mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
0f6c9bc786
Right now it's already possible to set a digest class manually, but this is not through a publicly supported and approved API. With these configuration options, it is possible to configure a digest class to use for digests inside Rails. The reason for this is that it allows configuring other classes in certain conditions like running in FIPS mode. FIPS disallows MD5 and discourages SHA1. Even though this isn't used in Rails for security related things, using newer hash algorithms means not having to explain it to auditors which always makes life easier. That's not the only reason though. If today Ruby is built and running for example in an Ubuntu 18.04 FIPS approved environment, the default Digest classes break, see https://bugs.ruby-lang.org/issues/13681 as well. By allowing a class to be configured, the following can be used so that things work properly (using the new API proposed here): ``` Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256 ``` This would then use the OpenSSL certified FIPS implementation as well.
310 lines
9.7 KiB
Markdown
310 lines
9.7 KiB
Markdown
* Deprecate `config.active_support.use_sha1_digests`
|
|
|
|
`config.active_support.use_sha1_digests` is deprecated. It is replaced with `config.active_support.hash_digest_class` which allows setting the desired Digest instead. The Rails version defaults have been updated to use this new method as well so the behavior there is unchanged.
|
|
|
|
*Dirkjan Bussink*
|
|
|
|
* Change the default logging level from :debug to :info to avoid inadvertent exposure of personally
|
|
identifiable information (PII) in production environments.
|
|
|
|
*Eric M. Payne*
|
|
|
|
* Automatically generate abstract class when using multiple databases.
|
|
|
|
When generating a scaffold for a multiple database application, Rails will now automatically generate the abstract class for the database when the database argument is passed. This abstract class will include the connection information for the writing configuration and any models generated for that database will automatically inherit from the abstract class.
|
|
|
|
Usage:
|
|
|
|
```bash
|
|
$ bin/rails generate scaffold Pet name:string --database=animals
|
|
```
|
|
|
|
Will create an abstract class for the animals connection.
|
|
|
|
```ruby
|
|
class AnimalsRecord < ApplicationRecord
|
|
self.abstract_class = true
|
|
|
|
connects_to database: { writing: :animals }
|
|
end
|
|
```
|
|
|
|
And generate a `Pet` model that inherits from the new `AnimalsRecord`:
|
|
|
|
```ruby
|
|
class Pet < AnimalsRecord
|
|
end
|
|
```
|
|
|
|
If you already have an abstract class and it follows a different pattern than Rails defaults, you can pass a parent class with the database argument.
|
|
|
|
```bash
|
|
$ bin/rails generate scaffold Pet name:string --database=animals --parent=SecondaryBase
|
|
```
|
|
|
|
This will ensure the model inherits from the `SecondaryBase` parent instead of `AnimalsRecord`
|
|
|
|
```ruby
|
|
class Pet < SecondaryBase
|
|
end
|
|
```
|
|
|
|
*Eileen M. Uchitelle*, *John Crepezzi*
|
|
|
|
|
|
* Accept params from url to prepopulate the Inbound Emails form in Rails conductor.
|
|
|
|
*Chris Oliver*
|
|
|
|
* Create a new rails app using a minimal stack.
|
|
|
|
`rails new cool_app --minimal`
|
|
|
|
All the following are excluded from your minimal stack:
|
|
|
|
- action_cable
|
|
- action_mailbox
|
|
- action_mailer
|
|
- action_text
|
|
- active_job
|
|
- active_storage
|
|
- bootsnap
|
|
- jbuilder
|
|
- spring
|
|
- system_tests
|
|
- turbolinks
|
|
- webpack
|
|
|
|
*Haroon Ahmed*, *DHH*
|
|
|
|
* Add default ENV variable option with BACKTRACE to turn off backtrace cleaning when debugging framework code in the
|
|
generated config/initializers/backtrace_silencers.rb.
|
|
|
|
`BACKTRACE=1 ./bin/rails runner "MyClass.perform"`
|
|
|
|
*DHH*
|
|
|
|
* The autoloading guide for Zeitwerk mode documents how to autoload classes
|
|
during application boot in a safe way.
