activestorage 7.0.8.1 → 7.1.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c56e609f79f82fe5a2a9ccfebd3e695d741d2dce0b2a32cff2f1c4d2a3eab038
-  data.tar.gz: 9f1aa7c41de488d6be28acb49af7636571b3d482b28b244b762cedb07c1d814a
+  metadata.gz: c89b7d956e16b4ca848737433bae254a2984dc68ca27524074002faedf85075b
+  data.tar.gz: f91ba06642aad7480bf12848d90ba6d777231bbb7ce62e80e432e5d6e2471b35
 SHA512:
-  metadata.gz: 1826cabe8f8ebb1c72b82b39746b95ff10fb71fedbdfaf59c7adba445029c4062b69d13367d79d0b7521d7cc294d4bb4e97077470cc7f88a23aab7100b2ac3e9
-  data.tar.gz: a8550c67c260bd2b0ad1c0b2178f867f81a41be32e6cd3f140226c68677e4170c583f8c276b79cecc1f65813f80f84283b822e96b75e2e5237251337d9f72720
+  metadata.gz: aa2a037df3fd0e4a73f5a2482b7baccb91a4c960f742b463ffe6b1c711db61f465668ed4d6ffd817035e8731973b2a95aa4ddbc786850521f262cb9ce8d30b6c
+  data.tar.gz: e4a0004214d00be2aadd62cdc79d538ae94982978a1356f8e7ddaf109e502bc52a25571120524663071c02f200a6537bd74c48dfe5447deccfa47c61360be0bf

data/CHANGELOG.md

@@ -1,414 +1,321 @@
-## Rails 7.0.8.1 (February 21, 2024) ##
-
-*   Disables the session in `ActiveStorage::Blobs::ProxyController`
-    and `ActiveStorage::Representations::ProxyController`
-    in order to allow caching by default in some CDNs as CloudFlare
-
-    Fixes #44136
-
-    *Bruno Prieto*
-
-## Rails 7.0.8 (September 09, 2023) ##
-
-*   No changes.
-
-
-## Rails 7.0.7.2 (August 22, 2023) ##
-
-*   No changes.
-
-
-## Rails 7.0.7.1 (August 22, 2023) ##
+## Rails 7.1.3.2 (February 21, 2024) ##
 
 *   No changes.
 
 
-## Rails 7.0.7 (August 09, 2023) ##
+## Rails 7.1.3.1 (February 21, 2024) ##
 
 *   No changes.
 
 
-## Rails 7.0.6 (June 29, 2023) ##
-
-*   Fix retrieving rotation value from FFmpeg on version 5.0+.
-
-    In FFmpeg version 5.0+ the rotation value has been removed from tags.
-    Instead the value can be found in side_data_list. Along with
-    this update it's possible to have values of -90, -270 to denote the video
-    has been rotated.
-
-    *Haroon Ahmed*
-
+## Rails 7.1.3 (January 16, 2024) ##
 
-## Rails 7.0.5.1 (June 26, 2023) ##
+*   Fix N+1 query when fetching preview images for non-image assets.
 
-*   No changes.
+    *Aaron Patterson & Justin Searls*
 
+*   Fix all Active Storage database related models to respect
+    `ActiveRecord::Base.table_name_prefix` configuration.
 
-## Rails 7.0.5 (May 24, 2023) ##
-
-*   No changes.
+    *Chedli Bourguiba*
 
+*   Fix `ActiveStorage::Representations::ProxyController` not returning the proper
+    preview image variant for previewable files.
 
-## Rails 7.0.4.3 (March 13, 2023) ##
+    *Chedli Bourguiba*
 
-*   No changes.
+*   Fix `ActiveStorage::Representations::ProxyController` to proxy untracked
+    variants.
 
+    *Chedli Bourguiba*
 
-## Rails 7.0.4.2 (January 24, 2023) ##
+*   Fix direct upload forms when submit button contains nested elements.
 
-*   No changes.
+    *Marc Köhlbrugge*
 
+*   When using the `preprocessed: true` option, avoid enqueuing transform jobs
+    for blobs that are not representable.
 
