diff options
Diffstat (limited to 'guides')
| -rw-r--r-- | guides/source/3_0_release_notes.md | 2 | ||||
| -rw-r--r-- | guides/source/4_2_release_notes.md | 98 | ||||
| -rw-r--r-- | guides/source/action_controller_overview.md | 6 | ||||
| -rw-r--r-- | guides/source/active_job_basics.md | 88 | ||||
| -rw-r--r-- | guides/source/active_record_querying.md | 6 | ||||
| -rw-r--r-- | guides/source/active_support_core_extensions.md | 4 | ||||
| -rw-r--r-- | guides/source/asset_pipeline.md | 8 | ||||
| -rw-r--r-- | guides/source/command_line.md | 2 | ||||
| -rw-r--r-- | guides/source/configuring.md | 31 | ||||
| -rw-r--r-- | guides/source/contributing_to_ruby_on_rails.md | 17 | ||||
| -rw-r--r-- | guides/source/debugging_rails_applications.md | 2 | ||||
| -rw-r--r-- | guides/source/i18n.md | 16 | ||||
| -rw-r--r-- | guides/source/maintenance_policy.md | 9 | ||||
| -rw-r--r-- | guides/source/routing.md | 2 | ||||
| -rw-r--r-- | guides/source/upgrading_ruby_on_rails.md | 96 |
15 files changed, 291 insertions, 96 deletions
diff --git a/guides/source/3_0_release_notes.md b/guides/source/3_0_release_notes.md index 8122d6c235..46be2613ab 100644 --- a/guides/source/3_0_release_notes.md +++ b/guides/source/3_0_release_notes.md @@ -545,7 +545,7 @@ These are the main changes in Active Support: * `String#to_time` and `String#to_datetime` handle fractional seconds. * Added support to new callbacks for around filter object that respond to `:before` and `:after` used in before and after callbacks. * The `ActiveSupport::OrderedHash#to_a` method returns an ordered set of arrays. Matches Ruby 1.9's `Hash#to_a`. -* `MissingSourceFile` exists as a constant but it is now just equals to `LoadError`. +* `MissingSourceFile` exists as a constant but it is now just equal to `LoadError`. * Added `Class#class_attribute`, to be able to declare a class-level attribute whose value is inheritable and overwritable by subclasses. * Finally removed `DeprecatedCallbacks` in `ActiveRecord::Associations`. * `Object#metaclass` is now `Kernel#singleton_class` to match Ruby. diff --git a/guides/source/4_2_release_notes.md b/guides/source/4_2_release_notes.md index ae8ef34cdd..2b8a6eb622 100644 --- a/guides/source/4_2_release_notes.md +++ b/guides/source/4_2_release_notes.md @@ -25,9 +25,8 @@ If you're upgrading an existing application, it's a great idea to have good test coverage before going in. You should also first upgrade to Rails 4.1 in case you haven't and make sure your application still runs as expected before attempting to upgrade to Rails 4.2. A list of things to watch out for when upgrading is -available in the -[Upgrading Ruby on Rails](upgrading_ruby_on_rails.html#upgrading-from-rails-4-1-to-rails-4-2) -guide. +available in the guide: [Upgrading Ruby on +Rails](upgrading_ruby_on_rails.html#upgrading-from-rails-4-1-to-rails-4-2) Major Features @@ -36,9 +35,12 @@ Major Features ### Active Job, Action Mailer #deliver_later Active Job is a new framework in Rails 4.2. It is an adapter layer on top of -queuing systems like [Resque](https://github.com/resque/resque), [Delayed Job](https://github.com/collectiveidea/delayed_job), [Sidekiq](https://github.com/mperham/sidekiq), and more. You can write your -jobs with the Active Job API, and it'll run on all these queues with no changes -(it comes pre-configured with an inline runner). +queuing systems like [Resque](https://github.com/resque/resque), [Delayed +Job](https://github.com/collectiveidea/delayed_job), +[Sidekiq](https://github.com/mperham/sidekiq), and more. + +You can write your jobs with the Active Job API, and it'll run on all these +queues with no changes (it comes pre-configured with an inline runner). Building on top of Active Job, Action Mailer now comes with a `#deliver_later` method, which adds your email to be sent as a job to a queue, so it doesn't @@ -52,11 +54,45 @@ deserialize it at run time. ### Adequate Record -Rails 4.2 comes with a performance improvement feature called Adequate Record -for Active Record. A lot of common queries are now up to twice as fast in Rails -4.2! +Adequate Record is a set of refactorings that make Active Record `find` and +`find_by` methods and some association queries upto 2x faster. + +It works by caching SQL query patterns while executing the Active Record calls. +The cache helps skip parts