Query command for read-only database queries
Adds rails query — a read-only database query command with structured JSON output.

rails query "Account.where(plan: 'premium').limit(2)"

{
  "columns": ["id", "name", "plan", "created_at"],
  "rows": [
    [1, "Acme", "premium", "2025-01-15T10:30:00Z"],
    [2, "Widgets Co", "premium", "2025-03-22T14:00:00Z"]
  ],
  "meta": {
    "row_count": 2,
    "query_time_ms": 4.2,
    "page": 1,
    "per_page": 100,
    "has_more": false,
    "sql": "SELECT \"accounts\".* FROM \"accounts\" WHERE \"accounts\".\"plan\" = 'premium' LIMIT 2"
  }
}

There are many more possibilities and additional subcommands available, such as query schema, query models, and query explain.

Add charset=utf-8 to Content-Type for static CSS and HTML files
ActionDispatch::FileHandler#try_files now appends ; charset=utf-8 to the Content-Type header for CSS and HTML static files. This is consistent with the rest of the Rails stack, which already assumes UTF-8 in all possible places.

Add offline fallback page to the PWA scaffold
New Rails apps now include an app/views/pwa/offline.html.erb template and a commented get “offline” route, alongside the existing manifest and service worker. The service worker template also includes a commented example for caching and serving the offline page.

Rewrite the Layouts and Rendering guide
New documentation pull request awaiting community review.

Fix IO copy stream writing to Action Controller Live Buffer
In addition to the fix, return the number of bytes written from write method.

Fix reset_counters when using string IDs
The fix brings consistency with other Active Record methods that already accepted string IDs.

Use hash lookup for exact-match regexp filters in ParameterFilter
When ParameterFilter is initialized with anchored regexp filters like /^code$/ or /\Atoken\z/, extract the literal string and store it in a Hash for O(1) lookup instead of iterating all regexps with .any?.

Make the warning about Active Storage redirect and proxy mode stronger
The existing documentation implied that the “hard to guess” URLs Active Storage generates provides some sort of access control. This is not the case. Rather, as they rely on ActiveRecord::SignedId, they’re tamper proof and don’t expose the underlying id. The security risk of using these URLs isn’t that someone will guess them. Rather, it is if the URLs are ever leaked, the files will be exposed.

You can view the whole list of changes here.
We had 12 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

Fix GET+JSON+params in integration tests for API-only apps
params: in integration test helpers was ambiguous for GET requests with as: :json — it wasn’t clear whether params should go in the query string or request body. The original workaround converted GET to POST with X-Http-Method-Override, which broke API-only apps that exclude Rack::MethodOverride. New query: and body: kwargs give explicit control: query: always lands in the URL query string, body: always goes into the encoded request body, and params: keeps its existing behavior unchanged.

get  "/search", query: { q: "rails" }, as: :json
post "/search", query: { page: 1 }, body: { filters: {} }, as: :json

Add request.safe_method? and request.unsafe_method?
Two new predicate methods on ActionDispatch::Request let you ask whether the current HTTP method is safe (GET, HEAD, OPTIONS, TRACE) or unsafe (everything else), per RFC 9110.

Update Action Cable origin check to respect X-Forwarded-Host
The allow_same_origin_as_host check in allow_request_origin? compared the browser’s Origin header against the raw HTTP_HOST, which fails behind a reverse proxy where the internal host differs from the public one. This updates the check to use request.host_with_port and request.ssl? instead, consistent with how the rest of Rails resolves the host.

Rewrite the Layouts and Rendering guide
This pull request is open for review: it rewrites the layouts and rendering guide around how controllers and views work together, and trims or relocates overlap with other guides (partial rendering stays in the Action View Overview; request variants move here from the Action Controller Overview, which gets a short rendering intro that points here). If you use these guides or care how we explain Rails to newcomers, open the PR and share any feedback you have.

You can view the whole list of changes here.
We had 9 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

Remove fast_string_to_time workaround in ActiveModel::Type::Helpers::TimeValue
Ruby 3.2.0 had a bug where Time.new(..., in: "UTC") could return an invalid Time object. With the minimum supported Ruby now at 3.3.1, the runtime probe and workaround are dead code and have been removed.

