kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/activerecord/CHANGELOG.md
Ulysse Buonomo 546de0f6c6 Avoid eager loading in Relation#pretty_print 
We mimic the behaviour used with `#inspect`, only fetching up to 11
elements if records are not loaded already.

Here's the reproduction:

```
require "activerecord"

ActiveRecord::Base.establish_connection YOUR_DB_URL_THERE

ActiveRecord::Migration.new.tap do |m|
  m.create_table :foos do |t|
    t.text :name
  end
end

class Foo < ActiveRecord::Base
end

100.times { Foo.create(name: "foo#{_1}") }

pp Foo.all # loads the whole table.
```

Signed-off-by: Ulysse Buonomo <buonomo.ulysse@gmail.com>
2022-01-07 17:29:17 +01:00

103 lines
3.2 KiB
Markdown
Raw Blame History

* Avoid loading every records in `ActiveRecord::Relation#pretty_print`
```ruby
# Before
pp Foo.all # Loads the whole table.
# After
pp Foo.all # Shows 10 items and an ellipsis.
```
*Ulysse Buonomo*
* Change `QueryMethods#in_order_of` to drop records not listed in values.
`in_order_of` now filters down to the values provided, to match the behavior of the `Enumerable` version.
*Kevin Newton*
* Allow named expression indexes to be revertible.
Previously, the following code would raise an error in a reversible migration executed while rolling back, due to the index name not being used in the index removal.
```ruby
add_index(:settings, "(data->'property')", using: :gin, name: :index_settings_data_property)
```
Fixes #43331.
*Oliver Günther*
* Fix incorrect argument in PostgreSQL structure dump tasks.
Updating the `--no-comment` argument added in Rails 7 to the correct `--no-comments` argument.
*Alex Dent*
* Fix migration compatibility to create SQLite references/belongs_to column as integer when migration version is 6.0.
Reference/belongs_to in migrations with version 6.0 were creating columns as
bigint instead of integer for the SQLite Adapter.
*Marcelo Lauxen*
* Add a deprecation warning when `prepared_statements` configuration is not
set for the mysql2 adapter.
*Thiago Araujo and Stefanni Brasil*
* Fix `QueryMethods#in_order_of` to handle empty order list.
```ruby
Post.in_order_of(:id, []).to_a
```
Also more explicitly set the column as secondary order, so that any other
value is still ordered.
*Jean Boussier*
* Fix quoting of column aliases generated by calculation methods.
Since the alias is derived from the table name, we can't assume the result
is a valid identifier.
```ruby
class Test < ActiveRecord::Base
self.table_name = '1abc'
end
Test.group(:id).count
# syntax error at or near "1" (ActiveRecord::StatementInvalid)
# LINE 1: SELECT COUNT(*) AS count_all, "1abc"."id" AS 1abc_id FROM "1...
```
*Jean Boussier*
* Add `authenticate_by` when using `has_secure_password`.
`authenticate_by` is intended to replace code like the following, which
returns early when a user with a matching email is not found:
```ruby
User.find_by(email: "...")&.authenticate("...")
```
Such code is vulnerable to timing-based enumeration attacks, wherein an
attacker can determine if a user account with a given email exists. After
confirming that an account exists, the attacker can try passwords associated
with that email address from other leaked databases, in case the user
re-used a password across multiple sites (a common practice). Additionally,
knowing an account email address allows the attacker to attempt a targeted
phishing ("spear phishing") attack.
`authenticate_by` addresses the vulnerability by taking the same amount of
time regardless of whether a user with a matching email is found:
```ruby
User.authenticate_by(email: "...", password: "...")
```
*Jonathan Hefner*
Please check [7-0-stable](https://github.com/rails/rails/blob/7-0-stable/activerecord/CHANGELOG.md) for previous changes.
View git blame Copy permalink