of the computation involved in the transformation of +the calls into SQL queries. More details in [Aaron Patterson's +post](http://tenderlovemaking.com/2014/02/19/adequaterecord-pro-like-activerecord.html). + +Nothing special has to be done to activate this feature. Most `find` and +`find_by` calls and association queries will use it automatically. Examples: + +```ruby +Post.find 1 # caches query pattern +Post.find 2 # uses the cached pattern + +Post.find_by_title 'first post' # caches query pattern +Post.find_by_title 'second post' # uses the cached pattern + +post.comments # caches query pattern +post.comments(true) # uses cached pattern +``` + +The caching is not used in the following scenarios: + +- The model has a default scope +- The model uses single table inheritence to inherit from another model +- `find` with a list of ids. eg: + + ```ruby + Post.find(1,2,3) + OR + Post.find [1,2] + ``` -TODO: add some technical details +- `find_by` with sql fragments: + + ```ruby + Post.find_by "published_at < ?", 2.weeks.ago + ``` ### Web Console @@ -113,6 +149,13 @@ individual components for new deprecations in this release. The following changes may require immediate action upon upgrade. +### `render` with a String argument + +Previously, calling `render "foo/bar"` in a controller action is equivalent to +`render file: "foo/bar"`. In Rails 4.2, this has been changed to mean `render template: "foo/bar"` +instead. If you need to render a file, please change your code to use the +explicit form (`render file: "foo/bar"`) instead. + ### `respond_with` / class-level `respond_to` `respond_with` and the corresponding class-level `respond_to` have been moved to @@ -148,6 +191,21 @@ class UsersController < ApplicationController end ``` +### Default host for `rails server` + +Due to a [change in Rack](https://github.com/rack/rack/commit/28b014484a8ac0bbb388e7eaeeef159598ec64fc), +`rails server` now listens on `localhost` instead of `0.0.0.0` by default. This +should have minimal impact on the standard development workflow as both http://127.0.0.1:3000 +and http://localhost:3000 would continue to work as before on your own machine. + +However, with this change you would no longer be able to access the Rails server +from a different machine (e.g. your development environment is in a virtual +machine and you would like to access it from the host machine), you would need +to start the server with `rails server -b 0.0.0.0` to restore the old behavior. + +If you do this, be sure to configure your firewall properly such that only +trusted machines on your network can access your development server. + ### Production logging The default log level in the `production` environment is now `:debug`. This @@ -167,7 +225,8 @@ config.log_level = :info ### HTML Sanitizer The HTML sanitizer has been replaced with a new, more robust, implementation -built upon Loofah and Nokogiri. The new sanitizer is (TODO: betterer). +built upon Loofah and Nokogiri. The new sanitizer is more secure and its +sanitization is more powerful and flexible. With a new sanitization algorithm, the sanitized output will change for certain pathological inputs. @@ -292,7 +351,7 @@ Please refer to the [Changelog][railties] for detailed changes. namespace: my_app_development # config/production.rb - MyApp::Application.configure do + Rails.application.configure do config.middleware.use ExceptionNotifier, config_for(:exception_notification) end ``` @@ -447,6 +506,10 @@ Please refer to the [Changelog][action-view] for detailed changes. ### Notable changes +* `render "foo/bar"` now expands to `render template: "foo/bar"` instead of + `render file: "foo/bar"`. + ([Pull Request](https://github.com/rails/rails/pull/16888)) + * Introduced a `#{partial_name}_iteration` special local variable for use with partials that are rendered with a collection. It provides access to the current state of the iteration via the `#index`, `#size`, `#first?