Add prepend: true option to ActiveSupport::Notifications.subscribe
A new prepend: true option on ActiveSupport::Notifications.subscribe ensures a subscriber runs before all others enabling payload mutation before any downstream handler sees it.

ActiveSupport::Cache add a fast path for string keys
Since most cache keys are already strings, this PR short-circuits the #expanded_key normalization, making every cache operation slightly faster.

Speedup ActiveRecord::LogSubscriber#sql_color
SQL queries can be very long, and unanchored regexps even with linear performance may take longer than Regexp.timeout. This PR fixes this by anchoring the regexp patterns used to determine SQL color in the log subscriber.

Update ActiveRecord::Associations::Preloader::Association.owners_by_key to handle composite keys
owners_by_key was skipping nil key checks for composite keys since they are Arrays. A targeted is_a?(Array) check is added to handle this correctly.

Delay engine route building
Engines calling routes directly were eagerly allocating route objects before lazy loading could kick in. Route blocks are now deferred until after route_set_class is configured, so lazy loading works as intended.

Deprecate schema_order option in PostgreSQL database configurations
schema_order is an old alias for schema_search_path that predates the current naming. Use schema_search_path instead.

Deprecate the strict option in MySQL database configurations
The strict option for MySQL introduced in Rails 4.2 is now deprecated. The same behavior can be achieved directly via variables: { sql_mode: “…” }

Fix titleize to capitalize unicode lowercase letters
Inflector#titleize used [a-z] in its regex, silently skipping Unicode lowercase letters like đ, é, ü, ñ, ć. Replacing it with \p{Lower} fixes capitalization for the full Unicode lowercase category.

Allow skipping individual SET queries in PostgreSQL and MySQL configure_connection
PostgreSQL and MySQL configure_connection now allow individual SET queries to be skipped by setting them to false in database.yml, useful when connecting through a load balancer or proxy that manages session settings itself.

Fix parallel test shutdown hang when workers die during Server#shutdown
Fixed a shutdown hang where wait_for_active_workers would wait forever for workers that had already died unexpectedly. A new reap_dead_workers method is now called inside the loop to detect and clean up any exited workers before waiting on them.

Combine per-validator and top-level :if/:unless/:on in validates
:if, :unless, and :on are now merged into arrays when specified at both the validator and top level, rather than the top-level silently overriding the per-validator option.

validates :title, presence: { if: :local? }, if: :global?
# Now equivalent to:
validates_presence_of :title, if: [:global?, :local?]

Predefine the well-known Postgres type OIDs
Rails previously queried pg_type on every new connection to resolve type OIDs. Since built-in Postgres types have statically allocated OIDs, Rails now ships its own mapping and loads it for free on connect, deferring the query until an unknown type is actually encountered.

Fix inverse_of on composite keys in ActiveRecord::Associations::Association#inversable?
Composite keys were failing the read_attribute and _has_attribute? checks in inversable? because an array was being passed where a string was expected. Each key component is now read one-by-one.

Add AGENTS.md with Rails codebase guide for AI coding agents
A comprehensive AGENTS.md guide has been added to help AI coding agents contribute effectively to the Rails codebase.

You can view the whole list of changes here.
We had 16 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

New Rails releases this week
Rails 7.2.3.1, 8.0.4.1, and 8.1.2.1 shipped as security releases, followed by 8.0.5 and 8.1.3 bugfix releases the next day.

Combine per-validator and top-level :if/:unless/:on in validates
validates now combines top-level and per-validator :if, :unless, and :on options instead of letting the inner options silently win.

validates :title, presence: { if: :local? }, if: :global?
# both conditions are now applied

Fix titleize to capitalize unicode lowercase letters
titleize now capitalizes Unicode lowercase letters as well as ASCII, so titleize("über ñoño") becomes Über Ñoño.

Classify mysql error 1046 (ER_NO_DB_ERROR) as ConnectionFailed
MySQL’s ER_NO_DB_ERROR (No database selected) is now treated as ActiveRecord::ConnectionFailed, so Rails can retry it like other reconnect-related failures.

