BY id LIMIT 1;
Using
Model.query_constraints
with a single non-primary-key column used to raise as expected, but with anincorrect error message. This has been fixed to raise with a more appropriate error message.
Joshua Young
Fix
has_one
association autosave setting the foreign key attribute when it is unchanged.This behaviour is also inconsistent with autosaving
belongs_to
and can have unintended side effects like raisingan
ActiveRecord::ReadonlyAttributeError
when the foreign key attribute is marked as read-only.Joshua Young
Fix an issue where
ActiveRecord::Encryption
configurations are not ready before the loadingof Active Record models, when an application is eager loaded. As a result, encrypted attributes
could be misconfigured in some cases.
Maxime Réty
Properly synchronize
Mysql2Adapter#active?
andTrilogyAdapter#active?
As well as
disconnect!
andverify!
.This generally isn't a big problem as connections must not be shared between
threads, but is required when running transactional tests or system tests
and could lead to a SEGV.
Jean Boussier
Fix counter caches when the foreign key is composite.
If the model holding the counter cache had a composite primary key,
inserting a dependent record would fail with an
ArgumentError
Expected corresponding value for...
fatkodima
Fix loading of schema cache for multiple databases.
Before this change, if you have multiple databases configured in your
application, and had schema cache present, Rails would load the same
cache to all databases.
Rafael Mendonça França
Fix eager loading of composite primary key associations.
relation.eager_load(:other_model)
could load the wrong records ifother_model
had a composite primary key.
Nikita Vasilevsky
Fix async queries returning a doubly wrapped result when hitting the query cache.
fatkodima
Fix single quote escapes on default generated MySQL columns
MySQL 5.7.5+ supports generated columns, which can be used to create a column that is computed from an expression.
Previously, the schema dump would output a string with double escapes for generated columns with single quotes in the default expression.
This would result in issues when importing the schema on a fresh instance of a MySQL database.
Now, the string will not be escaped and will be valid Ruby upon importing of the schema.
Yash Kapadia
Fix Migrations with versions older than 7.1 validating options given to
t.references
.Hartley McGuire
Action View
Action View Test Case
rendered
memoization.Sean Doyle
Restore the ability for templates to return any kind of object and not just strings
Jean Boussier
Fix threading issue with strict locals.
Robert Fletcher
Action Pack
Resolve deprecation warning in latest
selenium-webdriver
.Earlopain
Don't preload Selenium browser when remote.
Noah Horton
Fix crash for invalid Content-Type in ShowExceptions middleware.
Earlopain
Fix inconsistent results of
params.deep_transform_keys
.Iago Pimenta
Do not report rendered errors except 500.
Nikita Vasilevsky
Improve routes source location detection.
Jean Boussier
Fix
Request#raw_post
raisingNoMethodError
whenrack.input
isnil
.Hartley McGuire
Fix url generation in nested engine when script name is empty.
zzak
Fix
Mime::Type.parse
handling type parameters for HTTP Accept headers.Taylor Chaparro
Fix the error page that is displayed when a view template is missing to account for nested controller paths in the
suggested correct location for the missing template.
Joshua Young
Fix a regression in 7.1.3 passing a
to:
option without a controller when the controller is already defined by a scope.Étienne Barrié
Fix
ActionDispatch::Executor
middleware to report errors handled byActionDispatch::ShowExceptions
In the default production environment,
ShowExceptions
rescues uncaught errorsand returns a response. Because of this the executor wouldn't report production
errors with the default Rails configuration.
Jean Boussier
Active Job
Register autoload for
ActiveJob::Arguments
.Rafael Mendonça França
Action Mailer
Action Cable
Active Storage
Fixes race condition for multiple preprocessed video variants.
Justin Searls
Action Mailbox
Action Text
Strip
content
attribute if the key is present but the value is emptyJeremy Green
Only sanitize
content
attribute when present in attachments.Petrik de Heus
Railties
Preserve
--asset-pipeline propshaft
when runningapp:update
.Zacharias Knudsen
Allow string keys for SQLCommenter.
