This release is focused on bug fixes, performance improvements,
internal refactoring and Rails 3.1 compatibility. Please give it a try
and in case of any issues please report them on Github.
* #valid? is always called even if a resource is not dirty
* Issues with JRuby and unicode were fixed
* Massive internal clean-up towards future rewrite that will make validations
even more awesome
* alter table is fixed for postgres
* Property options (such as :length) are now correctly used in migrations
* Support to specify table options when creating a table was added (for things
like db engines in mysql etc.)
* Fix bug related to migrating custom types derived from builtin types
* STI queries no longer include the top-level class name
* UnderscoredAndPluralizedWithoutLeadingModule naming convention was added
belongs_to supports :unique option
* Validation of property names was improved
* Resource[] and Resource[]= no longer fail when property name is not known
* Redundant usage of chainable was removed resulting in a better performance
* Boolean property typecasting was refactored
* Various issues with setting default Property options were fixed
* Resource#attributes= no longer use public_method_defined? - this is a
security fix preventing possible DDOS attacks
* Problems with auto-migrations in multiple repositories were fixed
* Encoding problems with Binary property are fixed
3.1.11
* Allow control directives (such as @if) to be nested beneath properties.
* Allow property names to begin with a hyphen followed by interpolation
(e.g. -#{...}).
* Fix a parsing error with interpolation in comma-separated lists.
* Make --cache-store with with --update.
* Properly report ArgumentErrors that occur within user-defined functions.
* Don’t crash on JRuby if the underlying Java doesn’t support every Unicode
encoding.
* Add new updated_stylesheet callback, which is run after each stylesheet has
been successfully compiled. Thanks to Christian Peters.
* Allow absolute paths to be used in an importer with a different root.
* Don’t destructively modify the options when running
Sass::Plugin.force_update.
Deprecations – Must Read!
* The updating_stylesheet is deprecated and will be removed in a future
release. Use the new updated_stylesheet callback instead.
3.1.10
* Fix another aspect of the 3.1.8 regression relating to +.
3.1.9
* Fix a regression in 3.1.8 that broke the + combinator in selectors.
* Deprecate the loud-comment flag when used with silent comments
(e.g. //!). Using it with multi-line comments (e.g. /*!) still works.
3.1.8
* Deprecate parent selectors followed immediately by identifiers
(e.g. &foo). This should never have worked, since it violates the rule of &
only being usable where an element selector would.
* Add a --force option to the sass executable which makes --update always
compile all stylesheets, even if the CSS is newer.
* Disallow semicolons at the end of @import directives in the indented syntax.
* Don’t error out when being used as a library without requiring fileutil.
* Don’t crash when Compass-style sprite imports are used with
StalenessChecker (thanks to Matthias Bauer).
* The numeric precision of numbers in Sass can now be set using the
--precision option to the command line. Additionally, the default number of
digits of precision in Sass output can now be changed by setting
Sass::Script::Number.precision to an integer (defaults to 3). Since this
value can now be changed, the PRECISION constant in Sass::Script::Number has
been deprecated. In the unlikely event that you were using it in your code,
you should now use Sass::Script::Number.precision_factor instead.
* Don’t crash when running sass-convert with selectors with two commas in a
row.
* Explicitly require Ruby >= 1.8.7 (thanks Eric Mason).
* Properly validate the nesting of elements in imported stylesheets.
* Properly compile files in parent directories with --watch and --update.
* Properly null out options in mixin definitions before caching them. This
fixes a caching bug that has been plaguing some Rails 3.1 users.
=== 2.3.2
* Bug fix
* Finish connections that were closed by Net::HTTP so they can be restarted.
=== 2.3.1 / 2011-10-26
* Bug fix
* If a request object already contains a Connection header it will no longer
be overridden. This allows keep-alive connections to be disabled on a
per-request basis.
=== 2.3 / 2011-10-25
* Minor Enhancement
* The time since last use for a connection is now recorded in error
messages for the connection.
=== 2.2 / 2011-10-24
* Minor Enhancements
* Added timeouts for idle connections which are set through #idle_timeout.
The default timeout is 5 seconds. Reducing the idle timeout is preferred
over setting #retry_change_requests to true if you wish to avoid the "too
many connection resets" error when POSTing data.