You can view the whole list of changes here.
We had 18 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

Rails Versions 8.0.5 and 8.1.3 have been released! These are regular bugfix releases.

These also include the changes from yesterday’s security releases, so if you haven’t upgraded yet you’ll get those fixes too.

The Rails 8.1 series will continue receiving bug fixes until October 2026. The 8.0 series will change to only receiving security updates in May next month, so this might be the last bug fix release in that series. See our Maintenance policy for more information.

CHANGES since 8.1.2

To see a summary of changes, please read the release on GitHub:

8.1.3 CHANGELOG To view the changes for each gem, please read the changelogs on GitHub:

• Action Cable CHANGELOG
• Action Mailbox CHANGELOG
• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Action Text CHANGELOG
• Action View CHANGELOG
• Active Job CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Storage CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

CHANGES since 8.0.4

To see a summary of changes, please read the release on GitHub:

8.0.5 CHANGELOG To view the changes for each gem, please read the changelogs on GitHub:

• Action Cable CHANGELOG
• Action Mailbox CHANGELOG
• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Action Text CHANGELOG
• Action View CHANGELOG
• Active Job CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Storage CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-256 hashes.

Here are the checksums for 8.0.5:

37f213ff6a37cf3fadfa1a28c1a9678e2cb73b59bb9ebd0eeeca653cccadcb23  pkg/activesupport-8.0.5.gem
c796813d46dc1373f4c6c0ec91dfc520b53683ea773c3b3f9a12c4b3eb145bc2  pkg/activemodel-8.0.5.gem
89b261b6cd910c9431cf2475f3f6e5e2f5ce589805043a33ef2b004376a129e6  pkg/activerecord-8.0.5.gem
6d0fa9e63df0cf2729b1f54d0988336c149eb2bbc6049f4c2834d7b62f351413  pkg/actionview-8.0.5.gem
c9de868975dd124a0956499140bd5e63c367865deca01292df7c3195c8da4b35  pkg/actionpack-8.0.5.gem
2dabe5c3bfe284aba4687c52b930564335435dde3a60b047821f9d3bd0d2ea10  pkg/activejob-8.0.5.gem
7918fac842cfe985ed21692f3d212c914a0c816e30e6fa68633177bb22f38561  pkg/actionmailer-8.0.5.gem
01a1d1a48b63b1a643fae6b7b4eb2859af55f507b335fca9ab869a5c6742bb8b  pkg/actioncable-8.0.5.gem
25898a3f8f8aced15ea6a8578cb56955acf3a96ad931e000b2e77e9c8db43df3  pkg/activestorage-8.0.5.gem
2651a87c0cc3dd1243a3afe64c052e71138f99006b3a5d3fa519198735500054  pkg/actionmailbox-8.0.5.gem
12f3ce3d6326230728316ba14eeac27b2100d6e7d9bfcb4b01fb27b187a812e1  pkg/actiontext-8.0.5.gem
ad98c6e9a096b7e8cf63c70872b60ec6c1d4152be2a4ffa63483ec02a837a9d5  pkg/railties-8.0.5.gem
4cb40f90948be292fa15cc7cb37757b97266585145c6e76957464b40edfd5be6  pkg/rails-8.0.5.gem

Here are the checksums for 8.1.3:

