| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
We sometimes say "✂️ newline after `private`" in a code review (e.g.
https://github.com/rails/rails/pull/18546#discussion_r23188776,
https://github.com/rails/rails/pull/34832#discussion_r244847195).
Now `Layout/EmptyLinesAroundAccessModifier` cop have new enforced style
`EnforcedStyle: only_before` (https://github.com/rubocop-hq/rubocop/pull/7059).
That cop and enforced style will reduce the our code review cost.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, when using `render file:`, it was possible to render files
not only at an absolute path or relative to the current directory, but
relative to ANY view paths. This was probably done for absolutely
maximum compatibility when addressing CVE-2016-0752, but I think is
unlikely to be used in practice.
Tihs commit removes the ability to `render file:` with a path relative
to a non-fallback view path.
Make FallbackResolver.new private
To ensure nobody is making FallbackResolvers other than "/" and "".
Make reject_files_external_... no-op for fallbacks
Because there are only two values used for path: "" and "/", and
File.join("", "") == File.join("/", "") == "/", this method was only
testing that the absolute paths started at "/" (which of course all do).
This commit doesn't change any behaviour, but it makes it explicit that
the FallbackFileSystemResolver works this way.
Remove outside_app_allowed argument
Deprecate find_all_anywhere
This is now equivalent to find_all
Remove outside_app argument
Deprecate find_file for find
Both LookupContext#find_file and PathSet#find_file are now equivalent to
their respective #find methods.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This is a developer quality of life improvement, to ensure that unknown
formats aren't assigned (which it would previously accept, but wouldn't
work 100% correctly due to caching).
|
| |
|
|
|
| |
Having a format listed twice had no effect. This is mostly helpful to
avoid an extra format when assigning [:html, "*/*"]
|
| |
|
|
|
| |
This also removes the mutation we were performing on the values being
passed in.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sample example ->
Before:
prathamesh@Prathameshs-MacBook-Pro-2 blog *$ rails server thin
DEPRECATION WARNING: Passing the Rack server name as a regular argument is deprecated
and will be removed in the next Rails version. Please, use the -u
option instead.
After:
prathamesh@Prathameshs-MacBook-Pro-2 squish_app *$ rails server thin
DEPRECATION WARNING: Passing the Rack server name as a regular argument is deprecated and will be removed in the next Rails version. Please, use the -u option instead.
|
| |
|
|
|
| |
We no longer depend on `rendered_format` side effects, so we can remove
this method now. 🎉
|
| |
|
|
|
|
|
|
|
|
|
| |
This commit keeps a stack of lookup contexts on the ActionView::Base
instance. If a format is passed to render, we instantiate a new lookup
context and push it on the stack, that way any child calls to "render"
will use the same format information as the parent. This also isolates
"sibling" calls to render (multiple calls to render in the same
template).
Fixes #35222 #34138
|
| | |
|
| | |
|
| |
|
|
|
| |
This commit exposes all system wide view paths so that we can clear
their caches.
|
| |
|
|
|
| |
This commit splits the digest cache from the "details identity" cache.
Now both caches can be managed independently.
|
| |
|
|
|
| |
Now we can throw away the subclass and the generated methods will get
GC'd too
|
| |
|
|
|
|
|
| |
This patch changes `with_fallbacks` to be a factory method that returns
a new instance of a lookup context which contains the fallback view
paths in addition to the controller specific view paths. Since the
lookup context is more "read only", we may be able to cache them
|
| |
|
|
|
|
| |
The `with_fallbacks` method will temporarily mutate the lookup context
instance, but nobody can call the setter, and we don't have to do a push
/ pop dance.
|
| |
|
|
|
|
| |
since Ruby 2.5
https://bugs.ruby-lang.org/issues/14133
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since Rails 6.0 will support Ruby 2.4.1 or higher
`# frozen_string_literal: true` magic comment is enough to make string object frozen.
This magic comment is enabled by `Style/FrozenStringLiteralComment` cop.
* Exclude these files not to auto correct false positive `Regexp#freeze`
- 'actionpack/lib/action_dispatch/journey/router/utils.rb'
- 'activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb'
It has been fixed by https://github.com/rubocop-hq/rubocop/pull/6333
Once the newer version of RuboCop released and available at Code Climate these exclude entries should be removed.
* Replace `String#freeze` with `String#-@` manually if explicit frozen string objects are required
- 'actionpack/test/controller/test_case_test.rb'
- 'activemodel/test/cases/type/string_test.rb'
- 'activesupport/lib/active_support/core_ext/string/strip.rb'
- 'activesupport/test/core_ext/string_ext_test.rb'
- 'railties/test/generators/actions_test.rb'
|
| |
|
|
| |
This basically reverts c4d1a4efeec6f0b5b58222993aa0bec85a19b6a8
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
A few have been left for aesthetic reasons, but have made a pass
and removed most of them.