* Documented tunables and settings in one place in Net::HTTP::Persistent
=== 2.1 / 2011-09-19
* Minor Enhancement
* For HTTPS connections, SSL sessions are now reused avoiding the extra
round trips and computations of extra SSL handshakes. If you have
problems with SSL session reuse it can be disabled by
Net::HTTP::Persistent#reuse_ssl_sessions
* Bug Fixes
* The default certificate store is now used even if #verify_mode was not
set. Issue #7, Pull Request #8 by Matthew M. Boedicker
## 2.3.0
* Several speed/memory improvements
* Numerous bug fixes
* Added support for MRI 1.9, Rubinius, and JRuby
* Added support for integer drop parameters
* Added epoch support to `date` filter
* New `raw` tag that suppresses parsing
* Added `else` option to `for` tag
* New `increment` tag
* New `split` filter
## 2.2.1 / 2010-08-23
* Added support for literal tags
This is current stable release of Drupal.
Drupal is software that allows an individual or a community of users to easily
publish, manage and organize a great variety of content on a website. Tens of
thousands of people and organizations have used Drupal to set up scores of
different kinds of web sites, including
* community web portals and discussion sites
* corporate web sites/intranet portals
* personal web sites
* aficionado sites
* e-commerce applications
* resource directories
Drupal includes features to enable:
* content management systems
* blogs
* collaborative authoring environments
* forums
* newsletters
* picture galleries
* file uploads and download
This package can use either setuptools (egg.mk) or distutils
(distutils.mk), but it prefers setuptools and thus should be built
with our egg.mk support. Adjust PLIST for egg.mk (different)
variables and drop eggfile conditionalization, as eggs always have
egg-info directories.
Thanks to dholland@ and obache@ for noticing/suggesting.
== 1.3.1 Triple Espresso
* Fix service not working pre 1.9.
== 1.3.0 Double Espresso
* BREAKING CHANGE: Thin no longer ships with fat Windows binaries.
From now on, to install on Windows, install https://github.com/oneclick/rubyinstaller/wiki/Development-Kit.
* BREAKING CHANGE: Remove automatic Content-Length setting.
It is now the responsibility of the app (or a middleware) to set the Content-Length.
* Log errors to STDERR [textgoeshere]
* Shut down gracefully when receiving SIGTERM [ddollar]
Processes are allowed a chance to shut down gracefully when receiving
SIGTERM (http://en.wikipedia.org/wiki/SIGTERM).
On Heroku, when shutting down a process, we send a SIGTERM followed 10
seconds later with a SIGKILL, similar to the behavior of the init daemon
on most Unix systems. This patch will allow Heroku apps to shut down
gracefully when they need to be terminated / moved.
MultiJSON
Lots of Ruby libraries utilize JSON parsing in some form, and everyone has
their favorite JSON library. In order to best support multiple JSON parsers
and libraries, multi_json is a general-purpose swappable JSON backend library.
## Rails 3.1.3 (unreleased) ##
* New apps should be generated with a sass-rails dependency of 3.1.5, not 3.1.5.rc.2
## Rails 3.1.2 (unreleased) ##
* Engines: don't blow up if db/seeds.rb is missing.
*Jeremy Kemper*
* `rails new foo --skip-test-unit` should not add the `:test` task to the rake default task.
*GH 2564*
*José Valim*
## Rails 3.1.1 (October 7, 2011) ##
* Add jquery-rails to Gemfile of plugins, test/dummy app needs it. Closes#3091. *Santiago Pastorino*
* Add config.assets.initialize_on_precompile which, when set to false, forces
`rake assets:precompile` to load the application but does not initialize it.
To the app developer, this means configuration add in
config/initializers/* will not be executed.
Plugins developers need to special case their initializers that are
meant to be run in the assets group by adding :group => :assets.