21a5e0dfbd4c3ddd9e1317ec6a4d782fa226e7867dc70b0743acda81a1dca20e  pkg/activesupport-8.1.3.gem
90c05cbe4cef3649b8f79f13016191ea94c4525ce4a5c0fb7ef909c4b91c8219  pkg/activemodel-8.1.3.gem
8003be7b2466ba0a2a670e603eeb0a61dd66058fccecfc49901e775260ac70ab  pkg/activerecord-8.1.3.gem
1347c88c7f3edb38100c5ce0e9fb5e62d7755f3edc1b61cce2eb0b2c6ea2fd5d  pkg/actionview-8.1.3.gem
af998cae4d47c5d581a2cc363b5c77eb718b7c4b45748d81b1887b25621c29a3  pkg/actionpack-8.1.3.gem
a149b1766aa8204c3c3da7309e4becd40fcd5529c348cffbf6c9b16b565fe8d3  pkg/activejob-8.1.3.gem
831f724891bb70d0aaa4d76581a6321124b6a752cb655c9346aae5479318448d  pkg/actionmailer-8.1.3.gem
e5bc7f75e44e6a22de29c4f43176927c3a9ce4824464b74ed18d8226e75a80f0  pkg/actioncable-8.1.3.gem
0564ce9309143951a67615e1bb4e090ee54b8befed417133cae614479b46384d  pkg/activestorage-8.1.3.gem
df7da474eaa0e70df4ed5a6fef66eb3b3b0f2dbf7f14518deee8d77f1b4aae59  pkg/actionmailbox-8.1.3.gem
d291019c00e1ea9e6463011fa214f6081a56d7b9a1d224e7d3f6384c1dafc7d2  pkg/actiontext-8.1.3.gem
913eb0e0cb520aac687ffd74916bd726d48fa21f47833c6292576ef6a286de22  pkg/railties-8.1.3.gem
6d017ba5348c98fc909753a8169b21d44de14d2a0b92d140d1a966834c3c9cd3  pkg/rails-8.1.3.gem

As always, huge thanks to the many contributors who helped with this release.

Happy upgrading and have a good day!

Rails Versions 7.2.3.1, 8.0.4.1, and 8.1.2.1 have been released!

These are security patches addressing 10 security issues:

• An issue where in development mode, an exception could be printed without escaping. This could affect a developer running a server locally and clicking a malicious URL.
• Multiple potential XSS vulnerabilities in Action Pack, Action View, and Active Support
• Two potential DoS vulnerabilities in Active Storage related to range requests
• Two potential DoS vulnerabilities in Active Support related to number formatting
• A potential path traversal and glob injection vulnerability in Active Storage DiskService
• Insufficient filtering of metadata in Active Storage direct uploads

We strongly recommend upgrading as soon as possible.

Older versions of Rails are unsupported, and users are recommended to upgrade to at least the 7.2 series. See our maintenance policy for details.

Here is a list of security issues that these releases address:

• CVE-2026-33167 Possible XSS vulnerability in Action Pack debug exceptions
• CVE-2026-33168 Possible XSS vulnerability in Action View tag helpers
• CVE-2026-33169 Possible ReDoS vulnerability in number_to_delimited in Active Support
• CVE-2026-33170 Possible XSS vulnerability in SafeBuffer#% in Active Support
• CVE-2026-33173 Insufficient filtering of metadata in Active Storage direct uploads
• CVE-2026-33174 Possible DoS vulnerability in Active Storage proxy mode via Range requests
• CVE-2026-33176 Possible DoS vulnerability in Active Support number helpers
• CVE-2026-33195 Possible path traversal in Active Storage DiskService
• CVE-2026-33202 Possible glob injection in Active Storage DiskService
• CVE-2026-33658 Possible DoS vulnerability in Active Storage proxy mode via multi-range requests

Cheers! We plan to follow up with a bugfix release for the 8.0 and 8.1 series soon!

SHA-256

If you’d like to verify that your gems are the same as the ones we’ve uploaded, please use these SHA-256 hashes.