Note that if the method `foo` returns an array, `foo << 1`
is a regular push, nothing to do with assignments, so
no self required.
|
| |
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
| |
|
|
|
| |
All of this is `nodoc`'ed, so we shouldn't have to worry about breaking
changes, if there are any -- all internal API :).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Conceptually revert #20276
The feature was implemented for the `responders` gem. In the end,
they did not need that feature, and have found a better fix (see
plataformatec/responders#131).
`ImplicitRender` is the place where Rails specifies our default
policies for the case where the user did not explicitly tell us
what to render, essentially describing a set of heuristics. If
the gem (or the user) knows exactly what they want, they could
just perform the correct `render` to avoid falling through to
here, as `responders` did (the user called `respond_with`).
Reverting the patch allows us to avoid exploding the complexity
and defining “the fallback for a fallback” policies.
2. `respond_to` and templates are considered exhaustive enumerations
If the user specified a list of formats/variants in a `respond_to`
block, anything that is not explicitly included should result
in an `UnknownFormat` error (which is then caught upstream to
mean “406 Not Acceptable” by default). This is already how it
works before this commit.
Same goes for templates – if the user defined a set of templates
(usually in the file system), that set is now considered exhaustive,
which means that “missing” templates are considered `UnknownFormat`
errors (406).
3. To keep API endpoints simple, the implicit render behavior for
actions with no templates defined at all (regardless of formats,
locales, variants, etc) are defaulted to “204 No Content”. This
is a strictly narrower version of the feature landed in #19036 and
#19377.
4. To avoid confusion when interacting in the browser, these actions
will raise an `UnknownFormat` error for “interactive” requests
instead. (The precise definition of “interactive” requests might
change – the spirit here is to give helpful messages and avoid
confusions.)
Closes #20666, #23062, #23077, #23564
[Godfrey Chan, Jon Moss, Kasper Timm Hansen, Mike Clark, Matthew Draper]
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This moves digest calculation cache on to the details key object.
Before, the digest cache was a class level ivar, and one of the keys was
the hash value of the details key object:
https://github.com/rails/rails/blob/13c4cc3b5aea02716b7459c0da641438077f5236/actionview/lib/action_view/digestor.rb#L28
An object's hash value is not unique, so it's possible for this cache
key to produce colliding keys with no resolution. This commit move
cache on to the details key object itself, so we know that the digests
are always unique per details key object.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I don't think caching this method makes any difference on Ruby 2.0:
```
require 'benchmark/ips'
class Foo
alias :object_hash :hash
attr_reader :hash
def initialize
@hash = object_hash
end
end
class Bar
end
hash = {}
foo = Foo.new
bar = Bar.new
Benchmark.ips do |x|
x.report("foo") { hash[foo] }
x.report("bar") { hash[bar] }
x.report("foo.hash") { foo.hash }
x.report("bar.hash") { bar.hash }
end
__END__
[aaron@TC ruby (trunk)]$ ruby test.rb
Warming up --------------------------------------
foo 118.361k i/100ms
bar 118.637k i/100ms
Calculating -------------------------------------
foo 7.944M (± 3.1%) i/s - 39.769M
bar 7.931M (± 3.4%) i/s - 39.625M
[aaron@TC ruby (trunk)]$ ruby test.rb
Warming up --------------------------------------
foo 122.180k i/100ms
bar 120.492k i/100ms
foo.hash 123.397k i/100ms
bar.hash 119.312k i/100ms
Calculating -------------------------------------
foo 8.002M (± 4.2%) i/s - 39.953M
bar 8.037M (± 4.5%) i/s - 40.124M
foo.hash 8.819M (± 3.9%) i/s - 44.053M
bar.hash 7.856M (± 4.1%) i/s - 39.254M
```
|
| |
|
|
|
|
| |
This metaprogrammed method doesn't seem to be a bottleneck, so lets just
use a regular method so it's easier to understand. We can follow up
with more interesting techniques for cache manipulation soon.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 5-0-beta-sec:
bumping version
fix version update task to deal with .beta1.1
Eliminate instance level writers for class accessors
allow :file to be outside rails root, but anything else must be inside the rails view directory
Don't short-circuit reject_if proc
stop caching mime types globally
use secure string comparisons for basic auth username / password
|
| | |
| |
| |
| |
| |
| | |
rails view directory
CVE-2016-0752
|
| |/ |
|
| | |
|
| |\
| |
| | |
Removed unused parameter `options` for `register_detail` method
|
| | |
| |
| | |
This method is only called with name & block.
|
| |/
|
|
|
|
|
| |
The thread_safe gem is being deprecated and all its code has been merged
into the concurrent-ruby gem. The new class, Concurrent::Map, is exactly
the same as its predecessor except for fixes to two bugs discovered
during the merge.
|
| |
|
|
| |
explicitely.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I wrote a utility that helps find areas where you could optimize your program using a frozen string instead of a string literal, it's called [let_it_go](https://github.com/schneems/let_it_go). After going through the output and adding `.freeze` I was able to eliminate the creation of 1,114 string objects on EVERY request to [codetriage](codetriage.com). How does this impact execution?