Ngan Pham
Fix derived foreign key to return correctly when association id is part of query constraints.
Varun Sharma
Show warning for
secret_key_base
in development too.fatkodima
Fix sanitizer vendor configuration in 7.1 defaults.
In apps where
rails-html-sanitizer
was not eagerly loaded, the sanitizer default could end upbeing Rails::HTML4::Sanitizer when it should be set to
Rails::HTML5::Sanitizer
.Mike Dalessio, Rafael Mendonça França
Revert the use of
Concurrent.physical_processor_count
in default Puma configWhile for many people this saves one config to set, for many others using
a shared hosting solution, this cause the default configuration to spawn
way more workers than reasonable.
There is unfortunately no reliable way to detect how many cores an application
can realistically use, and even then, assuming the application should use
all the machine resources is often wrong.
Jean Boussier
v7.1.3.4
: 7.1.3.4Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
[CVE-2024-28103]
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
[CVE-2024-32464]
Railties
v7.1.3.3
: 7.1.3.3Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Upgrade Trix to 2.1.1 to fix CVE-2024-34341.
Rafael Mendonça França
Railties
v7.1.3.2
Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
raise_on_missing_translations
not working correctly with thetranslate
method in controllers after the patch for CVE-2024-26143.Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v7.1.3.1
: 7.1.3.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Fix possible XSS vulnerability with the
translate
method in controllersCVE-2024-26143
Fix ReDoS in Accept header parsing
CVE-2024-26142
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v7.1.3
: 7.1.3Compare Source
Active Support
Handle nil
backtrace_locations
inActiveSupport::SyntaxErrorProxy
.Eugene Kenny
Fix
ActiveSupport::JSON.encode
to prevent duplicate keys.If the same key exist in both String and Symbol form it could
lead to the same key being emitted twice.
Manish Sharma
Fix
ActiveSupport::Cache::Store#read_multi
when using a cache namespaceand local cache strategy.
Mark Oleson
Fix
Time.now/DateTime.now/Date.today
to return results in a system timezone after#travel_to
.There is a bug in the current implementation of #travel_to:
it remembers a timezone of its argument, and all stubbed methods start
returning results in that remembered timezone. However, the expected
behaviour is to return results in a system timezone.
Aleksei Chernenkov
Fix
:unless_exist
option forMemoryStore#write
(et al) when using acache namespace.
S. Brent Faulkner
Fix ActiveSupport::Deprecation to handle blaming generated code.
Jean Boussier, fatkodima
Active Model
Active Record
Fix Migrations with versions older than 7.1 validating options given to
add_reference
.Hartley McGuire
Ensure
reload
sets correct owner for each association.Dmytro Savochkin
Fix view runtime for controllers with async queries.
fatkodima
Fix
load_async
to work with query cache.fatkodima
Fix polymorphic
belongs_to
to correctly use parent'squery_constraints
.fatkodima
Fix
Preloader
to not generate a query for already loaded association withquery_constraints
.fatkodima
Fix multi-database polymorphic preloading with equivalent table names.
When preloading polymorphic associations, if two models pointed to two
tables with the same name but located in different databases, the
preloader would only load one.
Ari Summer
Fix
encrypted_attribute?
to take into account context properties passed toencrypts
.Maxime Réty
Fix
find_by
to work correctly in presence of composite primary keys.fatkodima
Fix async queries sometimes returning a raw result if they hit the query cache.
ShipPart.async_count
could return a raw integer rather than a Promiseif it found the result in the query cache.
fatkodima
Fix
Relation#transaction
to not apply a default scope.The method was incorrectly setting a default scope around its block:
Jean Boussier
Fix calling
async_pluck
on anone
relation.Model.none.async_pluck(:id)
was returning a naked valueinstead of a promise.