11ebed516a43a0bb47346227a35ebae4d9427465a7c9eb197a03d5c8d283cb34  pkg/activesupport-7.2.3.1.gem
39e1869b85e7a0b64a8ccddf19f3fb0c44261b329785384bb88f878eab51c0d0  pkg/activemodel-7.2.3.1.gem
b89513e275da5b34183c5f2a497c154b02dcc7c811d399ab557e67e36170a05d  pkg/activerecord-7.2.3.1.gem
de19b86843391762ac24a6287c30fbba11cd475fa4d4b664924d5fb7a2f1ff7c  pkg/actionview-7.2.3.1.gem
b66afe7f937273270cb63f03bde7af7ba850017867766e8848d06d3e12e1e4ca  pkg/actionpack-7.2.3.1.gem
0bc4227ce371b82da119cd27ed91e0deb9b744bbfa266b86e4bd8d1e2a8f6ed8  pkg/activejob-7.2.3.1.gem
f578b6d5c5f81a20b6f6a796187698890c8348c041daa5e2e7cf7814ac520467  pkg/actionmailer-7.2.3.1.gem
d3bf40a3f4fc79a09709878f0e5c43a5e2d8e6607089f6b38f9472b8715eb33c  pkg/actioncable-7.2.3.1.gem
0b224ea42e6256d3e33768bdccad8e3c9110a5140fc9faf98bde8873dd5dffab  pkg/activestorage-7.2.3.1.gem
a4e73480c97ab2fff5a416f92c54b065b1a6564ea4a807d42e0b83a94d4ec541  pkg/actionmailbox-7.2.3.1.gem
5b1418f407ea347b98084a62b9b6caa1d3b1eb482d18dbbb69fad43f242843e3  pkg/actiontext-7.2.3.1.gem
aea3393ee10243ceedcbeccb45458a0d58b524b6d21bf32eff8b93853baae15a  pkg/railties-7.2.3.1.gem
96c0a0160081ef3f1e407438880f6194c6ec94cdf40c8f83fc7bb22c279eba94  pkg/rails-7.2.3.1.gem

822187e99ebca3e90bf03e6ccef5b57447592657f6b1676ccaaa25794ebfc7e6  pkg/activesupport-8.0.4.1.gem
1ee25e1241bfd48b2682fa14aadb399065dc4f045dc234422344c408b3394af5  pkg/activemodel-8.0.4.1.gem
182582af961c3877017477d1ff14bba7fabc634ba4e3f257da4d8aab963ae7bd  pkg/activerecord-8.0.4.1.gem
bdd726498c12174c4ba8fb489c630ea9bf2f4db1f09d59ec227f318d1ec78d80  pkg/actionview-8.0.4.1.gem
f1c8b3673340f8f478a083ae55c58ad6989455d7daad554ff64d70af36302c7d  pkg/actionpack-8.0.4.1.gem
1980d6241c9aeae112943de960bc8c41cf1c3741408c60709caed7a795976fb9  pkg/activejob-8.0.4.1.gem
90db7874504c7679dffeaa3ba0e8e824d0327898b59acbce221c735ea85e7d8f  pkg/actionmailer-8.0.4.1.gem
426f0cfa0e725cef4f6518ab24f7dd0290dded630fc39615f364fba9846f6c53  pkg/actioncable-8.0.4.1.gem
f2dcbe57643957922c9cbe676baef673a14003fcefd22174661599e74f20731e  pkg/activestorage-8.0.4.1.gem
604ec3836b79a383312cec2ca8d678695149b7d7de4c375d76b4535c034695c8  pkg/actionmailbox-8.0.4.1.gem
6abf7368f4dfe82290cfb9f18982174fb5632d9a5ebf5f2791332fbd4e4c250d  pkg/actiontext-8.0.4.1.gem
bdc4034d63f04f2bad26fbf9faa924701dba04f71fcdd746884ff0871a63818c  pkg/railties-8.0.4.1.gem
1de7e890f93925cabacb9be3a061a01bc86d686429152ccf7835206ab91b1795  pkg/rails-8.0.4.1.gem

