railties 8.0.2 → 8.1.0.beta1

data/lib/rails/commands/console/irb_console.rb

@@ -87,12 +87,13 @@ module Rails
 
         env = colorized_env
         prompt_prefix = "%N(#{env})"
-        IRB.conf[:IRB_NAME] = @app.name
+        # Respect user's configured irb name.
+        IRB.conf[:IRB_NAME] = @app.name if IRB.conf[:IRB_NAME] == "irb"
 
         IRB.conf[:PROMPT][:RAILS_PROMPT] = {
-          PROMPT_I: "#{prompt_prefix}> ",
-          PROMPT_S: "#{prompt_prefix}%l ",
-          PROMPT_C: "#{prompt_prefix}* ",
+          PROMPT_I: "#{prompt_prefix}:%03n> ",
+          PROMPT_S: "#{prompt_prefix}:%03n%l ",
+          PROMPT_C: "#{prompt_prefix}:%03n* ",
           RETURN: "=> %s\n"
         }
 
@@ -121,7 +122,7 @@ module Rails
         when "production"
           IRB::Color.colorize("prod", [:RED])
         else
-          Rails.env
+          IRB::Color.colorize(Rails.env, [:MAGENTA])
         end
       end
     end

data/lib/rails/commands/credentials/credentials_command.rb

@@ -35,7 +35,7 @@ module Rails
       def show
         load_environment_config!
 
-        say credentials.read.presence || missing_credentials_message
+        say credentials.read.presence || missing_credentials!
       end
 
       desc "diff", "Enroll/disenroll in decrypted diffs of credentials using git"
@@ -57,6 +57,26 @@ module Rails
         say credentials.content_path.read
       end
 
+      desc "fetch PATH", "Fetch a value in the decrypted credentials"
+      def fetch(path)
+        load_environment_config!
+
+        if (yaml = credentials.read)
+          begin
+            value = YAML.load(yaml)
+            value = path.split(".").inject(value) do |doc, key|
+              doc.fetch(key)
+            end
+            say value.to_s
+          rescue KeyError, NoMethodError
+            say_error "Invalid or missing credential path: #{path}"
+            exit 1
+          end
+        else
+          missing_credentials!
+        end
+      end
+
       private
         def config
           Rails.application.config.credentials
@@ -81,7 +101,6 @@ module Rails
 
           encryption_key_file_generator = Rails::Generators::EncryptionKeyFileGenerator.new
           encryption_key_file_generator.add_key_file(key_path)
-          encryption_key_file_generator.ignore_key_file(key_path)
         end
 
         def ensure_credentials_have_been_added
@@ -115,12 +134,13 @@ module Rails
           say "Your application will not be able to load '#{content_path}' until the error has been fixed.", :red
         end
 
-        def missing_credentials_message
+        def missing_credentials!
           if !credentials.key?
-            "Missing '#{key_path}' to decrypt credentials. See `#{executable(:help)}`."
+            say_error "Missing '#{key_path}' to decrypt credentials. See `#{executable(:help)}`."
           else
-            "File '#{content_path}' does not exist. Use `#{executable(:edit)}` to change that."
+            say_error "File '#{content_path}' does not exist. Use `#{executable(:edit)}` to change that."
           end
+          exit 1
         end
 
         def relative_path(path)

data/lib/rails/commands/encrypted/encrypted_command.rb

@@ -45,7 +45,6 @@ module Rails
         def ensure_encryption_key_has_been_added
           return if encrypted_configuration.key?
           encryption_key_file_generator.add_key_file(key_path)
-          encryption_key_file_generator.ignore_key_file(key_path)
         end
 
         def ensure_encrypted_configuration_has_been_added

data/lib/rails/engine/lazy_route_set.rb

@@ -4,9 +4,11 @@
 
 require "action_dispatch/routing/route_set"
 
+# :enddoc:
+
 module Rails
   class Engine
-    class LazyRouteSet < ActionDispatch::Routing::RouteSet # :nodoc:
+    class LazyRouteSet < ActionDispatch::Routing::RouteSet
       class NamedRouteCollection < ActionDispatch::Routing::RouteSet::NamedRouteCollection
         def route_defined?(name)
           Rails.application&.reload_routes_unless_loaded
@@ -34,16 +36,6 @@ module Rails
           Rails.application&.reload_routes_unless_loaded
           super
         end
-
-        def polymorphic_url(record_or_hash_or_array, options = {})
-          Rails.application&.reload_routes_unless_loaded
-          super
-        end
-
-        def polymorphic_path(record_or_hash_or_array, options = {})
-          Rails.application&.reload_routes_unless_loaded
-          super
-        end
       end
 
       def initialize(config = DEFAULT_CONFIG)
@@ -68,6 +60,11 @@ module Rails
         super
       end
 