## Rails 3.1.0 (August 30, 2011) ##
* The default database schema file is written as UTF-8. *Aaron Patterson*
* Generated apps with --dev or --edge flags depend on git versions of
sass-rails and coffee-rails. *Santiago Pastorino*
* Rack::Sendfile middleware is used only if x_sendfile_header is present. *Santiago Pastorino*
* Add JavaScript Runtime name to the Rails Info properties. *DHH*
* Make pp enabled by default in Rails console. *Akira Matsuda*
* Add alias `r` for rails runner. *Jordi Romero*
* Make sprockets/railtie require explicit and add --skip-sprockets to app generator *José Valim*
* Added Rails.groups that automatically handles Rails.env and ENV["RAILS_GROUPS"] *José Valim*
* The new rake task assets:clean removes precompiled assets. *fxn*
* Application and plugin generation run bundle install unless --skip-gemfile or --skip-bundle. *fxn*
* Fixed database tasks for jdbc* adapters #jruby *Rashmi Yadav*
* Template generation for jdbcpostgresql #jruby *Vishnu Atrai*
* Template generation for jdbcmysql and jdbcsqlite3 #jruby *Arun Agrawal*
* The -j option of the application generator accepts an arbitrary string. If passed "foo",
the gem "foo-rails" is added to the Gemfile, and the application JavaScript manifest
requires "foo" and "foo_ujs". As of this writing "prototype-rails" and "jquery-rails"
exist and provide those files via the asset pipeline. Default is "jquery". *fxn*
* jQuery is no longer vendored, it is provided from now on by the jquery-rails gem. *fxn*
* Prototype and Scriptaculous are no longer vendored, they are provided from now on
by the prototype-rails gem. *fxn*
* The scaffold controller will now produce SCSS file if Sass is available *Prem Sichanugrist*
* The controller and resource generators will now automatically produce asset stubs (this can be turned off with --skip-assets). These stubs will use Coffee and Sass, if those libraries are available. *DHH*
* jQuery is the new default JavaScript library. *fxn*
* Changed scaffold, application, and mailer generator to create Ruby 1.9 style hash when running on Ruby 1.9 *Prem Sichanugrist*
So instead of creating something like:
redirect_to users_path, :notice => "User has been created"
it will now be like this:
redirect_to users_path, notice: "User has been created"
You can also passing `--old-style-hash` to make Rails generate old style hash even you're on Ruby 1.9
* Changed scaffold_controller generator to create format block for JSON instead of XML *Prem Sichanugrist*
* Add using Turn with natural language test case names for test_help.rb when running with minitest (Ruby 1.9.2+) *DHH*
* Direct logging of Active Record to STDOUT so it's shown inline with the results in the console *DHH*
* Added `config.force_ssl` configuration which loads Rack::SSL middleware and force all requests to be under HTTPS protocol *DHH, Prem Sichanugrist, and Josh Peek*
* Added `rails plugin new` command which generates rails plugin with gemspec, tests and dummy application for testing *Piotr Sarnacki*
* Added -j parameter with jquery/prototype as options. Now you can create your apps with jQuery using `rails new myapp -j jquery`. The default is still Prototype. *siong1987*
* Added Rack::Etag and Rack::ConditionalGet to the default middleware stack *José Valim*
* Added Rack::Cache to the default middleware stack *Yehuda Katz and Carl Lerche*
* Engine is now rack application *Piotr Sarnacki*
* Added middleware stack to Engine *Piotr Sarnacki*
* Engine can now load plugins *Piotr Sarnacki*
* Engine can load its own environment file *Piotr Sarnacki*
* Added helpers to call engines' route helpers from application and vice versa *Piotr Sarnacki*
* Task for copying plugins' and engines' migrations to application's db/migrate directory *Piotr Sarnacki*
* Changed ActionDispatch::Static to allow handling multiple directories *Piotr Sarnacki*
* Added isolate_namespace() method to Engine, which sets Engine as isolated *Piotr Sarnacki*
* Include all helpers from plugins and shared engines in application *Piotr Sarnacki*
## Rails 3.1.1 (October 7, 2011) ##
* No changes
## Rails 3.1.0 (August 30, 2011) ##
* The default format has been changed to JSON for all requests. If you want to continue to use XML you will need to set `self.format = :xml` in the class. eg.
class User < ActiveResource::Base
self.format = :xml
end
## Rails 3.1.3 (unreleased) ##
* Downgrade sprockets to ~> 2.0.3. Using 2.1.0 caused regressions.
* Fix using `tranlate` helper with a html translation which uses the `:count` option for
pluralization.
