RubyGems - railties - Versions diffs - 8.0.0.rc1 → 8.0.0 - Mend

railties 8.0.0.rc1 → 8.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 48dcbad64d0cf8be785e5a5a80d210e4f0c77ab14abb4b623c3631607e304c0e
-  data.tar.gz: afe11b82be536134605bbd67230361f11d547108f3e6fc32c66462922038d9c4
+  metadata.gz: 98b996fe16bdc5403b3bc164f4020af94fdebd90ad6564e43a3da0c23ae5c074
+  data.tar.gz: 7f2e8333f29178df6e5d57362747d654fb8191b9243d1ad177d610b56e8e34db
 SHA512:
-  metadata.gz: 3467d3b3d227a967abf2aae1399900f6fdccba995e139e5d5efd9ba0eaa694e60909122de013fd8670d4c757fb5d294e3b4e8c257e50632c686e1155185521cc
-  data.tar.gz: 16972421f0101f97d3425a105507e886d5d588a48539ba6a4c32af7675281653268bd6b47df8a7370d5837b106f0a832bc35f54dcfdd1f5d12c1bb7408ba8dd1
+  metadata.gz: 4981c730953983dc395b6ba77ad9c3b9a9e81ba89e94b32614f6c46737da43092f650fd12eb23ecd62048b7ad9ec58118cfe5723ad02f38f443336ba67809f21
+  data.tar.gz: 93bda06707eebb1f93f6d9b3b97e70a297d87cb34e5efe6215803ea0e1178ec0ae82ccc090c158d651d5f970ad1c0bd7b1d3e8b6de000dfee8a79376d92159ed

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,19 @@
+## Rails 8.0.0 (November 07, 2024) ##
+*   No changes.
+## Rails 8.0.0.rc2 (October 30, 2024) ##
+*   Fix incorrect database.yml with `skip_solid`.
+    *Joé Dupuis*
+*   Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks.
+    *Rafael Mendonça França*
 ## Rails 8.0.0.rc1 (October 19, 2024) ##
 *   Remove deprecated support to extend Rails console through `Rails::ConsoleMethods`.

data/lib/rails/application/configuration.rb CHANGED Viewed

@@ -344,6 +344,8 @@ module Rails
           if respond_to?(:action_dispatch)
             action_dispatch.strict_freshness = true
           end
+          Regexp.timeout ||= 1
         else
           raise "Unknown version #{target_version.to_s.inspect}"
         end

data/lib/rails/application/routes_reloader.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module Rails
       attr_reader :route_sets, :paths, :external_routes, :loaded
       attr_accessor :eager_load
       attr_writer :run_after_load_paths # :nodoc:
-      delegate :execute_if_updated, :execute, :updated?, to: :updater
+      delegate :execute_if_updated, :updated?, to: :updater
       def initialize
         @paths      = []
@@ -21,7 +21,6 @@ module Rails
       end
       def reload!
-        @loaded = true
         clear!
         load_paths
         finalize!
@@ -30,6 +29,11 @@ module Rails
         revert
       end
+      def execute
+        @loaded = true
+        updater.execute
+      end
       def execute_unless_loaded
         unless @loaded
           execute

data/lib/rails/backtrace_cleaner.rb CHANGED Viewed

@@ -5,7 +5,7 @@ require "active_support/core_ext/string/access"
 module Rails
   class BacktraceCleaner < ActiveSupport::BacktraceCleaner # :nodoc:
-    APP_DIRS_PATTERN = /\A(?:\.\/)?(?:app|config|lib|test|\(\w*\))/
+    APP_DIRS_PATTERN = /\A(?:\.\/)?(?:app|config|lib|test|\(\w+(?:-\w+)*\))/
     RENDER_TEMPLATE_PATTERN = /:in [`'].*_\w+_{2,3}\d+_\d+'/
     def initialize
@@ -27,14 +27,14 @@ module Rails
     end
     def clean(backtrace, kind = :silent)
-      kind = nil if ENV["BACKTRACE"]
+      return backtrace if ENV["BACKTRACE"]
       super(backtrace, kind)
     end
     alias_method :filter, :clean
     def clean_frame(frame, kind = :silent)
-      kind = nil if ENV["BACKTRACE"]
+      return frame if ENV["BACKTRACE"]
       super(frame, kind)
     end

data/lib/rails/gem_version.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module Rails
     MAJOR = 8
     MINOR = 0
     TINY  = 0
-    PRE   = "rc1"
+    PRE   = nil
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/rails/generators/actions.rb CHANGED Viewed