+      def polymorphic_mappings
+        Rails.application&.reload_routes_unless_loaded
+        super
+      end
+
       def draw(&block)
         Rails.application&.reload_routes_unless_loaded
         super

data/lib/rails/engine.rb

@@ -3,7 +3,6 @@
 require "rails/railtie"
 require "rails/engine/railties"
 require "active_support/callbacks"
-require "active_support/core_ext/module/delegation"
 require "active_support/core_ext/object/try"
 require "pathname"
 

data/lib/rails/gem_version.rb

@@ -8,9 +8,9 @@ module Rails
 
   module VERSION
     MAJOR = 8
-    MINOR = 0
-    TINY  = 2
-    PRE   = nil
+    MINOR = 1
+    TINY  = 0
+    PRE   = "beta1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/rails/generators/actions.rb

@@ -445,11 +445,10 @@ module Rails
 
       private
         # Define log for backwards compatibility. If just one argument is sent,
-        # invoke +say+, otherwise invoke +say_status+. Differently from +say+ and
-        # similarly to +say_status+, this method respects the +quiet?+ option given.
+        # invoke +say+, otherwise invoke +say_status+.
         def log(*args) # :doc:
           if args.size == 1
-            say args.first.to_s unless options.quiet?
+            say args.first.to_s
           else
             args << (behavior == :invoke ? :green : :red)
             say_status(*args)

data/lib/rails/generators/app_base.rb

@@ -7,12 +7,14 @@ require "open-uri"
 require "tsort"
 require "uri"
 require "rails/generators"
+require "rails/generators/bundle_helper"
 require "active_support/core_ext/array/extract_options"
 
 module Rails
   module Generators
     class AppBase < Base # :nodoc:
       include AppName
+      include BundleHelper
 
       NODE_LTS_VERSION = "20.11.1"
       BUN_VERSION = "1.0.1"
@@ -71,7 +73,8 @@ module Rails
         class_option :skip_action_cable,   type: :boolean, aliases: "-C", default: nil,
                                            desc: "Skip Action Cable files"
 
-        class_option :skip_asset_pipeline, type: :boolean, aliases: "-A", default: nil
+        class_option :skip_asset_pipeline, type: :boolean, aliases: "-A", default: nil,
+                                           desc: "Skip the asset pipeline setup"
 
         class_option :skip_javascript,     type: :boolean, aliases: ["-J", "--skip-js"], default: (true if name == "plugin"),
                                            desc: "Skip JavaScript files"
@@ -491,7 +494,7 @@ module Rails
       def javascript_gemfile_entry
         return if options[:skip_javascript]
 
-        if options[:javascript] == "importmap"
+        if using_importmap?
           GemfileEntry.floats "importmap-rails", "Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]"
         else
           GemfileEntry.floats "jsbundling-rails", "Bundle and transpile JavaScript [https://github.com/rails/jsbundling-rails]"
@@ -510,9 +513,12 @@ module Rails
         [ turbo_rails_entry, stimulus_rails_entry ]
       end
 
+      def using_importmap?
+        !options.skip_javascript? && options[:javascript] == "importmap"
+      end
+
       def using_js_runtime?
-        (options[:javascript] && !%w[importmap].include?(options[:javascript])) ||
-          (options[:css] && !%w[tailwind sass].include?(options[:css]))
+        !options.skip_javascript? && (!using_importmap? || (options[:css] && !%w[tailwind sass].include?(options[:css])))
       end
 
       def using_node?
@@ -523,31 +529,35 @@ module Rails
         using_js_runtime? && %w[bun].include?(options[:javascript])
       end
 