-## Rails 7.0.4.1 (January 17, 2023) ##
+    *Chedli Bourguiba*
 
-*   No changes.
+*   Process preview image variant when calling `ActiveStorage::Preview#processed`.
+    For example, `attached_pdf.preview(:thumb).processed` will now immediately
+    generate the full-sized preview image and the `:thumb` variant of it.
+    Previously, the `:thumb` variant would not be generated until a further call
+    to e.g. `processed.url`.
 
+    *Chedli Bourguiba* and *Jonathan Hefner*
 
-## Rails 7.0.4 (September 09, 2022) ##
+*   Prevent `ActiveRecord::StrictLoadingViolationError` when strict loading is
+    enabled and the variant of an Active Storage preview has already been
+    processed (for example, by calling `ActiveStorage::Preview#url`).
 
-*   Fixes proxy downloads of files over 5MiB
+    *Jonathan Hefner*
 
-    Previously, trying to view and/or download files larger than 5mb stored in
-    services like S3 via proxy mode could return corrupted files at around
-    5.2mb or cause random halts in the download. Now,
-    `ActiveStorage::Blobs::ProxyController` correctly handles streaming these
-    larger files from the service to the client without any issues.
+*   Fix `preprocessed: true` option for named variants of previewable files.
 
-    Fixes #44679
+    *Nico Wenterodt*
 
-    *Felipe Raul*
 
-## Rails 7.0.3.1 (July 12, 2022) ##
+## Rails 7.1.2 (November 10, 2023) ##
 
 *   No changes.
 
 
-## Rails 7.0.3 (May 09, 2022) ##
-
-*   Don't stream responses in redirect mode
-
-    Previously, both redirect mode and proxy mode streamed their
-    responses which caused a new thread to be created, and could end
-    up leaking connections in the connection pool. But since redirect
-    mode doesn't actually send any data, it doesn't need to be
-    streamed.
-
-    *Luke Lau*
-
-## Rails 7.0.2.4 (April 26, 2022) ##
+## Rails 7.1.1 (October 11, 2023) ##
 
 *   No changes.
 
 
-## Rails 7.0.2.3 (March 08, 2022) ##
-
-*   Added image transformation validation via configurable allow-list.
-
-    Variant now offers a configurable allow-list for
-    transformation methods in addition to a configurable deny-list for arguments.
-
-    [CVE-2022-21831]
-
-
-## Rails 7.0.2.2 (February 11, 2022) ##
-
-*   No changes.
-
-## Rails 7.0.2.1 (February 11, 2022) ##
+## Rails 7.1.0 (October 05, 2023) ##
 
 *   No changes.
 
 
-## Rails 7.0.2 (February 08, 2022) ##
-
-*   Revert the ability to pass `service_name` param to `DirectUploadsController` which was introduced
-    in 7.0.0.
-
-    That change caused a lot of problems to upgrade Rails applications so we decided to remove it
-    while in work in a more backwards compatible implementation.
-
-    *Gannon McGibbon*
-
-*   Allow applications to opt out of precompiling Active Storage JavaScript assets.
-
-    *jlestavel*
-
-
-## Rails 7.0.1 (January 06, 2022) ##
+## Rails 7.1.0.rc2 (October 01, 2023) ##
 
 *   No changes.
 
 
-## Rails 7.0.0 (December 15, 2021) ##
+## Rails 7.1.0.rc1 (September 27, 2023) ##
 
-*   Support transforming empty-ish `has_many_attached` value into `[]` (e.g. `[""]`).
+*   Add `expires_at` option to `ActiveStorage::Blob#signed_id`.
 
     ```ruby
-    @user.highlights = [""]
-    @user.highlights # => []
+    rails_blob_path(user.avatar, disposition: "attachment", expires_at: 30.minutes.from_now)
+    <%= image_tag rails_blob_path(user.avatar.variant(resize: "100x100"), expires_at: 30.minutes.from_now) %>
     ```
 
-    *Sean Doyle*
-
-
-## Rails 7.0.0.rc3 (December 14, 2021) ##
-
-*   No changes.
-
-
-## Rails 7.0.0.rc2 (December 14, 2021) ##
-
-*   No changes.
+    *Aki*
 
-## Rails 7.0.0.rc1 (December 06, 2021) ##
+*   Allow attaching File and Pathname when assigning attributes, e.g.
 