Jean Boussier
Fix calling
load_async
on anone
relation.Model.none.load_async
was returning a broken result.Lucas Mazza
TrilogyAdapter: ignore
host
ifsocket
parameter is set.This allows to configure a connection on a UNIX socket via DATABASE_URL:
Jean Boussier
Fix
has_secure_token
calls the setter method on initialize.Abeid Ahmed
Allow using
object_id
as a database column name.It was available before rails 7.1 and may be used as a part of polymorphic relationship to
object
whereobject
can be any other database record.Mikhail Doronin
Fix
rails db:create:all
to not touch databases before they are created.fatkodima
Action View
Better handle SyntaxError in Action View.
Mario Caropreso
Fix
word_wrap
with empty string.Jonathan Hefner
Rename
ActionView::TestCase::Behavior::Content
toActionView::TestCase::Behavior::RenderedViewContent
.Make
RenderedViewContent
inherit fromString
. Make private API with:nodoc:
.Sean Doyle
Fix detection of required strict locals.
Further fix
render @​collection
compatibility with strict localsJean Boussier
Action Pack
Fix including
Rails.application.routes.url_helpers
directly in anActiveSupport::Concern.
Jonathan Hefner
Fix system tests when using a Chrome binary that has been downloaded by
Selenium.
Jonathan Hefner
Active Job
Do not trigger immediate loading of
ActiveJob::Base
when loadingActiveJob::TestHelper
.Maxime Réty
Preserve the serialized timezone when deserializing
ActiveSupport::TimeWithZone
arguments.Joshua Young
Fix ActiveJob arguments serialization to correctly serialize String subclasses having custom serializers.
fatkodima
Action Mailer
Action Cable
Active Storage
Fix N+1 query when fetching preview images for non-image assets.
Aaron Patterson & Justin Searls
Fix all Active Storage database related models to respect
ActiveRecord::Base.table_name_prefix
configuration.Chedli Bourguiba
Fix
ActiveStorage::Representations::ProxyController
not returning the properpreview image variant for previewable files.
Chedli Bourguiba
Fix
ActiveStorage::Representations::ProxyController
to proxy untrackedvariants.
Chedli Bourguiba
Fix direct upload forms when submit button contains nested elements.
Marc Köhlbrugge
When using the
preprocessed: true
option, avoid enqueuing transform jobsfor blobs that are not representable.
Chedli Bourguiba
Process preview image variant when calling
ActiveStorage::Preview#processed
.For example,
attached_pdf.preview(:thumb).processed
will now immediatelygenerate the full-sized preview image and the
:thumb
variant of it.Previously, the
:thumb
variant would not be generated until a further callto e.g.
processed.url
.Chedli Bourguiba and Jonathan Hefner
Prevent
ActiveRecord::StrictLoadingViolationError
when strict loading isenabled and the variant of an Active Storage preview has already been
processed (for example, by calling
ActiveStorage::Preview#url
).Jonathan Hefner
Fix
preprocessed: true
option for named variants of previewable files.Nico Wenterodt
Action Mailbox
Action Text
Railties
Make sure
config.after_routes_loaded
hook runs on boot.Rafael Mendonça França
Fix
config.log_level
not being respected when using aBroadcastLogger
Édouard Chin
Fix isolated engines to take
ActiveRecord::Base.table_name_prefix
into consideration.This will allow for engine defined models, such as inside Active Storage, to respect
Active Record table name prefix configuration.
Chedli Bourguiba
The
bin/rails app:template
command will no longer add potentially unwantedgem platforms via
bundle lock --add-platform=...
commands.Jonathan Hefner
v7.1.2
: 7.1.2Compare Source
Active Support
Fix
:expires_in
option forRedisCacheStore#write_multi
.fatkodima
Fix deserialization of non-string "purpose" field in Message serializer
Jacopo Beschi
Prevent global cache options being overwritten when setting dynamic options
inside a
ActiveSupport::Cache::Store#fetch
block.Yasha Krasnou
Fix missing
require
resulting inNoMethodError
when runningbin/rails secrets:show
orbin/rails secrets:edit
.Stephen Ierodiaconou
Ensure
{down,up}case_first
returns non-frozen string.Jonathan Hefner
Fix
#to_fs(:human_size)
to correctly work with negative numbers.Earlopain
Fix
BroadcastLogger#dup
so that it duplicates the logger'sbroadcasts
.Andrew Novoselac
Fix issue where
bootstrap.rb
overwrites thelevel
of aBroadcastLogger
'sbroadcasts
.Andrew Novoselac
Fix
ActiveSupport::Cache
to handle outdated Marshal payload from Rails 6.1 format.Active Support's Cache is supposed to treat a Marshal payload that can no longer be
deserialized as a cache miss. It fail to do so for compressed payload in the Rails 6.1
legacy format.