beec20ced12ad569194554399449a6372fdab03061b8f48a9ed6ef9b7dc251b2  pkg/activesupport-8.1.2.1.gem
8f31a6f9c12fecb8e5a0fce8a8950cfd94f0d75829322935f99e8217a3e5f3c6  pkg/activemodel-8.1.2.1.gem
3f79140318ff6d23376f5d9b1b5b5e2c7d3cc8979dd71367e9a8394378ca630a  pkg/activerecord-8.1.2.1.gem
38daa7b87bca427e2967f139e5b7f0d1081271bdafd0e015d8ef97a006f570a6  pkg/actionview-8.1.2.1.gem
a6b69cd10ec4c8d978c8eee51206e34152b1c1be017e534236dbc89a3d00ffb8  pkg/actionpack-8.1.2.1.gem
c89c311d07fd358b76c581ed8fee87c5b4351fb44994f3389385c014d22182fe  pkg/activejob-8.1.2.1.gem
d7d62fbc2197f1a7006bb5af4c665edf999adf79ab6c10337c088d27e6622071  pkg/actionmailer-8.1.2.1.gem
a2f88cecce148b3fcb63d2e517d7694e119830a85baa7d6cf59e5453dcf32e8d  pkg/actioncable-8.1.2.1.gem
36794c9b8853ac9276b0386cb1f8973374d8e71e8a9666bb02e70f5b7c9c5391  pkg/activestorage-8.1.2.1.gem
c2e45c0c1e5687e35e050838c94a8aed0d954c56a32ea411d54cd848c338c54e  pkg/actionmailbox-8.1.2.1.gem
1e503ce600a6ab2e12a46f999959a7d8e2fdaff910ca01dcf3b968934b55d957  pkg/actiontext-8.1.2.1.gem
f4d902869541af4e5b5552d726062fa59ec0fd9078f7ab87720dbd93f22c43ee  pkg/railties-8.1.2.1.gem
93ebf1efc792c9bc47e9795259c920312d3920008dad3ae634b7a0457ffe0af8  pkg/rails-8.1.2.1.gem

Batch SQL statements when creating tables
This change batches the SQL statements during loading a database schema to improve the performance of the process.

Deprecate require_dependency
require_dependency is deprecated without replacement and will be removed in Rails 9.

Add MySQL lock option and extend algorithm to column Data Definition Language (DDL) operations
This pull request adds:

• lock: option for MySQL add_index, remove_index, and ALTER TABLE column operations (add_column, remove_column, change_column, rename_column)
• algorithm: option support extended to ALTER TABLE column operations on MySQL
• CommandRecorder#invert_rename_column now preserves algorithm: and lock: options on rollback

MySQL supports ALGORITHM = {DEFAULT|COPY|INPLACE|INSTANT} and LOCK = {DEFAULT|NONE|SHARED|EXCLUSIVE} to control how DDL operations are performed, enabling online schema changes without blocking reads or writes.

add_index    :users, :email, algorithm: :inplace, lock: :none
remove_index :users, :email, algorithm: :inplace, lock: :none
add_column    :users, :name, :string, algorithm: :instant, lock: :none
change_column :users, :name, :string, null: false, algorithm: :inplace, lock: :none
remove_column :users, :name, algorithm: :inplace, lock: :none
rename_column :users, :name, :full_name, algorithm: :inplace, lock: :none

Optimize generated Dockerfile build performance
The Dockerfile generated for new Rails applications received two performance optimizations. You can look at the diff and copy over the changes to your Dockerfile to have a faster Docker build.

Active Record: Support Postgres RESET on readonly queries
This Pull Request has been created because the PostgreSQL adapter currently raises an ActiveRecord::ReadOnlyError when attempting to execute a RESET command within a read-only context (e.g., prevent_writes: true).

RESET acts as a syntactic shortcut for SET configuration_parameter TO DEFAULT.

Action Text: support block children in editor elements alongside value
Blocks were introduced to Action Text earlier, but only as an alternative to the value argument: the block was captured and used as the initial editor content, making it either value OR block — not both.
This pull request changes the block semantics so that blocks render as DOM children of the editor element instead. Value and block are now independent: value flows into the editor’s content binding, while the block renders as inner DOM children — useful for embedding custom elements such as prompt menus or toolbar extensions. This enables other editors like Lexxy to use the block form for configuration — injecting child elements into the editor tag — while the rich text value is preserved separately and passed via standard value attribute.
Trix preserves the original block-as-initial-value contract by capturing the block in TrixEditor::Tag#render_in when no value is present, keeping its hidden input populated as before.

You can view the whole list of changes here.
We had 15 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

Validate URI scheme in Action Text markdown link conversion
Add a Rails::HTML::Sanitizer.allowed_uri? check to markdown_link. When the URI scheme is disallowed, return the escaped title wrapped in escaped brackets (\[title\]) instead of emitting a link.

Example: <action-text-attachment url="data:text/html,PAYLOAD"> previously produced ![Image](data:text/html,PAYLOAD) in markdown output. Now it produces \[Image\].