-*   `Add ActiveStorage::Blob.compose` to concatenate multiple blobs.
-
-    *Gannon McGibbon*
-
-*   Setting custom metadata on blobs are now persisted to remote storage.
-
-    *joshuamsager*
-
-*   Support direct uploads to multiple services.
+    ```ruby
+    User.create!(avatar: File.open("image.jpg"))
+    User.create!(avatar: file_fixture("image.jpg"))
+    ```
 
-    *Dmitry Tsepelev*
+    *Dorian Marié*
 
-*   Invalid default content types are deprecated
 
-    Blobs created with content_type `image/jpg`, `image/pjpeg`, `image/bmp`, `text/javascript` will now produce
-    a deprecation warning, since these are not valid content types.
+## Rails 7.1.0.beta1 (September 13, 2023) ##
 
-    These content types will be removed from the defaults in Rails 7.1.
+*   Disables the session in `ActiveStorage::Blobs::ProxyController`
+    and `ActiveStorage::Representations::ProxyController`
+    in order to allow caching by default in some CDNs as CloudFlare
 
-    You can set `config.active_storage.silence_invalid_content_types_warning = true` to dismiss the warning.
+    Fixes #44136
 
-    *Alex Ghiculescu*
+    *Bruno Prieto*
 
-## Rails 7.0.0.alpha2 (September 15, 2021) ##
+*   Add `tags` to `ActiveStorage::Analyzer::AudioAnalyzer` output
 
-*   No changes.
+    *Keaton Roux*
 
+*   Add an option to preprocess variants
 
-## Rails 7.0.0.alpha1 (September 15, 2021) ##
+    ActiveStorage variants are processed on the fly when they are needed but
+    sometimes we're sure that they are accessed and want to processed them
+    upfront.
 
-*   Emit Active Support instrumentation events from Active Storage analyzers.
+    `preprocessed` option is added when declaring variants.
 
-    Fixes #42930
+    ```
+    class User < ApplicationRecord
+      has_one_attached :avatar do |attachable|
+        attachable.variant :thumb, resize_to_limit: [100, 100], preprocessed: true
+      end
+    end
+    ```
 
     *Shouichi Kamiya*
 
-*   Add support for byte range requests
-
-    *Tom Prats*
-
-*   Attachments can be deleted after their association is no longer defined.
-
-    Fixes #42514
+*   Fix variants not included when eager loading multiple records containing a single attachment
 
-    *Don Sisco*
+    When using the `with_attached_#{name}` scope for a `has_one_attached` relation,
+    attachment variants were not eagerly loaded.
 
-*   Make `vips` the default variant processor for new apps.
+    *Russell Porter*
 
-    See the upgrade guide for instructions on converting from `mini_magick` to `vips`. `mini_magick` is
-    not deprecated, existing apps can keep using it.
+*   Allow an ActiveStorage attachment to be removed via a form post
 
-    *Breno Gazzola*
+    Attachments can already be removed by updating the attachment to be nil such as:
+    ```ruby
+    User.find(params[:id]).update!(avatar: nil)
+    ```
 
-*   Deprecate `ActiveStorage::Current.host` in favor of `ActiveStorage::Current.url_options` which accepts
-    a host, protocol and port.
+    However, a form cannot post a nil param, it can only post an empty string. But, posting an
+    empty string would result in an `ActiveSupport::MessageVerifier::InvalidSignature: mismatched digest`
+    error being raised, because it's being treated as a signed blob id.
 