To look at memory:
```ruby
require 'get_process_mem'
mem = GetProcessMem.new
GC.start
GC.disable
1_114.times { " " }
before = mem.mb
after = mem.mb
GC.enable
puts "Diff: #{after - before} mb"
```
Creating 1,114 string objects results in `Diff: 0.03125 mb` of RAM allocated on every request. Or 1mb every 32 requests.
To look at raw speed:
```ruby
require 'benchmark/ips'
number_of_objects_reduced = 1_114
Benchmark.ips do |x|
x.report("freeze") { number_of_objects_reduced.times { " ".freeze } }
x.report("no-freeze") { number_of_objects_reduced.times { " " } }
end
```
We get the results
```
Calculating -------------------------------------
freeze 1.428k i/100ms
no-freeze 609.000 i/100ms
-------------------------------------------------
freeze 14.363k (± 8.5%) i/s - 71.400k
no-freeze 6.084k (± 8.1%) i/s - 30.450k
```
Now we can do some maths:
```ruby
ips = 6_226k # iterations / 1 second
call_time_before = 1.0 / ips # seconds per iteration
ips = 15_254 # iterations / 1 second
call_time_after = 1.0 / ips # seconds per iteration
diff = call_time_before - call_time_after
number_of_objects_reduced * diff * 100
# => 0.4530373333993266 miliseconds saved per request
```
So we're shaving off 1 second of execution time for every 220 requests.
Is this going to be an insane speed boost to any Rails app: nope. Should we merge it: yep.
p.s. If you know of a method call that doesn't modify a string input such as [String#gsub](https://github.com/schneems/let_it_go/blob/b0e2da69f0cca87ab581022baa43291cdf48638c/lib/let_it_go/core_ext/string.rb#L37) please [give me a pull request to the appropriate file](https://github.com/schneems/let_it_go/blob/b0e2da69f0cca87ab581022baa43291cdf48638c/lib/let_it_go/core_ext/string.rb#L37), or open an issue in LetItGo so we can track and freeze more strings.
Keep those strings Frozen
|
| |
|
|
| |
Various grammar corrections and wrap to 80 characters.
|
| |
|
|
| |
LookupContext is class name
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Given the following templates:
mailer/demo.html.erb
mailer/demo.en.html.erb
mailer/demo.pt.html.erb
Before this change for a locale that doesn't have its related file
the `mailer/demo.html.erb` will
be rendered even if `en` is the default locale.
Now `mailer/demo.en.html.erb` has precedence over the file without
locale.
Also, it is possible to give a fallback.
mailer/demo.pt.html.erb
mailer/demo.pt-BR.html.erb
So if the locale is `pt-PT`, `mailer/demo.pt.html.erb` will be
rendered given the right I18n fallback configuration.
Fixes #11884.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The performance is almost the same with both implementations but this is
clear.
Before this patch:
Calculating -------------------------------------
small erb template 1452 i/100ms
-------------------------------------------------
small erb template 17462.1 (±13.3%) i/s - 85668 in 5.031395s
.Calculating -------------------------------------
small erb template with 1 partial
887 i/100ms
-------------------------------------------------
small erb template with 1 partial
8899.6 (±18.8%) i/s - 42576 in 5.009453s
.Calculating -------------------------------------
small erb template with 2 partials
666 i/100ms
-------------------------------------------------
small erb template with 2 partials
6821.5 (±8.8%) i/s - 33966 in 5.020791s
After the patch:
Calculating -------------------------------------
small erb template 1479 i/100ms
-------------------------------------------------
small erb template 15956.6 (±7.6%) i/s - 79866 in 5.036001s
.Calculating -------------------------------------
small erb template with 1 partial
841 i/100ms
-------------------------------------------------
small erb template with 1 partial
9242.2 (±6.9%) i/s - 46255 in 5.029497s
.Calculating -------------------------------------
small erb template with 2 partials
615 i/100ms
-------------------------------------------------
small erb template with 2 partials
6524.7 (±6.8%) i/s - 32595 in 5.020456s
You can find the benchmark code at
https://gist.github.com/rafaelfranca/dee31120cfdb1ddc3b56
|
| |
|
|
|
|
|
|
|
| |
Using ruby-prof, I noticed that Set#add had the largest 'self time'
percentage (5% of the overall time spent rendering) when
benchmarking the rendering of a small cached ERB template that was 3
lines long. It turns out it was from this line. I don't believe the
Set is necessary, either. Removing this line increases the rendering
ips using Benchmark::ips accordingly.
|
| | |
|
| |
|
|
|
| |
Before we had a bug in the resolver cache so the disable_cache were not
working when passing options to find
|