` and @@ -645,7 +708,7 @@ Please refer to the [Changelog][active-model] for detailed changes. (Pull Request [1](https://github.com/rails/rails/pull/14861), [2](https://github.com/rails/rails/pull/16180)) -* `has_secure_password` no longer disallow blank passwords (i.e. passwords +* `has_secure_password` no longer disallows blank passwords (i.e. passwords that contains only spaces) by default. ([Pull Request](https://github.com/rails/rails/pull/16412)) @@ -687,13 +750,14 @@ Please refer to the [Changelog][active-support] for detailed changes. ### Notable changes +* Introduced new configuration option `active_support.test_order` for + specifying the order test cases are executed. This option currently defaults + to `:sorted` but will be changed to `:random` in Rails 5.0. + ([Commit](TODO: fill me in)) + * The `travel_to` test helper now truncates the `usec` component to 0. ([Commit](https://github.com/rails/rails/commit/9f6e82ee4783e491c20f5244a613fdeb4024beb5)) -* `ActiveSupport::TestCase` now randomizes the order that test cases are ran - by default. - ([Commit](https://github.com/rails/rails/commit/6ffb29d24e05abbd9ffe3ea974140d6c70221807)) - * Introduced `Object#itself` as an identity function. (Commit [1](https://github.com/rails/rails/commit/702ad710b57bef45b081ebf42e6fa70820fdd810), [2](https://github.com/rails/rails/commit/64d91122222c11ad3918cc8e2e3ebc4b0a03448a)) diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md index 4c04a06dbb..ca1e79d3ce 100644 --- a/guides/source/action_controller_overview.md +++ b/guides/source/action_controller_overview.md @@ -1183,9 +1183,9 @@ First define your app own routes to display the errors page. * `config/routes.rb` ```ruby - get '/404', to: 'errors#not_found' - get '/422', to: 'errors#unprocessable_entity' - get '/500', to: 'errors#server_error' + match '/404', via: :all, to: 'errors#not_found' + match '/422', via: :all, to: 'errors#unprocessable_entity' + match '/500', via: :all, to: 'errors#server_error' ``` Create the controller and views. diff --git a/guides/source/active_job_basics.md b/guides/source/active_job_basics.md index 2c6e79a5b0..9c34418fab 100644 --- a/guides/source/active_job_basics.md +++ b/guides/source/active_job_basics.md @@ -78,15 +78,15 @@ end Enqueue a job like so: ```ruby -MyJob.enqueue record # Enqueue a job to be performed as soon the queueing system is free. +MyJob.perform_later record # Enqueue a job to be performed as soon the queueing system is free. ``` ```ruby -MyJob.enqueue_at Date.tomorrow.noon, record # Enqueue a job to be performed tomorrow at noon. +MyJob.set(wait_until: Date.tomorrow.noon).perform_later(record) # Enqueue a job to be performed tomorrow at noon. ``` ```ruby -MyJob.enqueue_in 1.week, record # Enqueue a job to be performed 1 week from now. +MyJob.set(wait: 1.week).perform_later(record) # Enqueue a job to be performed 1 week from now. ``` That's it! @@ -99,46 +99,18 @@ If no adapter is set, the job is immediately executed. ### Backends -Active Job has adapters for the following queueing backends: - -* [Backburner](https://github.com/nesquena/backburner) -* [Delayed Job](https://github.com/collectiveidea/delayed_job) -* [Qu](https://github.com/bkeepers/qu) -* [Que](https://github.com/chanks/que) -* [QueueClassic 2.x](https://github.com/ryandotsmith/queue_classic/tree/v2.2.3) -* [Resque 1.x](https://github.com/resque/resque/tree/1-x-stable) -* [Sidekiq](https://github.com/mperham/sidekiq) -* [Sneakers](https://github.com/jondot/sneakers) -* [Sucker Punch](https://github.com/brandonhilkert/sucker_punch) - -#### Backends Features - -| | Async | Queues | Delayed | Priorities | Timeout | Retries | -|-----------------------|-------|--------|-----------|------------|---------|---------| -| **Backburner** | Yes | Yes | Yes | Yes | Job | Global | -| **Delayed Job** | Yes | Yes | Yes | Job | Global | Global | -| **Que** | Yes | Yes | Yes | Job | No | Job | -| **Queue Classic** | Yes | Yes | No* | No | No | No | -| **Resque** | Yes | Yes | Yes (Gem) | Queue | Global | Yes | -| **Sidekiq** | Yes | Yes | Yes | Queue | No | Job | -| **Sneakers** | Yes | Yes | No | Queue | Queue | No | -| **Sucker Punch** | Yes | Yes | No | No | No | No | -| **Active Job Inline** | No | Yes | N/A | N/A | N/A | N/A | -| **Active Job** | Yes | Yes | Yes | No | No | No | - -NOTE: -* Queue Classic does not support Job scheduling. However you can implement this -yourself or you can use the queue_classic-later gem. See the documentation for -ActiveJob::QueueAdapters::QueueClassicAdapter. - -### Change Backends - -You can easily change your adapter: +Active Job has built-in adapters for multiple queueing backends (Sidekiq, +Resque, Delayed Job and others). To get an up-to-date