-    *Santiago Bartesaghi*
-
-*   Allow using [IAM](https://cloud.google.com/storage/docs/access-control/signed-urls) when signing URLs with GCS.
+    Now, nil and an empty string are treated as a delete, which allows attachments to be removed via:
+    ```ruby
+    User.find(params[:id]).update!(params.require(:user).permit(:avatar))
 
-    ```yaml
-    gcs:
-      service: GCS
-      ...
-      iam: true
     ```
 
-    *RRethy*
+    *Nate Matykiewicz*
 
-*   OpenSSL constants are now used for Digest computations.
+*   Remove mini_mime usage in favour of marcel.
 
-    *Dirkjan Bussink*
+    We have two libraries that are have similar usage. This change removes
+    dependency on mini_mime and makes use of similar methods from marcel.
 
-*   Deprecate `config.active_storage.replace_on_assign_to_many`. Future versions of Rails
-    will behave the same way as when the config is set to `true`.
+    *Vipul A M*
 
-    *Santiago Bartesaghi*
-
-*   Remove deprecated methods: `build_after_upload`, `create_after_upload!` in favor of `create_and_upload!`,
-    and `service_url` in favor of `url`.
+*   Allow destroying active storage variants
 
-    *Santiago Bartesaghi*
-
-*   Add support of `strict_loading_by_default` to `ActiveStorage::Representations` controllers.
+    ```ruby
+    User.first.avatar.variant(resize_to_limit: [100, 100]).destroy
+    ```
 
-    *Anton Topchii*, *Andrew White*
+    *Shouichi Kamiya*, *Yuichiro NAKAGAWA*, *Ryohei UEDA*
 
-*   Allow to detach an attachment when record is not persisted.
+*   Add `sample_rate` to `ActiveStorage::Analyzer::AudioAnalyzer` output
 
-    *Jacopo Beschi*
+    *Matija Čupić*
 
-*   Use libvips instead of ImageMagick to analyze images when `active_storage.variant_processor = vips`.
+*   Remove deprecated `purge` and `purge_later` methods from the attachments association.
 
-    *Breno Gazzola*
+    *Rafael Mendonça França*
 
-*   Add metadata value for presence of video channel in video blobs.
+*   Remove deprecated behavior when assigning to a collection of attachments.
 
-    The `metadata` attribute of video blobs has a new boolean key named `video` that is set to
-    `true` if the file has an video channel and `false` if it doesn't.
+    Instead of appending to the collection, the collection is now replaced.
 
-    *Breno Gazzola*
+    *Rafael Mendonça França*
 
-*   Deprecate usage of `purge` and `purge_later` from the association extension.
+*   Remove deprecated `ActiveStorage::Current#host` and `ActiveStorage::Current#host=` methods.
 
-    *Jacopo Beschi*
+    *Rafael Mendonça França*
 
-*   Passing extra parameters in `ActiveStorage::Blob#url` to S3 Client.
+*   Remove deprecated invalid default content types in Active Storage configurations.
 
-    This allows calls of `ActiveStorage::Blob#url` to have more interaction with
-    the S3 Presigner, enabling, amongst other options, custom S3 domain URL
-    Generation.
+    *Rafael Mendonça França*
 
-    ```ruby
-    blob = ActiveStorage::Blob.last
+*   Add missing preview event to `ActiveStorage::LogSubscriber`
 
-    blob.url # => https://<bucket-name>.s3.<region>.amazonaws.com/<key>
-    blob.url(virtual_host: true) # => # => https://<bucket-name>/<key>
-    ```
+    A `preview` event is being instrumented in `ActiveStorage::Previewer`.
+    However it was not added inside ActiveStorage's LogSubscriber class.
 
-    *josegomezr*
+    This will allow to have logs for when a preview happens
+    in the same fashion as all other ActiveStorage events such as
+    `upload` and `download` inside `Rails.logger`.
 
-*   Allow setting a `Cache-Control` on files uploaded to GCS.
+    *Chedli Bourguiba*
 
-    ```yaml
-    gcs:
-      service: GCS
-      ...
-      cache_control: "public, max-age=3600"
-    ```
+*   Fix retrieving rotation value from FFmpeg on version 5.0+.
 
