Ruby on Rails?—?June 2024
Ruby on Rails - June 2024 | Sajjad Umar

Ruby on Rails?—?June 2024

The only Ruby on Rails Newsletter you will ever need!

Welcome to the latest edition of the Ruby on Rails Monthly Newsletter! I’m Sajjad Umar , your own Desi Developer , and I’m thrilled to bring you a fresh batch of insights, updates, and community highlights from the world of Rails. Whether you’re a seasoned developer or just starting your journey with Rails, my goal is to keep you informed and inspired with the latest trends, and stories from around the globe. Discover what’s new in the Rails ecosystem, and see how Rails continues to evolve and empower developers to build amazing applications. Let’s jump right in!

The CFP for RubyConf 2024 is?open

We have a few themes that we are looking for this year, but please submit anything that relates to Ruby. It can be a non-technical talk as well. The themes are as follows:

  • Performance and Scale
  • Ruby on the Web
  • Ruby in AI, Data Science, and Machine Learning
  • Weird Ruby
  • Your Great Idea!

CFP closes on 08 Jul 2024, read all about RubyConf 2024 here.

Development of Rails 8.0 starts?now

The development of Rails 8 has officially started.

Here is the relevant commit.

Rails 8 will Target Ruby 3.3+ only for new?apps

Here is the relevant commit.

Added Kamal by default to Rails?8

Rails should have a default answer for deploying applications out of the box to the cloud or bare metal. Kamal is the answer. Rails 8 will configure it automatically as far as it can, but allow an opt-out with --skip-kamal.

Read all the details here.

7.0.8.2 and 7.1.3.3 have been?released

There were some vulnerabilities in the Trix Editor , these updates are to upgrade Trix to fixed versions.

The Trix editor, versions prior to 2.1.1, is vulnerable to arbitrary code execution when copying and pasting content from the web or other documents with markup into the editor. The vulnerability stems from improper sanitization of pasted content, allowing an attacker to embed malicious scripts which are executed within the context of the application.

Vulnerable Versions:

  • 1.x series up to and including 1.3.1
  • 2.x series up to and including 2.1.0

Fixed Versions:

  • v1.3.2
  • v2.1.1

Read all the details here.

Rails Security?Releases

Rails Versions 6.1.7.8, 7.0.8.4, 7.1.3.4, and 7.2.0.beta2 have been released! These are security releases, so please upgrade at your earliest convenience.

Read all the details here .

Quickly Create Customized QR Codes With QR Maker ( Sponsored by me?:D?)

https://www.qrmaker.top


Spoiler Alet?—?this is my app, QRmaker helps you create customized QR codes for FREE https://www.qrmaker.top .

Features:

  • Easily Create QR codes for URL, WIFI or Text
  • Add Your Brand Logo
  • Add Your Brand Color

https://www.qrmaker.top

I just uploaded a new video on my Desi Developer YouTube channel on how I secured public URLs for the QRmaker app. Here is the link to the video if you are interested in watching.?


Added support for?:if_not_exists and?:force options to create_schema

create_schema for PostgreSQL does not support convenient?:force and?:if_not_exists options. While drop_schema supports?:if_exists. This PR adds support for create_schema as well.

Read all the details here.

Fixed ActiveRecord::Relation#touch_all with custom attribute aliased as attribute for?update

If we have something like:

create_table :users do |t|
  t.timestamp :legacy_updated_at
end

class User < ActiveRecord::Base
  alias_attribute :updated_at, :legacy_updated_at
end

User.touch_all(:updated_at)        

then ActiveRecord will not resolve updated_at to its alias correctly and result in a query that updates the same column twice. This PR fixes the issue.

Read all the details here.

ActiveSupport::XmlMini now Supports?duration

This Pull Request adds duration parser and formatter on ActiveSupport::XmlMini, using ActiveSupport::Duration.

Read all the details here.

Supported touch_all in?batches

Previously, ActiveRecord is missing the ability to run touch_all via batches (compared to update_all/delete_all/etc).

Post.in_batches.touch_all        

This PR adds support for touch_all in batches.

Read all the details here.

Rails now raise a descriptive error when a Store column is misconfigured

If a developer has neglected to use a structured column type (hstore or json) or to declare a serializer with ActiveRecord.store :

class User < ActiveRecord::Base
  store_accessor :settings, :notifications
end        

then a ConfigurationError will now be raised with a descriptive error message when the accessor is read or written:

puts user.notifications
  # ActiveRecord::ConfigurationError: the column 'settings' has not
  # been configured as a store.  Please make sure the column is
  # declared serializable via 'ActiveRecord.store' or, if your
  # database supports it, use a structured column type like hstore or
  # json.        