list of the adapters +see the API Documentation for [ActiveJob::QueueAdapters](http://api.rubyonrails.org/classes/ActiveJob/QueueAdapters.html). + +### Changing the Backend + +You can easily change your queueing backend: ```ruby # be sure to have the adapter gem in your Gemfile and follow the adapter specific # installation and deployment instructions -YourApp::Application.config.active_job.queue_adapter = :sidekiq +Rails.application.config.active_job.queue_adapter = :sidekiq ``` @@ -155,7 +127,7 @@ class GuestsCleanupJob < ActiveJob::Base end ``` -Also you can prefix the queue name for all your jobs using +You can prefix the queue name for all your jobs using `config.active_job.queue_name_prefix` in `application.rb`: ```ruby @@ -172,10 +144,42 @@ class GuestsCleanupJob < ActiveJob::Base #.... end -# Now your job will run on queue production_low_priority on your production -# environment and on beta_low_priority on your beta environment +# Now your job will run on queue production_low_priority on your +# production environment and on beta_low_priority on your beta +# environment +``` + +If you want more control on what queue a job will be run you can pass a :queue +option to #set: + +```ruby +MyJob.set(queue: :another_queue).perform_later(record) +``` + +To control the queue from the job level you can pass a block to queue_as. The +block will be executed in the job context (so you can access self.arguments) +and you must return the queue name: + +```ruby +class ProcessVideoJob < ActiveJob::Base + queue_as do + video = self.arguments.first + if video.owner.premium? + :premium_videojobs + else + :videojobs + end + end + + def perform(video) + # do process video + end +end + +ProcessVideoJob.perform_later(Video.last) ``` + NOTE: Make sure your queueing backend "listens" on your queue name. For some backends you need to specify the queues to listen to. diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index cb243c95f5..e1a465c64f 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -340,16 +340,14 @@ The `find_in_batches` method is similar to `find_each`, since both retrieve batc ```ruby # Give add_invoices an array of 1000 invoices at a time -Invoice.find_in_batches(include: :invoice_lines) do |invoices| +Invoice.find_in_batches do |invoices| export.add_invoices(invoices) end ``` -NOTE: The `:include` option allows you to name associations that should be loaded alongside with the models. - ##### Options for `find_in_batches` -The `find_in_batches` method accepts the same `:batch_size` and `:start` options as `find_each`, as well as most of the options allowed by the regular `find` method, except for `:order` and `:limit`, which are reserved for internal use by `find_in_batches`. +The `find_in_batches` method accepts the same `:batch_size` and `:start` options as `find_each`. Conditions ---------- diff --git a/guides/source/active_support_core_extensions.md b/guides/source/active_support_core_extensions.md index 965de0c761..de42f13145 100644 --- a/guides/source/active_support_core_extensions.md +++ b/guides/source/active_support_core_extensions.md @@ -162,7 +162,7 @@ Active Support provides `duplicable?` to programmatically query an object about false.duplicable? # => false ``` -By definition all objects are `duplicable?` except `nil`, `false`, `true`, symbols, numbers, class, and module objects. +By definition all objects are `duplicable?` except `nil`, `false`, `true`, symbols, numbers, class, module, and method objects. WARNING: Any class can disallow duplication by removing `dup` and `clone` or raising exceptions from them. Thus only `rescue` can tell whether a given arbitrary object is duplicable. `duplicable?` depends on the hard-coded list above, but it is much faster than `rescue`. Use it only if you know the hard-coded list is enough in your use case. @@ -1268,7 +1268,7 @@ The method `squish` strips leading and trailing whitespace, and substitutes runs There's also the destructive version `String#squish!