+      def capture_command(command, pattern = nil)
+        output = `#{command}`
+        if pattern
+          output[pattern]
+        else
+          output
+        end
+      rescue SystemCallError
+        nil
+      end
+
       def node_version
         if using_node?
           ENV.fetch("NODE_VERSION") do
-            `node --version`[/\d+\.\d+\.\d+/]
-          rescue
-            NODE_LTS_VERSION
+            capture_command("node --version", /\d+\.\d+\.\d+/) || NODE_LTS_VERSION
           end
         end
       end
 
       def dockerfile_yarn_version
-        using_node? and `yarn --version`[/\d+\.\d+\.\d+/]
-      rescue
-        "latest"
+        capture_command("yarn --version", /\d+\.\d+\.\d+/) || "latest"
       end
 
       def yarn_through_corepack?
-        true if dockerfile_yarn_version == "latest"
-        dockerfile_yarn_version >= "2"
+        using_node? and "#{dockerfile_yarn_version}" >= "2"
       end
 
       def dockerfile_bun_version
-        using_bun? and `bun --version`[/\d+\.\d+\.\d+/]
-      rescue
-        BUN_VERSION
+        capture_command("bun --version", /\d+\.\d+\.\d+/) || BUN_VERSION
       end
 
       def dockerfile_binfile_fixups
@@ -615,11 +625,16 @@ module Rails
       end
 
       def ci_packages
-        if depends_on_system_test?
-          dockerfile_build_packages << "google-chrome-stable"
-        else
-          dockerfile_build_packages
-        end
+        dockerfile_build_packages - [
+          # GitHub Actions doesn't have build-essential,
+          # but it's a meta-packages and all its dependencies are already installed.
+          "build-essential",
+          "git",
+          "pkg-config",
+          "libyaml-dev",
+          "unzip",
+          "python-is-python3",
+        ]
       end
 
       def css_gemfile_entry
@@ -642,32 +657,6 @@ module Rails
         end
       end
 
-      def bundle_command(command, env = {})
-        say_status :run, "bundle #{command}"
-
-        # We are going to shell out rather than invoking Bundler::CLI.new(command)
-        # because `rails new` loads the Thor gem and on the other hand bundler uses
-        # its own vendored Thor, which could be a different version. Running both
-        # things in the same process is a recipe for a night with paracetamol.
-        #
-        # Thanks to James Tucker for the Gem tricks involved in this call.
-        _bundle_command = Gem.bin_path("bundler", "bundle")
-
-        require "bundler"
-        Bundler.with_original_env do
-          exec_bundle_command(_bundle_command, command, env)
-        end
-      end
-
-      def exec_bundle_command(bundle_command, command, env)
-        full_command = %Q["#{Gem.ruby}" "#{bundle_command}" #{command}]
-        if options[:quiet]
-          system(env, full_command, out: File::NULL)
-        else
-          system(env, full_command)
-        end
-      end
-
       def bundle_install?
         !(options[:skip_bundle] || options[:pretend])
       end
@@ -677,7 +666,7 @@ module Rails
       end
 
       def depend_on_bootsnap?
-        !options[:skip_bootsnap] && !options[:dev] && !defined?(JRUBY_VERSION)
+        !options[:skip_bootsnap] && !options[:dev] && !jruby?
       end
 
       def target_rails_prerelease(self_command = "new")
@@ -753,7 +742,7 @@ module Rails
       end
 
       def add_bundler_platforms
-        if bundle_install?
+        if bundle_install? && !jruby?
           # The vast majority of Rails apps will be deployed on `x86_64-linux`.
           bundle_command("lock --add-platform=x86_64-linux")
 
@@ -762,10 +751,8 @@ module Rails
         end
       end
 
-      def generate_bundler_binstub
-        if bundle_install?
-          bundle_command("binstubs bundler")
-        end
+      def jruby?
+        defined?(JRUBY_VERSION)
       end
 
       def empty_directory_with_keep_file(destination, config = {})
@@ -778,11 +765,13 @@ module Rails
       end
 
       def user_default_branch
-        @user_default_branch ||= `git config init.defaultbranch`
+        @user_default_branch ||= capture_command("git config init.defaultbranch").strip.presence || "main"
       end
 
       def git_init_command
-        return "git init" if user_default_branch.strip.present?
+        if capture_command("git config init.defaultbranch").present?
+          return "git init"
+        end
 
         git_version = `git --version`[/\d+\.\d+\.\d+/]
 

