Hello, zzak here with the latest changes from the last week to Rails.
This release includes many bug fixes so be sure to upgrade! You can read the full summary of changes here.
Improve security of untyped bound values in MySQL
This solves a potential query manipulation vulnerability with MySQL.
Improve usability of multi-db when config is invalid
A helpful exception is now raised if pool_config is nil when using config.active_record.writing_role(:all).
Enhancements to Active Record Encryption
After introducing encryption into Active Record, a couple new features and a bug fix were followed!
Add support for eager loading Active Storage variants
This PR removes N+1 queries from Active Storage when using with_all_variant_records and with_attached_* scope.
Fix strict loading through associations
Previously there was a bug when using strict_loading where eager loading wouldn’t propagate through associations.
Use the current Rails version inside package.json
Previously when generating a new Rails app, the package.json would hard-code the string “6.0.0” for all npm dependencies. This now uses the Rails version that generated the app.
Add support for Active Storage expiring URLs
This allows expiring URLs for signed blob ids in Active Storage via the “expires_in” parameter or by setting a default with “config.active_storage.urls_expire_in”.
Support default “cache_control” in Active Storage for GCS
This PR adds support for setting the default “cache_control” headers for uploads using Google Cloud Storage service.
Use FFmpeg scene detection for generating video previews
By using the built-in features of FFmpeg, Active Storage now generates much better thumbnails for videos. These parameters were also made configurable in a follow-up PR!
Deprecate “purge” and “purge_later” on Active Storage attachments association model
You should be calling these methods directly on the attachment and not on the association.
Add Model.update! that is similar to Model.update but raises exceptions
You may be familiar with the instance method Model#update!, but now you can do that on the class!
Performance regression in CollectionAssocation#build
This fixes a huge performance bug for inversing associations with a lot of records.
Classic nobu. This patch was later optimized in a follow-up PR.
Don’t attach UJS form submission handlers to Turbo forms
This quality-of-life improvement is for apps migrating from RailsUJS to Turbo with both living inside the codebase to easily distinguish which should handle forms.
28 people contributed to Rails since last time. All the changes can be checked here. Until next week!
This Week in Rails · 30 N Racine #200 · Chicago IL 60607 · USA
Unsubscribe | View in browser