-    *maleblond*
+    In FFmpeg version 5.0+ the rotation value has been removed from tags.
+    Instead the value can be found in side_data_list. Along with
+    this update it's possible to have values of -90, -270 to denote the video
+    has been rotated.
 
-*   The parameters sent to `ffmpeg` for generating a video preview image are now
-    configurable under `config.active_storage.video_preview_arguments`.
+    *Haroon Ahmed*
 
-    *Brendon Muir*
+*   Touch all corresponding model records after ActiveStorage::Blob is analyzed
 
-*   The ActiveStorage video previewer will now use scene change detection to generate
-    better preview images (rather than the previous default of using the first frame
-    of the video). This change requires FFmpeg v3.4+.
+    This fixes a race condition where a record can be requested and have a cache entry built, before
+    the initial `analyze_later` completes, which will not be invalidated until something else
+    updates the record. This also invalidates cache entries when a blob is re-analyzed, which
+    is helpful if a bug is fixed in an analyzer or a new analyzer is added.
 
-    *Jonathan Hefner*
+    *Nate Matykiewicz*
 
-*   Add support for ActiveStorage expiring URLs.
+*   Add ability to use pre-defined variants when calling `preview` or
+    `representation` on an attachment.
 
     ```ruby
-    rails_blob_path(user.avatar, disposition: "attachment", expires_in: 30.minutes)
+    class User < ActiveRecord::Base
+      has_one_attached :file do |attachable|
+        attachable.variant :thumb, resize_to_limit: [100, 100]
+      end
+    end
 
-    <%= image_tag rails_blob_path(user.avatar.variant(resize: "100x100"), expires_in: 30.minutes) %>
+    <%= image_tag user.file.representation(:thumb) %>
     ```
 
-    If you want to set default expiration time for ActiveStorage URLs throughout your application, set `config.active_storage.urls_expire_in`.
-
-    *aki77*
+    *Richard Böhme*
 
-*   Allow to purge an attachment when record is not persisted for `has_many_attached`.
+*   Method `attach` always returns the attachments except when the record
+    is persisted, unchanged, and saving it fails, in which case it returns `nil`.
 
-    *Jacopo Beschi*
-
-*   Add `with_all_variant_records` method to eager load all variant records on an attachment at once.
-    `with_attached_image` scope now eager loads variant records if using variant tracking.
-
-    *Alex Ghiculescu*
-
-*   Add metadata value for presence of audio channel in video blobs.
-
-    The `metadata` attribute of video blobs has a new boolean key named `audio` that is set to
-    `true` if the file has an audio channel and `false` if it doesn't.
-
-    *Breno Gazzola*
-
-*   Adds analyzer for audio files.
-
-    *Breno Gazzola*
-
-*   Respect Active Record's primary_key_type in Active Storage migrations.
-
-    *fatkodima*
+    *Santiago Bartesaghi*
 
-*   Allow `expires_in` for ActiveStorage signed ids.
+*   Fixes multiple `attach` calls within transaction not uploading files correctly.
 
-    *aki77*
+    In the following example, the code failed to upload all but the last file to the configured service.
+    ```ruby
+    ActiveRecord::Base.transaction do
+      user.attachments.attach({
+        content_type: "text/plain",
+        filename: "dummy.txt",
+        io: ::StringIO.new("dummy"),
+      })
+      user.attachments.attach({
+        content_type: "text/plain",
+        filename: "dummy2.txt",
+        io: ::StringIO.new("dummy2"),
+      })
+    end
 
-*   Allow to purge an attachment when record is not persisted for `has_one_attached`.
+    assert_equal 2, user.attachments.count
+    assert user.attachments.first.service.exist?(user.attachments.first.key)  # Fails
+    ```
 
-    *Jacopo Beschi*
+    This was addressed by keeping track of the subchanges pending upload, and uploading them
+    once the transaction is committed.
 