Jean Boussier
Fix
OrderedOptions#dig
for array indexes.fatkodima
Fix time travel helpers to work when nested using with separate classes.
fatkodima
Fix
delete_matched
for file cache store to work with keys longer than themax filename size.
fatkodima and Jonathan Hefner
Fix compatibility with the
semantic_logger
gem.The
semantic_logger
gem doesn't behave exactly like stdlib logger in thatSemanticLogger#level
returns a Symbol while stdlibLogger#level
returns an Integer.This caused the various
LogSubscriber
classes in Rails to break when assigned aSemanticLogger
instance.Jean Boussier, ojab
Active Model
Make
==(other)
method of AttributeSet safe.Dmitry Pogrebnoy
Active Record
Fix renaming primary key index when renaming a table with a UUID primary key
in PostgreSQL.
fatkodima
Fix
where(field: values)
queries whenfield
is a serialized attribute(for example, when
field
usesActiveRecord::Base.serialize
or is a JSONcolumn).
João Alves
Prevent marking broken connections as verified.
Daniel Colson
Don't mark Float::INFINITY as changed when reassigning it
When saving a record with a float infinite value, it shouldn't mark as changed
Maicol Bentancor
ActiveRecord::Base.table_name
now returnsnil
instead of raising"undefined method
abstract_class?
for Object:Class".a5-stable
Fix upserting for custom
:on_duplicate
and:unique_by
consisting of allinserts keys.
fatkodima
Fixed an issue where saving a
record could innappropriately
dup
its attributes.Jonathan Hefner
Dump schema only for a specific db for rollback/up/down tasks for multiple dbs.
fatkodima
Fix
NoMethodError
when casting a PostgreSQLmoney
value that uses acomma as its radix point and has no leading currency symbol. For example,
when casting
"3,50"
.Andreas Reischuck and Jonathan Hefner
Re-enable support for using
enum
with non-column-backed attributes.Non-column-backed attributes must be previously declared with an explicit
type. For example:
Jonathan Hefner
Raise on
foreign_key:
being passed as an array in associationsNikita Vasilevsky
Return back maximum allowed PostgreSQL table name to 63 characters.
fatkodima
Fix detecting
IDENTITY
columns for PostgreSQL < 10.fatkodima
Action View
Fix the
number_to_human_size
view helper to correctly work with negative numbers.Earlopain
Automatically discard the implicit locals injected by collection rendering for template that can't accept them
When rendering a collection, two implicit variables are injected, which breaks templates with strict locals.
Now they are only passed if the template will actually accept them.
Yasha Krasnou, Jean Boussier
Fix
@rails/ujs
callingstart()
an extra time when using bundlersHartley McGuire, Ryunosuke Sato
Fix the
capture
view helper compatibility with HAML and SlimWhen a blank string was captured in HAML or Slim (and possibly other template engines)
it would instead return the entire buffer.
Jean Boussier
Action Pack
Fix a race condition that could cause a
Text file busy - chromedriver
error with parallel system tests
Matt Brictson
Fix
StrongParameters#extract_value
to include blank valuesOtherwise composite parameters may not be parsed correctly when one of the
component is blank.
fatkodima, Yasha Krasnou, Matthias Eiglsperger
Add
racc
as a dependency since it will become a bundled gem in Ruby 3.4.0Hartley McGuire
Support handling Enumerator for non-buffered responses.