|
|
|
|
*Haroon Ahmed*, *Xavier Noria*
|
|
|
|
* The `classic` autoloader starts its deprecation cycle.
|
|
|
|
New Rails projects are strongly discouraged from using `classic`, and we recommend that existing projects running on `classic` switch to `zeitwerk` mode when upgrading. Please check the [_Upgrading Ruby on Rails_](https://guides.rubyonrails.org/upgrading_ruby_on_rails.html) guide for tips.
|
|
|
|
*Xavier Noria*
|
|
|
|
* Adds `rails test:all` for running all tests in the test directory.
|
|
|
|
This runs all test files in the test directory, including system tests.
|
|
|
|
*Niklas Häusele*
|
|
|
|
* Add `config.generators.after_generate` for processing to generated files.
|
|
|
|
Register a callback that will get called right after generators has finished.
|
|
|
|
*Yuji Yaginuma*
|
|
|
|
* Make test file patterns configurable via Environment variables
|
|
|
|
This makes test file patterns configurable via two environment variables:
|
|
`DEFAULT_TEST`, to configure files to test, and `DEFAULT_TEST_EXCLUDE`,
|
|
to configure files to exclude from testing.
|
|
|
|
These values were hardcoded before, which made it difficult to add
|
|
new categories of tests that should not be executed by default (e.g:
|
|
smoke tests).
|
|
|
|
*Jorge Manrubia*
|
|
|
|
* No longer include `rake rdoc` task when generating plugins.
|
|
|
|
To generate docs, use the `rdoc lib` command instead.
|
|
|
|
*Jonathan Hefner*
|
|
|
|
* Allow relative paths with trailing slashes to be passed to `rails test`.
|
|
|
|
*Eugene Kenny*
|
|
|
|
* Add `rack-mini-profiler` gem to the default `Gemfile`.
|
|
|
|
`rack-mini-profiler` displays performance information such as SQL time and flame graphs.
|
|
It's enabled by default in development environment, but can be enabled in production as well.
|
|
See the gem [README](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/README.md) for information on how to enable it in production.
|
|
|
|
*Osama Sayegh*
|
|
|
|
* `rails stats` will now count TypeScript files toward JavaScript stats.
|
|
|
|
*Joshua Cody*
|
|
|
|
* Run `git init` when generating plugins.
|
|
|
|
Opt out with `--skip-git`.
|
|
|
|
*OKURA Masafumi*
|
|
|
|
* Add benchmark generator.
|
|
|
|
Introduce benchmark generator to benchmark Rails applications.
|
|
|
|
`rails generate benchmark opt_compare`
|
|
|
|
This creates a benchmark file that uses [`benchmark-ips`](https://github.com/evanphx/benchmark-ips).
|
|
By default, two code blocks can be benchmarked using the `before` and `after` reports.
|
|
|
|
You can run the generated benchmark file using:
|
|
`ruby script/benchmarks/opt_compare.rb`
|
|
|
|
*Kevin Jalbert*, *Gannon McGibbon*
|
|
|
|
* Cache compiled view templates when running tests by default.
|
|
|
|
When generating a new app without `--skip-spring`, caching classes is
|
|
disabled in `environments/test.rb`. This implicitly disables caching
|
|
view templates too. This change will enable view template caching by
|
|
adding this to the generated `environments/test.rb`:
|
|
|
|
```ruby
|
|
config.action_view.cache_template_loading = true
|
|
```
|
|
|
|
*Jorge Manrubia*
|
|
|
|
* Introduce middleware move operations.
|
|
|
|
With this change, you no longer need to delete and reinsert a middleware to
|
|
move it from one place to another in the stack:
|
|
|
|
```ruby
|
|
config.middleware.move_before ActionDispatch::Flash, Magical::Unicorns
|
|
```
|
|
|
|
This will move the `Magical::Unicorns` middleware before
|
|
`ActionDispatch::Flash`. You can also move it after with:
|
|
|
|
```ruby
|
|
config.middleware.move_after ActionDispatch::Flash, Magical::Unicorns
|
|
```
|
|
|
|
*Genadi Samokovarov*
|
|
|
|
* Generators that inherit from NamedBase respect `--force` option.