`. -Note that it handles both ASCII and Unicode whitespace like mongolian vowel separator (U+180E). +Note that it handles both ASCII and Unicode whitespace. NOTE: Defined in `active_support/core_ext/string/filters.rb`. diff --git a/guides/source/asset_pipeline.md b/guides/source/asset_pipeline.md index 15d743fb33..c19c8e0bec 100644 --- a/guides/source/asset_pipeline.md +++ b/guides/source/asset_pipeline.md @@ -208,9 +208,7 @@ precompiling works. NOTE: You must have an ExecJS supported runtime in order to use CoffeeScript. If you are using Mac OS X or Windows, you have a JavaScript runtime installed in -your operating system. Check -[ExecJS](https://github.com/sstephenson/execjs#readme) documentation to know all -supported JavaScript runtimes. +your operating system. Check [ExecJS](https://github.com/sstephenson/execjs#readme) documentation to know all supported JavaScript runtimes. You can also disable generation of controller specific asset files by adding the following to your `config/application.rb` configuration: @@ -737,10 +735,10 @@ Rails.application.config.assets.precompile << Proc.new do |path| full_path = Rails.application.assets.resolve(path).to_path app_assets_path = Rails.root.join('app', 'assets').to_path if full_path.starts_with? app_assets_path - puts "including asset: " + full_path + logger.info "including asset: " + full_path true else - puts "excluding asset: " + full_path + logger.info "excluding asset: " + full_path false end else diff --git a/guides/source/command_line.md b/guides/source/command_line.md index a074b849c6..b9014724bd 100644 --- a/guides/source/command_line.md +++ b/guides/source/command_line.md @@ -130,7 +130,7 @@ Example: `rails generate controller CreditCards open debit credit close` Credit card controller with URLs like /credit_cards/debit. - Controller: app/controllers/credit_card_controller.rb + Controller: app/controllers/credit_cards_controller.rb Test: test/controllers/credit_cards_controller_test.rb Views: app/views/credit_cards/debit.html.erb [...] Helper: app/helpers/credit_cards_helper.rb diff --git a/guides/source/configuring.md b/guides/source/configuring.md index dbbd0c1aea..7b9710bcd8 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -62,7 +62,7 @@ These configuration methods are to be called on a `Rails::Railtie` object, such * `config.autoload_paths` accepts an array of paths from which Rails will autoload constants. Default is all directories under `app`. -* `config.cache_classes` controls whether or not application classes and modules should be reloaded on each request. Defaults to false in development mode, and true in test and production modes. Can also be enabled with `threadsafe!`. +* `config.cache_classes` controls whether or not application classes and modules should be reloaded on each request. Defaults to false in development mode, and true in test and production modes. * `config.action_view.cache_template_loading` controls whether or not templates should be reloaded on each request. Defaults to whatever is set for `config.cache_classes`. @@ -86,7 +86,7 @@ application. Accepts a valid week day symbol (e.g. `:monday`). end ``` -* `config.dependency_loading` is a flag that allows you to disable constant autoloading setting it to false. It only has effect if `config.cache_classes` is true, which it is by default in production mode. This flag is set to false by `config.threadsafe!`. +* `config.dependency_loading` is a flag that allows you to disable constant autoloading setting it to false. It only has effect if `config.cache_classes` is true, which it is by default in production mode. * `config.eager_load` when true, eager loads all registered `config.eager_load_namespaces`. This includes your application, engines, Rails frameworks and any other registered namespace. @@ -108,7 +108,7 @@ numbers. New applications filter out passwords by adding the following `config.f * `config.log_formatter` defines the formatter of the Rails logger. This option defaults to an instance of `ActiveSupport::Logger::SimpleFormatter` for all modes except production, where it defaults to `Logger::Formatter`. -* `config.log_level` defines the verbosity of the Rails logger. This option defaults to `:debug` for all modes except production, where it defaults to `:info`. +* `config.log_level` defines the verbosity of the Rails logger. This option defaults to `:debug` for all environments. * `config.log_tags` accepts a list of methods that the `request` object responds to. This makes it easy to tag log lines with debug information like subdomain and request id - both very helpful in debugging multi-user production applications. @@ -364,6 +364,29 @@ encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. method should be performed on the parameters. See [Security Guide](security.html#unsafe-query-generation) for more information. It defaults to true. +* `config.action_dispatch.rescue_responses` configures what exceptions are assigned to an HTTP status. It accepts a hash and you can specify pairs of exception/status. By default, this is defined as: + + ```ruby + config.action_dispatch.rescue_responses = { + 'ActionController::RoutingError' => :not_found, + 'AbstractController::ActionNotFound' => :not_found, + 'ActionController::MethodNotAllowed' => :method_not_allowed, + 'ActionController::UnknownHttpMethod' => :method_not_allowed, + 'ActionController::NotImplemented' => :not_implemented, + 'ActionController::UnknownFormat' => :not_acceptable, + 'ActionController::InvalidAuthenticityToken' => :unprocessable_entity, + 'ActionDispatch::ParamsParser::ParseError' => :bad_request, + 'ActionController::BadRequest' => :bad_request, + 'ActionController::ParameterMissing' => :bad_request, + 'ActiveRecord::RecordNotFound' => :not_found, + 'ActiveRecord::StaleObjectError' => :conflict, + 'ActiveRecord::RecordInvalid' => :unprocessable_entity, + 'ActiveRecord::RecordNotSaved' => :unprocessable_entity + } + ``` + + Any execptions that are not configured will be assigned to 500 Internal server error. + * `ActionDispatch::Callbacks.before` takes a block of code to run before the request. * `ActionDispatch::Callbacks.to_prepare` takes a block to run after `ActionDispatch::Callbacks.before`, but before the request. Runs for every request in `development` mode, but only once for `production` or environments with `cache_classes` set to `true`. @@ -471,6 +494,8 @@ There are a few configuration options available in Active Support: * `config.active_support.bare` enables or disables the loading of `active_support/all` when booting Rails. Defaults to `nil`, which means `active_support/all` is loaded. +* `config.active_support.test_order` sets the order that test cases are executed. Possible values are `:sorted` and `:random`. Currently defaults to `:sorted`. In Rails 5.0, the default will be changed to `:random` instead. + * `config.active_support.escape_html_entities_in_json` enables or disables the escaping of HTML entities in JSON serialization. Defaults to `false`. * `config.active_support.use_standard_json_time_format` enables or disables serializing dates to ISO 8601 format. Defaults to `true`. diff --git a/guides/source/contributing_to_ruby_on_rails.md b/guides/source/contributing_to_ruby_on_rails.md index 8bc4b10591..302c4ca9c0 100644 --- a/guides/source/contributing_to_ruby_on_rails.md +++ b/guides/source/contributing_to_ruby_on_rails.md @@ -559,6 +559,23 @@ $ git push origin my_pull_request -f You should be able to refresh the pull request on GitHub and see that it has been updated. +#### Updating pull request + +Sometimes you will be asked to make some changes to the code you have +already committed. This can include amending existing commits. In this +case Git will not allow you to push the changes as the pushed branch +and local branch do not match. Instead of opening a new pull request, +you can force push to your branch on GitHub as described earlier in +squashing commits section: + +```bash +$ git push origin my_pull_request -f +``` + +This will update the branch and pull request on GitHub with your new code. Do +note that using force push may result in commits being lost on the remote branch; use it with care. + + ### Older Versions of Ruby on Rails If you want to add a fix to older versions of Ruby on Rails, you'll need to set up and switch to your own local tracking branch. Here is an example to switch to the 4-0-stable branch: diff --git a/guides/source/debugging_rails_applications.md b/guides/source/debugging_rails_applications.md index 88c6210296..1a647f8375 100644 --- a/guides/source/debugging_rails_applications.md +++ b/guides/source/debugging_rails_applications.md @@ -138,7 +138,7 @@ Rails.logger.level = 0 # at any time This is useful when you want to log under development or staging, but you don't want to flood your production log with unnecessary information. -TIP: The default Rails log level is `info` in production mode and `debug` in development and test mode. +TIP: The default Rails log level is `debug` in all environments. ### Sending Messages diff --git a/guides/source/i18n.md b/guides/source/i18n.md index 1023598aa4..0761d5b39c 100644 --- a/guides/source/i18n.md +++ b/guides/source/i18n.md @@ -676,6 +676,22 @@ en: <div><%= t('title.html') %></div> ``` +Interpolation escapes as needed though. For example, given: + +```yaml +en: + welcome_html: "<b>Welcome %{username}!