*Jon Leighton*
## Rails 3.1.2 (unreleased) ##
* Fix XSS security vulnerability in the `translate` helper method. When using interpolation
in combination with HTML-safe translations, the interpolated input would not get HTML
escaped. *GH 3664*
Before:
translate('foo_html', :something => '<script>') # => "...<script>..."
After:
translate('foo_html', :something => '<script>') # => "...<script>..."
*Sergey Nartimov*
* Upgrade sprockets dependency to ~> 2.1.0
* Ensure that the format isn't applied twice to the cache key, else it becomes impossible
to target with expire_action.
*Christopher Meiklejohn*
* Swallow error when can't unmarshall object from session.
*Bruno Zanchet*
* Implement a workaround for a bug in ruby-1.9.3p0 where an error would be raised
while attempting to convert a template from one encoding to another.
Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.
The workaround is to load all conversions into memory ahead of time, and will
only happen if the ruby version is *exactly* 1.9.3p0. The hope is obviously that
the underlying problem will be resolved in the next patchlevel release of
1.9.3.
*Jon Leighton*
* Ensure users upgrading from 3.0.x to 3.1.x will properly upgrade their flash object in session (issues #3298 and #2509)
## Rails 3.1.1 (October 7, 2011) ##
* stylesheet_link_tag('/stylesheets/application') and similar helpers doesn't
throw Sprockets::FileOutsidePaths exception anymore *Santiago Pastorino*
* Ensure default_asset_host_protocol is respected, closes#2980. *Jos«± Valim*
Changing rake db:schema:dump to run :environment as well as :load_config,
as running :load_config alone will lead to the dumper being run without
including extensions such as those included in foreigner and
spatial_adapter.
This reverses a change made here:
5df72a238e (L0L324)
I'm assuming here that :load_config needs to be invoked
separately from :environment, as it is elsewhere in the
file for db operations, if not the alternative is to go
back to "task :dump => :environment do".
*Ben Woosley*
* Update to rack-cache 1.1.
Versions prior to 1.1 delete the If-Modified-Since and If-Not-Modified
headers when config.action_controller.perform_caching is true. This has two
problems:
* unexpected inconsistent behaviour between development &
production environments
* breaks applications that use of these headers
*Brendan Ribera*
* Ensure that enhancements to assets:precompile task are only run once *Sam Pohlenz*
* TestCase should respect the view_assigns API instead of pulling variables on
its own. *Jos«± Valim*
* javascript_path and stylesheet_path now refer to /assets if asset pipelining
is on. *Santiago Pastorino*
* button_to support form option. Now you're able to pass for example
'data-type' => 'json'. *ihower*
* image_path and image_tag should use /assets if asset pipelining is turned
on. Closes#3126 *Santiago Pastorino and christos*
* Avoid use of existing precompiled assets during rake assets:precompile run.
Closes#3119 *Guillermo Iguaran*
* Copy assets to nondigested filenames too *Santiago Pastorino*
* Give precedence to `config.digest = false` over the existence of
manifest.yml asset digests *christos*
* escape options for the stylesheet_link_tag method *Alexey Vakhov*
* Re-launch assets:precompile task using (Rake.)ruby instead of Kernel.exec so
it works on Windows *cablegram*
* env var passed to process shouldn't be modified in process method. [Santiago
Pastorino]
* `rake assets:precompile` loads the application but does not initialize
it.
To the app developer, this means configuration add in
config/initializers/* will not be executed.
Plugins developers need to special case their initializers that are
meant to be run in the assets group by adding :group => :assets. *Jos«± Valim*
* Sprockets uses config.assets.prefix for asset_path *asee*
* FileStore key_file_path properly limit filenames to 255 characters. *phuibonhoa*
* Fix Hash#to_query edge case with html_safe strings. *brainopia*
* Allow asset tag helper methods to accept :digest => false option in order to completely avoid the digest generation.
Useful for linking assets from static html files or from emails when the user
could probably look at an older html email with an older asset. *Santiago Pastorino*
* Don't mount Sprockets server at config.assets.prefix if config.assets.compile is false. *Mark J. Titorenko*
* Set relative url root in assets when controller isn't available for Sprockets (eg. Sass files using asset_path). Fixes#2435 *Guillermo Iguaran*
* Fix basic auth credential generation to not make newlines. GH #2882
* Fixed the behavior of asset pipeline when config.assets.digest and config.assets.compile are false and requested asset isn't precompiled.