data/lib/rails/generators/bundle_helper.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Rails
+  module Generators
+    module BundleHelper # :nodoc:
+      def bundle_command(command, env = {}, params = {})
+        say_status :run, "bundle #{command}"
+
+        # We are going to shell out rather than invoking Bundler::CLI.new(command)
+        # because `rails new` loads the Thor gem and on the other hand bundler uses
+        # its own vendored Thor, which could be a different version. Running both
+        # things in the same process is a recipe for a night with paracetamol.
+        #
+        # Thanks to James Tucker for the Gem tricks involved in this call.
+        _bundle_command = Gem.bin_path("bundler", "bundle")
+
+        require "bundler"
+        Bundler.with_original_env do
+          exec_bundle_command(_bundle_command, command, env, params)
+        end
+      end
+
+      private
+        def exec_bundle_command(bundle_command, command, env, params)
+          full_command = %Q["#{Gem.ruby}" "#{bundle_command}" #{command}]
+          if options[:quiet] || params[:quiet]
+            system(env, full_command, out: File::NULL)
+          else
+            system(env, full_command)
+          end
+        end
+    end
+  end
+end

data/lib/rails/generators/database.rb

@@ -218,7 +218,7 @@ module Rails
         end
 
         def base_package
-          nil
+          "default-mysql-client"
         end
 
         def build_package

data/lib/rails/generators/erb/authentication/authentication_generator.rb

@@ -5,6 +5,8 @@ require "rails/generators/erb"
 module Erb # :nodoc:
   module Generators # :nodoc:
     class AuthenticationGenerator < Rails::Generators::Base # :nodoc:
+      hide!
+
       def create_files
         template "app/views/passwords/new.html.erb"
         template "app/views/passwords/edit.html.erb"

data/lib/rails/generators/erb/scaffold/templates/partial.html.erb.tt

@@ -1,6 +1,6 @@
 <div id="<%%= dom_id <%= singular_name %> %>">
 <% attributes.reject(&:password_digest?).each do |attribute| -%>
-  <p>
+  <div>
     <strong><%= attribute.human_name %>:</strong>
 <% if attribute.attachment? -%>
     <%%= link_to <%= singular_name %>.<%= attribute.column_name %>.filename, <%= singular_name %>.<%= attribute.column_name %> if <%= singular_name %>.<%= attribute.column_name %>.attached? %>
@@ -11,7 +11,7 @@
 <% else -%>
     <%%= <%= singular_name %>.<%= attribute.column_name %> %>
 <% end -%>
-  </p>
+  </div>
 
 <% end -%>
 </div>

data/lib/rails/generators/generated_attribute.rb

@@ -73,7 +73,7 @@ module Rails
         def valid_type?(type)
           DEFAULT_TYPES.include?(type.to_s) ||
             !defined?(ActiveRecord::Base) ||
-            ActiveRecord::Base.lease_connection.valid_type?(type)
+            ActiveRecord::Base.connection_db_config.adapter_class.valid_type?(type)
         end
 
         def valid_index_type?(index_type)

data/lib/rails/generators/migration.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require "active_support/concern"
 require "rails/generators/actions/create_migration"
 
 module Rails

data/lib/rails/generators/rails/app/app_generator.rb

@@ -127,7 +127,9 @@ module Rails
         template "routes.rb" unless options[:update]
         template "application.rb"
         template "environment.rb"
+        template "bundler-audit.yml"
         template "cable.yml" unless options[:update] || options[:skip_action_cable]
+        template "ci.rb"
         template "puma.rb"
         template "storage.yml" unless options[:update] || skip_active_storage?
 
@@ -140,6 +142,8 @@ module Rails
     def config_when_updating
       action_cable_config_exist       = File.exist?("config/cable.yml")
       active_storage_config_exist     = File.exist?("config/storage.yml")
+      ci_config_exist                 = File.exist?("config/ci.rb")
+      bundle_audit_config_exist       = File.exist?("config/bundler-audit.yml")
       rack_cors_config_exist          = File.exist?("config/initializers/cors.rb")
       assets_config_exist             = File.exist?("config/initializers/assets.rb")
       asset_app_stylesheet_exist      = File.exist?("app/assets/stylesheets/application.css")
@@ -157,6 +161,10 @@ module Rails
         template "config/storage.yml"
       end
 
+      if !ci_config_exist
+        template "config/ci.rb"
+      end
+
       if skip_asset_pipeline? && !assets_config_exist
         remove_file "config/initializers/assets.rb"
       end
@@ -169,6 +177,10 @@ module Rails
         remove_file "config/initializers/cors.rb"
       end
 