Restore previous instrumenter after execute_or_skip
Fix by saving and restoring the previous instrumenter value around the EventBuffer’s lifetime. On background threads, this is a no-op (saves nil, restores nil). On the caller thread via caller_runs, it restores the real instrumenter and prevents contamination.

Optimize generated Dockerfile build performance
Reduces number of docker build layers.

Fix parsing SQLite virtual tables without parenthesis
Previously running bin/rails db:migrate with virtual tables crashed the schema dumper, which produced a broken db/schema.rb file.

You can view the whole list of changes here.
We had 14 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

Set read-only permissions for GitHub Actions workflow generated by rails new
The workflow will run with the minimum required permissions, regardless of the GitHub Organization settings.

Don’t guard action_dispatch_request and action_cable load hooks
Removes the load hooks guard for action_dispatch_request in Action Pack and action_cable in Action Cable.

Improve Trix support for Action Text markdown
Adds <del> as a strikethrough alias (Trix emits <del>, not <s>). Also, add a visit_div handler so Trix-style <div> blocks pass through their children’s content, letting <br> tags handle paragraph spacing naturally.

Specify PostgreSQL 9.5 or higher is required
Rails includes array_position which is not available on previous versions.

Fix Encoding::CompatibilityError with non-ASCII strict locals defaults
Fixes an error raised by a template loaded via File.binread using strict locals with non-ASCII default values (e.g. <%# locals: (label: "café") -%>).

Fix IsolatedExecutionState.share_with call
When isolation_level = :fiber, it’s wrong to pass the original thread to share_with.

Fix collection caching to preserve store default expires_in
This change ensures that expires_in is only included in the arguments to write_multi when it is present in the collection cache options.

You can view the whole list of changes here.
We had 12 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.

Founded in 2005 and headquartered in Carlsbad, CA (with a fully remote team), Planning Center builds church management software used by more than 90,000 churches around the world. Their platform helps churches organize the practical details of ministry - service planning, volunteer scheduling, donations, event registrations, check-ins, small groups, and more.

On Rails since day one

If it runs at Planning Center, it runs on Rails, and has for nearly two decades. That includes:

• Customer-facing web applications used daily by tens of thousands of churches
• API backends for their mobile apps and public developer API
• Church Center, their congregation-facing web experience
• Internal tools, account management, and billing systems

The platform consists of multiple Rails applications, where each core product (Services, People, Groups, Giving, Registrations, Calendar, Check-Ins, Publishing, and more) runs as its own Rails app. In a world of majestic monoliths and sprawling microservices, Planning Center took another path: macroservices. (Internally, they call it the “Stonehenge architecture.” Nobody quite remembers why it was made that way, but it works, and people keep coming back to see it.)

Bootstrapped and profitable since day one, Planning Center has now grown to a team of 225 people, more than 100 of whom are engineers. The company has no outside investors, no debt, and no plans to sell. In fact, they recently committed to transitioning to a non-profit structure, reinforcing their long-term commitment to serving churches rather than building equity.

Joining the Rails Foundation

Founder Jeff Berg has long been a member of the community, and was even in attendance at the first RailsConf back in 2006.

Rails is not just our framework, it’s the foundation our entire company grew up on. Every product, every API, every line of code that serves all churches runs on Rails. Joining the Rails Foundation felt less like a strategic decision and more like finally showing up to the family reunion.

Jeff Berg CEO, CTO, & Founder, Planning Center

Planning Center’s history of building, scaling, and sustaining a profitable, independent company on Rails is yet another testament to what the framework makes possible. We’re excited to have them on board, and we appreciate their support of our shared mission.

Welcome to the Foundation, Planning Center!

Planning Center joins Core members Cookpad, Doximity, Fleetio, GitHub, Intercom, Judge.me, Procore, Shopify, 1Password and 37signals, and Contributing members AppSignal, Cedarcode, Chime, Clio, Fullscript, Gusto, Higher Pixels, makandra, Planet Argon, Renuo, Saeloun, SerpApi, and TableCheck.

Learn more about the Rails Foundation and its mission here. If your company would like to join the list, please reach out to foundation@rubyonrails.org.