</b>" +``` + +you can safely pass the username as set by the user: + +```erb +<%# This is safe, it is going to be escaped if needed. %> +<%= t('welcome_html', username: @current_user.username %> +``` + +Safe strings on the other hand are interpolated verbatim. + NOTE: Automatic conversion to HTML safe translate text is only available from the `translate` view helper method.  diff --git a/guides/source/maintenance_policy.md b/guides/source/maintenance_policy.md index 6f8584b3b7..050a64ddf3 100644 --- a/guides/source/maintenance_policy.md +++ b/guides/source/maintenance_policy.md @@ -39,7 +39,10 @@ Only the latest release series will receive bug fixes. When enough bugs are fixed and its deemed worthy to release a new gem, this is the branch it happens from. -**Currently included series:** `4.1.Z`, `4.0.Z`. +In special situations, where someone from the Core Team agrees to support more series, +they are included in the list of supported series. + +**Currently included series:** `4.2.Z`, `4.1.Z` (Supported by Rafael França). Security Issues --------------- @@ -54,7 +57,7 @@ be built from 1.2.2, and then added to the end of 1-2-stable. This means that security releases are easy to upgrade to if you're running the latest version of Rails. -**Currently included series:** `4.1.Z`, `4.0.Z`. +**Currently included series:** `4.2.Z`, `4.1.Z`. Severe Security Issues ---------------------- @@ -63,7 +66,7 @@ For severe security issues we will provide new versions as above, and also the last major release series will receive patches and new versions. The classification of the security issue is judged by the core team. -**Currently included series:** `4.1.Z`, `4.0.Z`, `3.2.Z`. +**Currently included series:** `4.2.Z`, `4.1.Z`, `3.2.Z`. Unsupported Release Series -------------------------- diff --git a/guides/source/routing.md b/guides/source/routing.md index af8c1bbcc4..b1a287f53a 100644 --- a/guides/source/routing.md +++ b/guides/source/routing.md @@ -756,7 +756,7 @@ get '*a/foo/*b', to: 'test#index' would match `zoo/woo/foo/bar/baz` with `params[:a]` equals `'zoo/woo'`, and `params[:b]` equals `'bar/baz'`. -NOTE: By requesting `'/foo/bar.json'`, your `params[:pages]` will be equals to `'foo/bar'` with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `format: false` like this: +NOTE: By requesting `'/foo/bar.json'`, your `params[:pages]` will be equal to `'foo/bar'` with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `format: false` like this: ```ruby get '*pages', to: 'pages#show', format: false diff --git a/guides/source/upgrading_ruby_on_rails.md b/guides/source/upgrading_ruby_on_rails.md index 989d8400e5..7267ef1b4f 100644 --- a/guides/source/upgrading_ruby_on_rails.md +++ b/guides/source/upgrading_ruby_on_rails.md @@ -8,7 +8,7 @@ This guide provides steps to be followed when you upgrade your applications to a General Advice -------------- -Before attempting to upgrade an existing application, you should be sure you have a good reason to upgrade. You need to balance out several factors: the need for new features, the increasing difficulty of finding support for old code, and your available time and skills, to name a few. +Before attempting to upgrade an existing application, you should be sure you have a good reason to upgrade. You need to balance several factors: the need for new features, the increasing difficulty of finding support for old code, and your available time and skills, to name a few. ### Test Coverage @@ -55,15 +55,88 @@ a [pull request](https://github.com/rails/rails/edit/master/guides/source/upgrad ### Web Console -TODO: setup instructions for web console on existing apps. +First, add `gem 'web-console', '~> 2.0'` to the `:development` group in your Gemfile and run `bundle install` (it won't have been included when you upgraded Rails). Once it's been installed, you can simply drop a reference to the console helper (i.e., `<%= console %>`) into any view you