Friday, March 4, 2016

This week in Rails: Rails 4.2.6.rc1 and 4.1.15.rc1, AS::Executor and AS::Reloader APIs and more!

Posted by vipulnsward

Hi All!

This is Vipul bringing you the latest news from Rails!

This week’s Rails contributors

This week 48 contributors helped to move Rails forward! Want to be one of them? Look at the issues list and make a contribution!

Rails 4.2.6.rc1 and 4.1.15.rc1 have been released

Rails 4.2.6.rc1 and 4.1.15.rc1 have been released! If no regressions are found expect the final release around March 4, 2016.

Publish AS::Executor and AS::Reloader APIs

These both allow external code to run blocks of user code to do “work” at a similar unit size to a web request without needing to get intimate with Action Dispatch.

This change is intended to allow interested callers (Sidekiq, Action Cable), to just do:

Rails.application.reloader.wrap do
  # run some user code

and Rails will take care of the interlock, code reloading, returning Active Record connections to the pool, and anything else that might be relevant. Exciting, if you have ever been stung by concurrent processing in jobs, etc.

New Stuff

Rails now defaults to Puma 3

With related changes from Puma, Puma 3.0 and up introduced compatibility to read from config/puma.rb when booting from the command $ rails server. Rails now depends on Puma 3.0, so that support for config/puma.rb comes out of the box.

Add exclude option to SSL middleware

The force_ssl option redirects each request to HTTPS. This change now allows redirection to be constrained to only whitelisted requests with exclude:

config.ssl_options = { redirect: { exclude: -> request { request.path !~ /healthcheck/ } } }


Generate config/spring.rb in new applications

This change makes the application generator create a new file config/spring.rb, which tells Spring to watch additional common files, for example .ruby-version. This file can then be edited to suit each application.

Added log “Rendering …”, when starting to render a template

This change added log “Rendering …”, when starting to render a template, to log that we have started to render something, at the very beginning.

This helps to easily identify queries called from controller vs views.


Deprecate :controller and :action path parameters in routes

Allowing :controller and :action values to be specified via the path in config/routes.rb has been an underlying cause of a number of issues in Rails that have resulted in security releases. In light of this it’s better that controllers and actions are explicitly whitelisted rather than trying to blacklist or sanitize bad values. This change deprecates passing these options in routes.

Deprecate {insert|update|delete}_sql in DatabaseStatements

This change deprecates {insert|update|delete}_sql in ActiveRecord::ConnectionAdapters::DatabaseStatements in favor of {insert|update|delete} public methods. Originally, {insert|update|delete}_sql were protected methods, and were not intended for external use.

Deprecate Module.local_constants

Module.local_constants has now been deprecated. After Ruby 1.9 (and since Rails 5 supports Ruby 2.2+), we can easily get the constants that have been defined locally by Module.constants(false). Hence, Module.local_constants is no more necessary.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so take a look at the changes yourself.

Until next time!