Before the requested asset were compiled anyway ignoring that the config.assets.compile flag is false. *Guillermo Iguaran*
* CookieJar is now Enumerable. Fixes#2795
* Fixed AssetNotPrecompiled error raised when rake assets:precompile is compiling certain .erb files. See GH #2763#2765#2805 *Guillermo Iguaran*
* Manifest is correctly placed in assets path when default assets prefix is changed. Fixes#2776 *Guillermo Iguaran*
* Fixed stylesheet_link_tag and javascript_include_tag to respect additional options passed by the users when debug is on. *Guillermo Iguaran*
* Fix ActiveRecord#exists? when passsed a nil value
* Fix assert_select_email to work on multipart and non-multipart emails as the method stopped working correctly in Rails 3.x due to changes in the new mail gem.
## Rails 3.1.0 (August 30, 2011) ##
* Param values are `paramified` in controller tests. *David Chelimsky*
* x_sendfile_header now defaults to nil and config/environments/production.rb doesn't set a particular value for it. This allows servers to set it through X-Sendfile-Type. *Santiago Pastorino*
* The submit form helper does not generate an id "object_name_id" anymore. *fbrusatti*
* Make sure respond_with with :js tries to render a template in all cases *Jos«± Valim*
* json_escape will now return a SafeBuffer string if it receives SafeBuffer string *tenderlove*
* Make sure escape_js returns SafeBuffer string if it receives SafeBuffer string *Prem Sichanugrist*
* Fix escape_js to work correctly with the new SafeBuffer restriction *Paul Gallagher*
* Brought back alternative convention for namespaced models in i18n *thoefer*
Now the key can be either "namespace.model" or "namespace/model" until further deprecation.
* It is prohibited to perform a in-place SafeBuffer mutation *tenderlove*
The old behavior of SafeBuffer allowed you to mutate string in place via
method like `sub!`. These methods can add unsafe strings to a safe buffer,
and the safe buffer will continue to be marked as safe.
An example problem would be something like this:
<%= link_to('hello world', @user).sub!(/hello/, params[:xss]) %>
In the above example, an untrusted string (`params[:xss]`) is added to the
safe buffer returned by `link_to`, and the untrusted content is successfully
sent to the client without being escaped. To prevent this from happening
`sub!` and other similar methods will now raise an exception when they are called on a safe buffer.
In addition to the in-place versions, some of the versions of these methods which return a copy of the string will incorrectly mark strings as safe. For example:
<%= link_to('hello world', @user).sub(/hello/, params[:xss]) %>
The new versions will now ensure that *all* strings returned by these methods on safe buffers are marked unsafe.
You can read more about this change in http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2e516e7acc96c4fb
* Warn if we cannot verify CSRF token authenticity *Jos«± Valim*
* Allow AM/PM format in datetime selectors *Aditya Sanghi*
* Only show dump of regular env methods on exception screen (not all the rack crap) *DHH*
* auto_link has been removed with no replacement. If you still use auto_link
please install the rails_autolink gem:
http://github.com/tenderlove/rails_autolink
*tenderlove*
* Added streaming support, you can enable it with: *Jos«± Valim*
class PostsController < ActionController::Base
stream :only => :index
end
Please read the docs at `ActionController::Streaming` for more information.
* Added `ActionDispatch::Request.ignore_accept_header` to ignore accept headers and only consider the format given as parameter *Jos«± Valim*
* Created `ActionView::Renderer` and specified an API for `ActionView::Context`, check those objects for more information *Jos«± Valim*
* Added `ActionController::ParamsWrapper` to wrap parameters into a nested hash, and will be turned on for JSON request in new applications by default *Prem Sichanugrist*
This can be customized by setting `ActionController::Base.wrap_parameters` in `config/initializer/wrap_parameters.rb`
* RJS has been extracted out to a gem. *fxn*
* Implicit actions named not_implemented can be rendered. *Santiago Pastorino*
* Wildcard route will always match the optional format segment by default. *Prem Sichanugrist*
For example if you have this route:
map '*pages' => 'pages#show'
by requesting '/foo/bar.json', your `params[:pages]` will be equals to "foo/bar" with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `:format => false` like this:
map '*pages' => 'pages#show', :format => false
* Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call *DHH*
class PostsController < ApplicationController
USER_NAME, PASSWORD = "dhh", "secret"
before_filter :authenticate, :except => [ :index ]
def index
render :text => "Everyone can see me!"