Previously, in this situation, a NoMethodError was raised when the accessor was read or written:

puts user.notifications
# NoMethodError: undefined method `accessor' for an instance of ActiveRecord::Type::Text        

Raising a descriptive exception should help developers understand more quickly what’s wrong and how to fix it.

Read all the details here.

Added rubocop and GitHub Actions to plugin generator

This Pull Request updates the plugin generator to include templates for GitHub Actions and rubocop. It also updated a couple of files to ensure they passed the rubocop linting.

Read all the details here.

automatically_invert_plural_associations is not enabled by default moving?forward

Due to its potential to cause numerous hard-to-detect issues, automatically_invert_plural_associations is turned off by default. However, you can choose to opt in if you wish to give it a try.

Read all the details here.

Made devcontainers opt-in and created a devcontainer command

This Pull Request has been created because Rails 7.2 dev containers will be an opt-in feature. So, new apps will only get a devcontainer if you pass the --devcontainer flag to rails new. Additionally, you will be able to generate a devcontainer for an existing app with bin/rails devcontainer.

Read all the details here.

Added a new public method for schema_cache_ignored_tables?

Previously we only had a method to set the ignored schema cache tables, but there was no way to ask if a table was ignored by the schema cache. Applications may want to implement their own schema cache, or at least run this check. Rather than forcing them to implement an internal method, this adds a way to ask whether a table is ignored by the schema cache code.

Usage:

ActiveRecord.schema_cache_ignored_tables = ["developers"]
ActiveRecord.schema_cache_ignored_tables?("developers")        

Read all the details here.

Don’t configure Kamal storage volume if not?needed

This Pull Request has been created because configuring a Docker persistent storage volume in Kamal seems to be only needed for sqlite or ActiveStorage. If using a different database and the --skip-active-storage option, configuration can be skipped.

Read all the details here.

Fixed issue with IDs reader on preloaded associations for composite primary?keys

When using composite primary keys in a model, the primary_key will be an array. This raises an issue when calling the <association>_ids method on a preloaded association. Internally, Rails uses the pluck method from Enumerable to retrieve the preloaded results. However, the pluck method does not accept an array as its argument. To accommodate that, we need to use the splat operator to split the array into multiple arguments dynamically.

Now calling an example association with composite primary keys user.posts.ids works as expected.

Read all the details here.

Allowed to set strict_loading_mode globally

This Pull Request adds a new class_attribute?:strict_loading_mode, defaulted to?:all. If it's set to?:n_plus_one_only, that mode is used by default when doing strict loading checks.

Read all the details here.

Defered route drawing to the first request, or when url_helpers called

This Pull Request has been created because apps with lots of routes take a long time to boot. A developer could boot an app for reasons that don’t involve routes at all (like running unit tests, migrations, rake tasks, etc.) so I think this should be deferred in dev and test.

This Pull Request changes engine and app route sets to a Rails::Engine::RouteSet, which knows about the current Rails application. The default middleware stack has also changed to include a Rails::Rack::LoadRoutes middleware that loads routes if needed. This PR loads routes under the following circumstances:

In dev/test:

  • The first request via middleware
  • When application or engine url_helpers.some_path is called via method_missing?
  • When application or engine url_helpers.respond_to?(:some_path) is called via respond_to_missing?

In production:

  • In the finisher eagerly, which is the previous behaviour

If, for some reason, a developer wishes to revert to the previous behaviour, they could add an initializer with Rails.application.reload_routes!.

Read all the details here.

Included the current transaction in sql.active_record event?payloads

Use case is to allow tracing database activity including the ability to group queries by transaction, thanks to the recently added ActiveRecord::Transaction#uuid.

Read all the details here.

Re-rolled deprecation of to_time_preserves_timezone

The previous deprecation hadn’t been warning for all users, so proceeding to removal could cause an un-warned change in behaviour.

This Pull Request restores the previous deprecation, then adds an additional once-off warning the first time to_time is called [if the config setting has not already been set].

Read all the details here.

Added an explicit dependency on the logger?gem

Logger is a bundled gem candidate for Ruby 3.5, so it would start to warn without it.

Read all the details here.

Only sanitize content attribute when present in attachments

A recent security update implemented sanitization for the content attribute of ActionText::Attachable::ContentAttachment. As a side effect, this update always sets the attribute, even when it’s missing, which prevents Trix from displaying the image preview. This pull request addresses and resolves that issue.