-*   Add a load hook called `active_storage_variant_record` (providing `ActiveStorage::VariantRecord`)
-    to allow for overriding aspects of the `ActiveStorage::VariantRecord` class. This makes
-    `ActiveStorage::VariantRecord` consistent with `ActiveStorage::Blob` and `ActiveStorage::Attachment`
-    that already have load hooks.
+    Fixes #41661
 
-    *Brendon Muir*
+    *Santiago Bartesaghi*, *Bruno Vezoli*, *Juan Roig*, *Abhay Nikam*
 
-*   `ActiveStorage::PreviewError` is raised when a previewer is unable to generate a preview image.
+*   Raise an exception if `config.active_storage.service` is not set.
 
-    *Alex Robbin*
+    If Active Storage is configured and `config.active_storage.service` is not
+    set in the respective environment's configuration file, then an exception
+    is raised with a meaningful message when attempting to use Active Storage.
 
-*   Add `ActiveStorage::Streaming` module that can be included in a controller to get access to `#send_blob_stream`,
-    which wraps the new `ActionController::Base#send_stream` method to stream a blob from cloud storage:
+    *Ghouse Mohamed*
 
-    ```ruby
-    class MyPublicBlobsController < ApplicationController
-      include ActiveStorage::SetBlob, ActiveStorage::Streaming
+*   Fixes proxy downloads of files over 5mb
 
-      def show
-        http_cache_forever(public: true) do
-          send_blob_stream @blob, disposition: params[:disposition]
-        end
-      end
-    end
-    ```
+    Previously, trying to view and/or download files larger than 5mb stored in
+    services like S3 via proxy mode could return corrupted files at around
+    5.2mb or cause random halts in the download. Now,
+    `ActiveStorage::Blobs::ProxyController` correctly handles streaming these
+    larger files from the service to the client without any issues.
 
-    *DHH*
+    Fixes #44679
 
-*   Add ability to use pre-defined variants.
+    *Felipe Raul*
 
-    ```ruby
-    class User < ActiveRecord::Base
-      has_one_attached :avatar do |attachable|
-        attachable.variant :thumb, resize: "100x100"
-        attachable.variant :medium, resize: "300x300", monochrome: true
-      end
-    end
+*   Saving attachment(s) to a record returns the blob/blobs object
 
-    class Gallery < ActiveRecord::Base
-      has_many_attached :photos do |attachable|
-        attachable.variant :thumb, resize: "100x100"
-        attachable.variant :medium, resize: "300x300", monochrome: true
-      end
-    end
+    Previously, saving attachments did not return the blob/blobs that
+    were attached. Now, saving attachments to a record with `#attach`
+    method returns the blob or array of blobs that were attached to
+    the record. If it fails to save the attachment(s), then it returns
+    `false`.
 
-    <%= image_tag user.avatar.variant(:thumb) %>
-    ```
+    *Ghouse Mohamed*
 
-    *fatkodima*
+*   Don't stream responses in redirect mode
 
-*   After setting `config.active_storage.resolve_model_to_route = :rails_storage_proxy`
-    `rails_blob_path` and `rails_representation_path` will generate proxy URLs by default.
+    Previously, both redirect mode and proxy mode streamed their
+    responses which caused a new thread to be created, and could end
+    up leaking connections in the connection pool. But since redirect
+    mode doesn't actually send any data, it doesn't need to be
+    streamed.
 
-    *Ali Ismayilov*
+    *Luke Lau*
 
-*   Declare `ActiveStorage::FixtureSet` and `ActiveStorage::FixtureSet.blob` to
-    improve fixture integration.
+*   Safe for direct upload on Libraries or Frameworks
 
-    *Sean Doyle*
+    Enable the use of custom headers during direct uploads, which allows for
+    the inclusion of Authorization bearer tokens or other forms of authorization
+    tokens through headers.
 
+    *Radamés Roriz*
 
-Please check [6-1-stable](https://github.com/rails/rails/blob/6-1-stable/activestorage/CHANGELOG.md) for previous changes.
+Please check [7-0-stable](https://github.com/rails/rails/blob/7-0-stable/activestorage/CHANGELOG.md) for previous changes.

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2017-2022 David Heinemeier Hansson, Basecamp
+Copyright (c) David Heinemeier Hansson, 37signals LLC
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the