end
def edit
render :text => "I'm only accessible if you know the password"
end
private
def authenticate
authenticate_or_request_with_http_basic do |user_name, password|
user_name == USER_NAME && password == PASSWORD
end
end
end
..can now be written as
class PostsController < ApplicationController
http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index
def index
render :text => "Everyone can see me!"
end
def edit
render :text => "I'm only accessible if you know the password"
end
end
* Allow you to add `force_ssl` into controller to force browser to transfer data via HTTPS protocol on that particular controller. You can also specify `:only` or `:except` to specific it to particular action. *DHH and Prem Sichanugrist*
* Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash *DHH*
form_for(@post, remote: true, method: :delete) instead of form_for(@post, remote: true, html: { method: :delete })
* Make JavaScriptHelper#j() an alias for JavaScriptHelper#escape_javascript() -- note this then supersedes the Object#j() method that the JSON gem adds within templates using the JavaScriptHelper *DHH*
* Sensitive query string parameters (specified in config.filter_parameters) will now be filtered out from the request paths in the log file. *Prem Sichanugrist, fxn*
* URL parameters which return false for to_param now appear in the query string (previously they were removed) *Andrew White*
* URL parameters which return nil for to_param are now removed from the query string *Andrew White*
* ActionDispatch::MiddlewareStack now uses composition over inheritance. It is
no longer an array which means there may be methods missing that were not
tested.
* Add an :authenticity_token option to form_tag for custom handling or to omit the token (pass :authenticity_token => false). *Jakub Ku«õma, Igor Wiedler*
* HTML5 button_tag helper. *Rizwan Reza*
* Template lookup now searches further up in the inheritance chain. *Artemave*
* Brought back config.action_view.cache_template_loading, which allows to decide whether templates should be cached or not. *Piotr Sarnacki*
* url_for and named url helpers now accept :subdomain and :domain as options, *Josh Kalderimis*
* The redirect route method now also accepts a hash of options which will only change the parts of the url in question, or an object which responds to call, allowing for redirects to be reused (check the documentation for examples). *Josh Kalderimis*
* Added config.action_controller.include_all_helpers. By default 'helper :all' is done in ActionController::Base, which includes all the helpers by default. Setting include_all_helpers to false will result in including only application_helper and helper corresponding to controller (like foo_helper for foo_controller). *Piotr Sarnacki*
* Added a convenience idiom to generate HTML5 data-* attributes in tag helpers from a :data hash of options:
tag("div", :data => {:name => 'Stephen', :city_state => %w(Chicago IL)})
# => <div data-name="Stephen" data-city-state="["Chicago","IL"]" />
Keys are dasherized. Values are JSON-encoded, except for strings and symbols. *Stephen Celis*
* Deprecate old template handler API. The new API simply requires a template handler to respond to call. *Jos«± Valim*
* :rhtml and :rxml were finally removed as template handlers. *Jos«± Valim*
* Moved etag responsibility from ActionDispatch::Response to the middleware stack. *Jos«± Valim*
* Rely on Rack::Session stores API for more compatibility across the Ruby world. This is backwards incompatible since Rack::Session expects #get_session to accept 4 arguments and requires #destroy_session instead of simply #destroy. *Jos«± Valim*
* file_field automatically adds :multipart => true to the enclosing form. *Santiago Pastorino*
* Renames csrf_meta_tag -> csrf_meta_tags, and aliases csrf_meta_tag for backwards compatibility. *fxn*
* Add Rack::Cache to the default stack. Create a Rails store that delegates to the Rails cache, so by default, whatever caching layer you are using will be used for HTTP caching. Note that Rack::Cache will be used if you use #expires_in, #fresh_when or #stale with :public => true. Otherwise, the caching rules will apply to the browser only. *Yehuda Katz, Carl Lerche*