Read all the details here.

Added an internal route for bin/rails notes

Inspired by the rails/info/routes route a rails/info/notes internal route has been added.

This will be same as doing:

$ bin/rails notes

app/controllers/posts_controller.rb:
  * [ 9] [TODO] Move this logic to a concern
  * [18] [FIXME] Refactor this method
app/models/post.rb:
  * [ 2] [TODO] Refactor this validation        

Added an internal route for the bin/rails notes so we can check the notes on UI.

Read all the details here.

Brought back puma.rb to target of app:update

Rails has improved puma.rb in the past a few times, rails app:update will update the file in the future releases.

Read all the details here.

Defined the new start_transaction.active_record event

With this change, a new start_transaction.active_record event will be emitted whenever a transaction begins. This event complements the existing transaction.active_record event, which is triggered when transactions are completed.

Read all the details here.

ActiveRecord: Added option filter on in_order_of

This Pull Request has been created because currently, in_order_of method always use where clause to filter the results only with the values specified in values. Sometimes, we only want to put some values as priority in the sorting but we want the entire search scope without caring about the rest of the sorting. The propose here is add an option to specify to filter scope by values or not.

This Pull Request changes:

order = [3, 4, 1]

# Without specify option
Post.in_order_of(:id, order).to_sql
# SELECT 
  # "posts".* FROM "posts" 
# WHERE 
  # "posts"."id" IN (3, 4, 1) 
# ORDER BY 
  # CASE WHEN "posts"."id" = 3 THEN 1 WHEN "posts"."id" = 4 THEN 2 WHEN "posts"."id" = 1 THEN 3 END ASC
# With option set to false
Post.in_order_of(:id, order, filter: false).to_sql
# SELECT 
  # "posts".* FROM "posts" 
# ORDER BY 
  # CASE WHEN "posts"."id" = 3 THEN 1 WHEN "posts"."id" = 4 THEN 2 WHEN "posts"."id" = 1 THEN 3 ELSE 4 END ASC        

Read all the details here.

Thank you for joining me in this edition of the Ruby on Rails Monthly Newsletter! I hope you found the insights and updates valuable. Don’t forget to subscribe to stay informed and inspired with the latest in the Rails ecosystem. I’ll be back next month with more exciting news and updates. Happy coding!


要查看或添加评论,请登录

Sajjad Umar的更多文章

  • Ruby on Rails - Nov 2024 (Edition #35)

    Ruby on Rails - Nov 2024 (Edition #35)

    Welcome to the 35th Edition of Ruby on Rails Monthly - Sajjad here with some exciting updates from Ruby on Rails world.…

  • Ruby on Rails - Oct 2024

    Ruby on Rails - Oct 2024

    The only Ruby on Rails newsletter you will ever need! Hey Ruby folks?—?this is a fascinating month for the Ruby on…

    1 条评论
  • Ruby on Rails - September 2024

    Ruby on Rails - September 2024

    Welcome to the September 2024 edition of Ruby on Rails Monthly, this is Sajjad Umar your own Desi Developer. I have a…

    1 条评论
  • Ruby on Rails - Aug 2024

    Ruby on Rails - Aug 2024

    It's the only Ruby on Rails newsletter you will ever need! Rails 7.2 is out! There has been close to 2,500 commits made…

  • Ruby on Rails - July 2024

    Ruby on Rails - July 2024

    The only Ruby on Rails newsletter you will ever need! Welcome to the latest edition of the Ruby on Rails Monthly…

  • Ruby on Rails - May 2024

    Ruby on Rails - May 2024

    Greetings and welcome to the May edition of the "Ruby on Rails Monthly" newsletter! As we kick off another month of…

  • Ruby on Rails - April 2024

    Ruby on Rails - April 2024

    Greetings and welcome to the April edition of the "Ruby on Rails Monthly" newsletter! As we kick off another month…

  • Ruby on Rails - March 2024

    Ruby on Rails - March 2024

    Welcome to the March edition of "Ruby on Rails, Monthly" newsletter for 2024! As we delve into this month's updates…

  • Ruby on Rails - February 2024

    Ruby on Rails - February 2024

    Greetings, As we dive into the February edition of the "Ruby on Rails, Monthly" newsletter for 2024, let's infuse our…

    1 条评论
  • Ruby on Rails - January 2024

    Ruby on Rails - January 2024

    Greetings, Happy New Year! Welcome to the first edition of the "Ruby on Rails, Monthly" newsletter for 2024! I hope…

    2 条评论

社区洞察

其他会员也浏览了