want to enable it for. A console will also be provided on any error page you view in your development environment. + +Additionally, you can tell Rails to automatically mount a VT100-compatible console on a predetermined path by setting the appropriate configuration flags in your development config: + +```ruby +# config/environments/development.rb + +config.web_console.automount = true +config.web_console.default_mount_path = '/terminal' # Optional, defaults to /console +``` ### Responders -TODO: mention https://github.com/rails/rails/pull/16526 +`respond_with` and the class-level `respond_to` methods have been extracted to the `responders` gem. To use them, simply add `gem 'responders', '~> 2.0'` to your Gemfile. Calls to `respond_with` and `respond_to` (again, at the class level) will no longer work without having included the `responders` gem in your dependencies: + +```ruby +# app/controllers/users_controller.rb + +class UsersController < ApplicationController + respond_to :html, :json + + def show + @user = User.find(params[:id]) + respond_with @user + end +end +``` + +Instance-level `respond_to` is unaffected and does not require the additional gem: + +```ruby +# app/controllers/users_controller.rb + +class UsersController < ApplicationController + def show + @user = User.find(params[:id]) + respond_to do |format| + format.html + format.json { render json: @user } + end + end +end +``` + +See [#16526](https://github.com/rails/rails/pull/16526) for more details. ### Error handling in transaction callbacks -TODO: mention https://github.com/rails/rails/pull/16537 +Currently, Active Record suppresses errors raised +within `after_rollback` or `after_commit` callbacks and only prints them to +the logs. In the next version, these errors will no longer be suppressed. +Instead, the errors will propagate normally just like in other Active +Record callbacks. + +When you define a `after_rollback` or `after_commit` callback, you +will receive a deprecation warning about this upcoming change. When +you are ready, you can opt into the new behavior and remove the +deprecation warning by adding following configuration to your +`config/application.rb`: + + config.active_record.raise_in_transactional_callbacks = true + +See [#14488](https://github.com/rails/rails/pull/14488) and +[#16537](https://github.com/rails/rails/pull/16537) for more details. + +### Ordering of test cases + +In Rails 5.0, test cases will be executed in random order by default. In +anticipation of this change, Rails 4.2 introduced a new configuration option +`active_support.test_order` for explicitly specifying the test ordering. This +allows you to either lock down the current behavior by setting the option to +`:sorted`, or opt into the future behavior by setting the option to `:random`. + +If you do not specify a value for this option, a deprecation warning will be +emitted. To avoid this, add the following line to your test environment: + +```ruby +# config/environments/test.rb +Rails.application.configure do + config.active_support.test_order = :sorted # or `:random` if you prefer +end +``` ### Serialized attributes @@ -113,15 +186,6 @@ venerable html-scanner approach is now officially being deprecated in favor of This means the methods `sanitize`, `sanitize_css`, `strip_tags` and `strip_links` are backed by a new implementation. -In the next major Rails version `Rails Html Sanitizer` will be the default -sanitizer. It already is for new applications. - -Include this in your Gemfile to try it out today: - -```ruby -gem 'rails-html-sanitizer' -``` - This new sanitizer uses [Loofah](https://github.com/flavorjones/loofah) internally. Loofah in turn uses Nokogiri, which wraps XML parsers written in both C and Java, so sanitization should be faster no matter which Ruby version you run. @@ -136,6 +200,12 @@ Read the [gem's readme](https://github.com/rails/rails-html-sanitizer) for more The documentation for `PermitScrubber` and `TargetScrubber` explains how you can gain complete control over when and how elements should be stripped. +If your application needs to old behaviour include `rails-deprecated_sanitizer` in your Gemfile: + +```ruby +gem 'rails-deprecated_sanitizer' +``` + ### Rails DOM Testing TODO: Mention https://github.com/rails/rails/commit/4e97d7585a2f4788b9eed98c6cdaf4bb6f2cf5ce |