|
|
|
|
*Josh Brody*
|
|
|
|
* Allow configuration of eager_load behaviour for rake environment:
|
|
|
|
config.rake_eager_load
|
|
|
|
Defaults to `false` as per previous behaviour.
|
|
|
|
*Thierry Joyal*
|
|
|
|
* Ensure Rails migration generator respects system-wide primary key config.
|
|
|
|
When rails is configured to use a specific primary key type:
|
|
|
|
```ruby
|
|
config.generators do |g|
|
|
g.orm :active_record, primary_key_type: :uuid
|
|
end
|
|
```
|
|
|
|
Previously:
|
|
|
|
```bash
|
|
$ bin/rails g migration add_location_to_users location:references
|
|
```
|
|
|
|
The references line in the migration would not have `type: :uuid`.
|
|
This change causes the type to be applied appropriately.
|
|
|
|
*Louis-Michel Couture*, *Dermot Haughey*
|
|
|
|
* Deprecate `Rails::DBConsole#config`.
|
|
|
|
`Rails::DBConsole#config` is deprecated without replacement. Use `Rails::DBConsole.db_config.configuration_hash` instead.
|
|
|
|
*Eileen M. Uchitelle*, *John Crepezzi*
|
|
|
|
* `Rails.application.config_for` merges shared configuration deeply.
|
|
|
|
```yaml
|
|
# config/example.yml
|
|
shared:
|
|
foo:
|
|
bar:
|
|
baz: 1
|
|
development:
|
|
foo:
|
|
bar:
|
|
qux: 2
|
|
```
|
|
|
|
```ruby
|
|
# Previously
|
|
Rails.application.config_for(:example)[:foo][:bar] #=> { qux: 2 }
|
|
|
|
# Now
|
|
Rails.application.config_for(:example)[:foo][:bar] #=> { baz: 1, qux: 2 }
|
|
```
|
|
|
|
*Yuhei Kiriyama*
|
|
|
|
* Remove access to values in nested hashes returned by `Rails.application.config_for` via String keys.
|
|
|
|
```yaml
|
|
# config/example.yml
|
|
development:
|
|
options:
|
|
key: value
|
|
```
|
|
|
|
```ruby
|
|
Rails.application.config_for(:example).options
|
|
```
|
|
|
|
This used to return a Hash on which you could access values with String keys. This was deprecated in 6.0, and now doesn't work anymore.
|
|
|
|
*Étienne Barrié*
|
|
|
|
* Configuration files for environments (`config/environments/*.rb`) are
|
|
now able to modify `autoload_paths`, `autoload_once_paths`, and
|
|
`eager_load_paths`.
|
|
|
|
As a consequence, applications cannot autoload within those files. Before, they technically could, but changes in autoloaded classes or modules had no effect anyway in the configuration because reloading does not reboot.
|
|
|
|
Ways to use application code in these files:
|
|
|
|
* Define early in the boot process a class that is not reloadable, from which the application takes configuration values that get passed to the framework.
|
|
|
|
```ruby
|
|
# In config/application.rb, for example.
|
|
require "#{Rails.root}/lib/my_app/config"
|
|
|
|
# In config/environments/development.rb, for example.
|
|
config.foo = MyApp::Config.foo
|
|
```
|
|
|
|
* If the class has to be reloadable, then wrap the configuration code in a `to_prepare` block:
|
|
|
|
```ruby
|
|
config.to_prepare do
|
|
config.foo = MyModel.foo
|
|
end
|
|
```
|
|
|
|
That assigns the latest `MyModel.foo` to `config.foo` when the application boots, and each time there is a reload. But whether that has an effect or not depends on the configuration point, since it is not uncommon for engines to read the application configuration during initialization and set their own state from them. That process happens only on boot, not on reloads, and if that is how `config.foo` worked, resetting it would have no effect in the state of the engine.
|
|
|
|
*Allen Hsu* & *Xavier Noria*
|
|
|
|
* Support using environment variable to set pidfile.
|
|
|
|
*Ben Thorner*
|
|
|
|
|
|
Please check [6-0-stable](https://github.com/rails/rails/blob/6-0-stable/railties/CHANGELOG.md) for previous changes.
|