Zachary Scott
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Compile ESM package that can be used directly in the browser as actiontext.esm.js
Matias Grunberg
Fix using actiontext.js with Sprockets
Matias Grunberg
Upgrade Trix to 2.0.7
Hartley McGuire
Fix using Trix with Sprockets
Hartley McGuire
Railties
Fix running
db:system:change
when app has no Dockerfile.Hartley McGuire
If you accessed
config.eager_load_paths
and friends, later changes toconfig.paths
were not reflected in the expected auto/eager load paths.Now, they are.
This bug has been latent since Rails 3.
Fixes #49629.
Xavier Noria
v7.1.1
: 7.1.1Compare Source
Active Support
Add support for keyword arguments when delegating calls to custom loggers from
ActiveSupport::BroadcastLogger
.Jenny Shen
NumberHelper
: handle objects respondingto_d
.fatkodima
Fix RedisCacheStore to properly set the TTL when incrementing or decrementing.
This bug was only impacting Redis server older than 7.0.
Thomas Countz
Fix MemoryStore to prevent race conditions when incrementing or decrementing.
Pierre Jambet
Active Model
Active Record
Fix auto populating IDENTITY columns for PostgreSQL.
fatkodima
Fix "ArgumentError: wrong number of arguments (given 3, expected 2)" when
down migrating
rename_table
in older migrations.fatkodima
Do not require the Action Text, Active Storage and Action Mailbox tables
to be present when running when running test on CI.
Rafael Mendonça França
Action View
Updated
@rails/ujs
files to ignore certain data-* attributes when element is contenteditable.This fix was already landed in >= 7.0.4.3, < 7.1.0.
[CVE-2023-23913]
Ryunosuke Sato
Action Pack
Active Job
Don't log enqueuing details when the job wasn't enqueued.
Dustin Brown
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Ensures the Rails generated Dockerfile uses correct ruby version and matches Gemfile.
Abhay Nikam
v7.1.0
: 7.1.0Compare Source
Active Support
Fix
AS::MessagePack
withENV["RAILS_MAX_THREADS"]
.Jonathan Hefner
Add a new public API for broadcasting logs
This feature existed for a while but was until now a private API.
Broadcasting log allows to send log message to difference sinks (STDOUT, a file ...) and
is used by default in the development environment to write logs both on STDOUT and in the
"development.log" file.
Basic usage:
Adding other sink(s) to the broadcast:
Remove a sink from the broadcast:
Edouard Chin
Fix Range#overlap? not taking empty ranges into account on Ruby < 3.3
Nobuyoshi Nakada, Shouichi Kamiya, Hartley McGuire
Use Ruby 3.3 Range#overlap? if available
Yasuo Honda
Add
bigdecimal
as Active Support dependency that is a bundled gem candidate for Ruby 3.4.bigdecimal
3.1.4 or higher version will be installed.Ruby 2.7 and 3.0 users who want
bigdecimal
version 2.0.0 or 3.0.0 behavior as a default gem,pin the
bigdecimal
version in your application Gemfile.Koichi ITO
Add
drb
,mutex_m
andbase64
that are bundled gem candidates for Ruby 3.4Yasuo Honda
When using cache format version >= 7.1 or a custom serializer, expired and
version-mismatched cache entries can now be detected without deserializing
their values.
Jonathan Hefner
Make all cache stores return a boolean for
#delete
Previously the
RedisCacheStore#delete
would return1
if the entryexists and
0
otherwise. Now it returns true if the entry exists and falseotherwise, just like the other stores.
The
FileStore
would returnnil
if the entry doesn't exists and returnsfalse
now as well.Petrik de Heus
Active Support cache stores now support replacing the default compressor via
a
:compressor
option. The specified compressor must respond todeflate
and
inflate
. For example:compression logic...
decompression logic...
Active Support cache stores now support a
:serializer
option. Similar tothe
:coder
option, serializers must respond todump
andload
. However,serializers are only responsible for serializing a cached value, whereas
coders are responsible for serializing the entire
ActiveSupport::Cache::Entry
instance. Additionally, the output from serializers can be automatically
compressed, whereas coders are responsible for their own compression.
