Good news everyone! Rails version 3.0.14 has been released. This release of Rails contains two important security fixes: CVE-2012-2694 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails...
Apologies to those of you still using feed readers, but unfortunately we’ve got to change our feed URL. I’ve known for a while that the feed has been broken, but...
Good news everyone! Rails version 3.2.5 has been released. This version of Rails is a less broken version of 3.2.4! What happened with 3.2.4? A regression was reported in the...
Good news everyone! Rails version 3.2.4 has been released. This release of Rails contains two important security fixes: CVE-2012-2660 Ruby on Rails Active Record Unsafe Query Generation Risk CVE-2012-2661 Ruby...
Good news everyone! Rails version 3.1.5 has been released. This release of Rails contains two important security fixes: CVE-2012-2660 Ruby on Rails Active Record Unsafe Query Generation Risk CVE-2012-2661 Ruby...
Good news everyone! Rails version 3.0.13 has been released. This release of Rails contains two important security fixes: CVE-2012-2660 Ruby on Rails Active Record Unsafe Query Generation Risk CVE-2012-2661 Ruby...
Rails 3.2.3 has been released!!!. IMPORTANT This release changes the default value of config.active_record.whitelist_attributes to true. This change only affects newly generated applications so it should not cause any backwards...
Rails 3.2.3.rc2 has been released. IMPORTANT Rails 3.2.3 introduced a new option that allows you to control the behavior of remote forms when it comes to authenticity_token generation. If you...
Rails 3.2.3.rc1 has been released. IMPORTANT This release changes the default value of config.active_record.whitelist_attributes to true. This change only affects newly generated applications so it should not cause any backwards...
We’re exploring a new way to deal with mass-assignment protection in Rails. Or actually, it’s not really a new way, it’s more of an extraction of established practice with some...