@@ -516,9 +516,9 @@ module Rails
         def route_namespace_pattern(namespace)
           namespace.each_with_index.reverse_each.reduce(nil) do |pattern, (name, i)|
-            cummulative_margin = "\\#{i + 1}[ ]{2}"
-            blank_or_indented_line = "^[ ]*\n|^#{cummulative_margin}.*\n"
-            "(?:(?:#{blank_or_indented_line})*?^(#{cummulative_margin})namespace :#{name} do\n#{pattern})?"
+            cumulative_margin = "\\#{i + 1}[ ]{2}"
+            blank_or_indented_line = "^[ ]*\n|^#{cumulative_margin}.*\n"
+            "(?:(?:#{blank_or_indented_line})*?^(#{cumulative_margin})namespace :#{name} do\n#{pattern})?"
           end.then do |pattern|
             /^([ ]*).+\.routes\.draw do[ ]*\n#{pattern}/
           end

data/lib/rails/generators/app_base.rb CHANGED Viewed

@@ -110,7 +110,7 @@ module Rails
                                            desc: "Skip Kamal setup"
         class_option :skip_solid,          type: :boolean, default: nil,
-                                           desc: "Skip Solid Cache & Queue setup"
+                                           desc: "Skip Solid Cache, Queue, and Cable setup"
         class_option :dev,                 type: :boolean, default: nil,
                                            desc: "Set up the #{name} with Gemfile pointing to your Rails checkout"

data/lib/rails/generators/rails/app/app_generator.rb CHANGED Viewed

@@ -271,7 +271,8 @@ module Rails
         active_storage: !options[:skip_active_storage],
         dev: options[:dev],
         node: using_node?,
-        app_name: app_name
+        app_name: app_name,
+        skip_solid: options[:skip_solid]
       }
       Rails::Generators::DevcontainerGenerator.new([], devcontainer_options).invoke_all

data/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_8_0.rb.tt CHANGED Viewed

@@ -23,3 +23,8 @@
 # If set to `false` both conditions need to be satisfied.
 #++
 # Rails.application.config.action_dispatch.strict_freshness = true
+###
+# Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks.
+#++
+# Regexp.timeout = 1

data/lib/rails/generators/rails/app/templates/github/ci.yml.tt CHANGED Viewed

@@ -131,6 +131,7 @@ jobs:
         <%- else -%>
         run: bin/rails db:test:prepare test test:system
         <%- end -%>
+      <%- unless options[:api] -%>
       - name: Keep screenshots from failed system tests
         uses: actions/upload-artifact@v4
@@ -139,4 +140,5 @@ jobs:
           name: screenshots
           path: ${{ github.workspace }}/tmp/screenshots
           if-no-files-found: ignore
+      <%- end -%>
 <% end -%>

data/lib/rails/generators/rails/authentication/authentication_generator.rb CHANGED Viewed

@@ -19,6 +19,8 @@ module Rails
         template "app/controllers/concerns/authentication.rb"
         template "app/controllers/passwords_controller.rb"
+        template "app/channels/application_cable/connection.rb" if defined?(ActionCable::Engine)
         template "app/mailers/passwords_mailer.rb"
         template "app/views/passwords_mailer/reset.html.erb"

data/lib/rails/generators/rails/authentication/templates/app/channels/application_cable/connection.rb.tt ADDED Viewed

@@ -0,0 +1,16 @@
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+    identified_by :current_user
+    def connect
+      set_current_user || reject_unauthorized_connection
+    end
+    private
+      def set_current_user
+        if session = Session.find_by(id: cookies.signed[:session_id])
+          self.current_user = session.user
+        end
+      end
+  end
+end

data/lib/rails/generators/rails/authentication/templates/app/controllers/concerns/authentication.rb.tt CHANGED Viewed

@@ -33,7 +33,7 @@ module Authentication
     def request_authentication
       session[:return_to_after_authenticating] = request.url
-      redirect_to new_session_url
+      redirect_to new_session_path
     end
     def after_authentication_url

data/lib/rails/generators/rails/authentication/templates/app/controllers/passwords_controller.rb.tt CHANGED Viewed