Specifying a serializer instead of a coder also enables performance
optimizations, including the bare string optimization introduced by cache
format version 7.1.
The
:serializer
and:coder
options are mutually exclusive. Specifyingboth will raise an
ArgumentError
.Jonathan Hefner
Fix
ActiveSupport::Inflector.humanize(nil)
raisingNoMethodError: undefined method `end_with?' for nil:NilClass
.James Robinson
Don't show secrets for
ActiveSupport::KeyGenerator#inspect
.Before:
After:
Petrik de Heus
Improve error message when EventedFileUpdateChecker is used without a
compatible version of the Listen gem
Hartley McGuire
Add
:report
behavior for DeprecationSetting
config.active_support.deprecation = :report
uses the errorreporter to report deprecation warnings to
ActiveSupport::ErrorReporter
.Deprecations are reported as handled errors, with a severity of
:warning
.Useful to report deprecations happening in production to your bug tracker.
Étienne Barrié
Rename
Range#overlaps?
to#overlap?
and add alias for backwards compatibilityChristian Schmidt
Fix
EncryptedConfiguration
returning incorrect values for someHash
methods
Hartley McGuire
Don't show secrets for
MessageEncryptor#inspect
.Before:
After:
Petrik de Heus
Don't show contents for
EncryptedConfiguration#inspect
.Before:
After:
Petrik de Heus
ERB::Util.html_escape_once
always returns anhtml_safe
string.This method previously maintained the
html_safe?
property of a string on the returnvalue. Because this string has been escaped, however, not marking it as
html_safe
causesentities to be double-escaped.
As an example, take this view snippet:
Before this change, that would be double-escaped and render as:
After this change, it renders correctly as:
Fixes #48256
Mike Dalessio
Deprecate
SafeBuffer#clone_empty
.This method has not been used internally since Rails 4.2.0.
Mike Dalessio
MessageEncryptor
,MessageVerifier
, andconfig.active_support.message_serializer
now accept
:message_pack
and:message_pack_allow_marshal
as serializers.These serializers require the
msgpack
gem(>= 1.7.0).
The Message Pack format can provide improved performance and smaller payload
sizes. It also supports round-tripping some Ruby types that are not supported
by JSON. For example:
BEFORE with config.active_support.message_serializer = :json
=> [{"a"=>1}, {"b"=>2}, "1.0", "1969-12-31T18:00:00.000-06:00"]
=> [Hash, Hash, String, String]
AFTER with config.active_support.message_serializer = :message_pack
=> [{:a=>1}, {"b"=>2}, 0.1e1, 1969-12-31 18:00:00.000123 -0600]
=> [Hash, ActiveSupport::HashWithIndifferentAccess, BigDecimal, Time]
A new
7.1
cache format is available which includes an optimization forbare string values such as view fragments.
The
7.1
cache format is used by default for new apps, and existing appscan enable the format by setting
config.load_defaults 7.1
or by settingconfig.active_support.cache_format_version = 7.1
inconfig/application.rb
or a
config/environments/*.rb
file.Cache entries written using the
6.1
or7.0
cache formats can be readwhen using the
7.1
format. To perform a rolling deploy of a Rails 7.1upgrade, wherein servers that have not yet been upgraded must be able to
read caches from upgraded servers, leave the cache format unchanged on the
first deploy, then enable the
7.1
cache format on a subsequent deploy.Jonathan Hefner
Active Support cache stores can now use a preconfigured serializer based on
ActiveSupport::MessagePack
via the:serializer
option:The
:message_pack
serializer can reduce cache entry sizes and improveperformance, but requires the
msgpack
gem(>= 1.7.0).
The
:message_pack
serializer can read cache entries written by the defaultserializer, and the default serializer can now read entries written by the
:message_pack
serializer. These behaviors make it easy to migrate betweenserializer without invalidating the entire cache.
Jonathan Hefner
Object#deep_dup
no longer duplicate named classes and modules.Before:
After:
Jean Boussier
Consistently raise an
ArgumentError
if theActiveSupport::Cache
key is blank.Joshua Young
Dep
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.