@@ -10,7 +10,7 @@ class PasswordsController < ApplicationController
       PasswordsMailer.reset(user).deliver_later
     end
-    redirect_to new_session_url, notice: "Password reset instructions sent (if user with that email address exists)."
+    redirect_to new_session_path, notice: "Password reset instructions sent (if user with that email address exists)."
   end
   def edit
@@ -18,9 +18,9 @@ class PasswordsController < ApplicationController
   def update
     if @user.update(params.permit(:password, :password_confirmation))
-      redirect_to new_session_url, notice: "Password has been reset."
+      redirect_to new_session_path, notice: "Password has been reset."
     else
-      redirect_to edit_password_url(params[:token]), alert: "Passwords did not match."
+      redirect_to edit_password_path(params[:token]), alert: "Passwords did not match."
     end
   end
@@ -28,6 +28,6 @@ class PasswordsController < ApplicationController
     def set_user_by_token
       @user = User.find_by_password_reset_token!(params[:token])
     rescue ActiveSupport::MessageVerifier::InvalidSignature
-      redirect_to new_password_url, alert: "Password reset link is invalid or has expired."
+      redirect_to new_password_path, alert: "Password reset link is invalid or has expired."
     end
 end

data/lib/rails/generators/rails/authentication/templates/app/controllers/sessions_controller.rb.tt CHANGED Viewed

@@ -10,12 +10,12 @@ class SessionsController < ApplicationController
       start_new_session_for user
       redirect_to after_authentication_url
     else
-      redirect_to new_session_url, alert: "Try another email address or password."
+      redirect_to new_session_path, alert: "Try another email address or password."
     end
   end
   def destroy
     terminate_session
-    redirect_to new_session_url
+    redirect_to new_session_path
   end
 end

data/lib/rails/generators/rails/devcontainer/devcontainer_generator.rb CHANGED Viewed

@@ -29,6 +29,9 @@ module Rails
       class_option :kamal, type: :boolean, default: true,
                     desc: "Include configuration for Kamal"
+      class_option :skip_solid, type: :boolean, default: nil,
+                    desc: "Skip Solid Cache, Queue, and Cable setup"
       source_paths << File.expand_path(File.join(base_name, "app", "templates"), base_root)
       def create_devcontainer

data/lib/rails/generators/rails/devcontainer/templates/devcontainer/devcontainer.json.tt CHANGED Viewed

@@ -1,5 +1,5 @@
-// For format details, see https://aka.ms/devcontainer.json. For config options, see the
-// README at: https://github.com/devcontainers/templates/tree/main/src/ruby
+// For format details, see https://containers.dev/implementors/json_reference/.
+// For config options, see the README at: https://github.com/devcontainers/templates/tree/main/src/ruby
 {
   "name": "<%= options[:app_name] %>",
   "dockerComposeFile": "compose.yaml",
@@ -23,7 +23,7 @@
   // Configure tool-specific properties.
   // "customizations": {},
-  // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+  // Uncomment to connect as root instead. More info: https://containers.dev/implementors/json_reference/#remoteUser.
   // "remoteUser": "root",
 <%- if !mounts.empty? -%>

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: railties
 version: !ruby/object:Gem::Version
-  version: 8.0.0.rc1
+  version: 8.0.0
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-10-19 00:00:00.000000000 Z
+date: 2024-11-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 8.0.0.rc1
+        version: 8.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 8.0.0.rc1
+        version: 8.0.0
 - !ruby/object:Gem::Dependency
   name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 8.0.0.rc1
+        version: 8.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 8.0.0.rc1
+        version: 8.0.0
 - !ruby/object:Gem::Dependency
   name: rackup
   requirement: !ruby/object:Gem::Requirement
@@ -120,14 +120,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 8.0.0.rc1
+        version: 8.0.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 8.0.0.rc1
+        version: 8.0.0
 description: 'Rails internals: application bootup, plugins, generators, and rake tasks.'
 email: david@loudthinking.com
 executables:
@@ -318,6 +318,7 @@ files:
 - lib/rails/generators/rails/application_record/application_record_generator.rb
 - lib/rails/generators/rails/authentication/USAGE
 - lib/rails/generators/rails/authentication/authentication_generator.rb
+- lib/rails/generators/rails/authentication/templates/app/channels/application_cable/connection.rb.tt
 - lib/rails/generators/rails/authentication/templates/app/controllers/concerns/authentication.rb.tt
 - lib/rails/generators/rails/authentication/templates/app/controllers/passwords_controller.rb.tt
 - lib/rails/generators/rails/authentication/templates/app/controllers/sessions_controller.rb.tt
@@ -490,10 +491,10 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v8.0.0.rc1/railties/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v8.0.0.rc1/
+  changelog_uri: https://github.com/rails/rails/blob/v8.0.0/railties/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v8.0.0/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v8.0.0.rc1/railties
+  source_code_uri: https://github.com/rails/rails/tree/v8.0.0/railties
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options:
@@ -512,7 +513,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.16
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Tools for creating, working with, and running Rails applications.