+      if !bundle_audit_config_exist
+        template "config/bundler-audit.yml"
+      end
+
       if options[:api]
         unless csp_config_exist
           remove_file "config/initializers/content_security_policy.rb"
@@ -182,7 +194,6 @@ module Rails
       require "rails/generators/rails/master_key/master_key_generator"
       master_key_generator = Rails::Generators::MasterKeyGenerator.new([], quiet: options[:quiet], force: options[:force])
       master_key_generator.add_master_key_file_silently
-      master_key_generator.ignore_master_key_file_silently
     end
 
     def credentials
@@ -272,9 +283,9 @@ module Rails
         dev: options[:dev],
         node: using_node?,
         app_name: app_name,
-        skip_solid: options[:skip_solid]
+        skip_solid: options[:skip_solid],
+        pretend: options[:pretend]
       }
-
       Rails::Generators::DevcontainerGenerator.new([], devcontainer_options).invoke_all
     end
   end
@@ -570,7 +581,6 @@ module Rails
       public_task :apply_rails_template
       public_task :run_bundle
       public_task :add_bundler_platforms
-      public_task :generate_bundler_binstub
       public_task :run_javascript
       public_task :run_hotwire
       public_task :run_css

data/lib/rails/generators/rails/app/templates/Dockerfile.tt

@@ -17,18 +17,20 @@ WORKDIR /rails
 # Install base packages
 RUN apt-get update -qq && \
     apt-get install --no-install-recommends -y <%= dockerfile_base_packages.join(" ") %> && \
+    ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so && \
     rm -rf /var/lib/apt/lists /var/cache/apt/archives
 
-# Set production environment
+# Set production environment variables and enable jemalloc for reduced memory usage and latency.
 ENV RAILS_ENV="production" \
     BUNDLE_DEPLOYMENT="1" \
     BUNDLE_PATH="/usr/local/bundle" \
-    BUNDLE_WITHOUT="development"
+    BUNDLE_WITHOUT="development" \
+    LD_PRELOAD="/usr/local/lib/libjemalloc.so"
 
 # Throw-away build stage to reduce size of final image
 FROM base AS build
 
-# Install packages needed to build gems<%= using_node? ? " and node modules" : "" %>
+# Install packages needed to build gems<%= (using_node? || using_bun?) ? " and node modules" : "" %>
 RUN apt-get update -qq && \
     apt-get install --no-install-recommends -y <%= dockerfile_build_packages.join(" ") %> && \
     rm -rf /var/lib/apt/lists /var/cache/apt/archives
@@ -59,7 +61,8 @@ RUN curl -fsSL https://bun.sh/install | bash -s -- "bun-v${BUN_VERSION}"
 
 <% end -%>
 # Install application gems
-COPY Gemfile Gemfile.lock ./
+COPY Gemfile Gemfile.lock vendor ./
+
 RUN bundle install && \
     rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git<% if depend_on_bootsnap? -%> && \
     bundle exec bootsnap precompile --gemfile<% end %>
@@ -72,7 +75,7 @@ RUN yarn install --immutable
 <% end -%>
 <% if using_bun? -%>
 # Install node modules
-COPY package.json bun.lockb ./
+COPY package.json bun.lock* ./
 RUN bun install --frozen-lockfile
 
 <% end -%>
@@ -95,23 +98,22 @@ RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
 
 <% end -%>
 
-<% if using_node? -%>
+<% if using_node? || using_bun? -%>
 RUN rm -rf node_modules
 <% end %>
 
 # Final stage for app image
 FROM base
 
-# Copy built artifacts: gems, application
-COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
-COPY --from=build /rails /rails
-
 # Run and own only the runtime files as a non-root user for security
 RUN groupadd --system --gid 1000 rails && \
-    useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
-    chown -R rails:rails <%= dockerfile_chown_directories.join(" ") %>
+    useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash
 USER 1000:1000
 
+# Copy built artifacts: gems, application
+COPY --chown=rails:rails --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
+COPY --chown=rails:rails --from=build /rails /rails
+
 # Entrypoint prepares the database.
 ENTRYPOINT ["/rails/bin/docker-entrypoint"]
 
@@ -123,4 +125,4 @@ CMD ["./bin/rails", "server"]
 # Start server via Thruster by default, this can be overwritten at runtime
 EXPOSE 80
 CMD ["./bin/thrust", "./bin/rails", "server"]
-<% end -%>
+<% end -%>

data/lib/rails/generators/rails/app/templates/Gemfile.tt

@@ -54,6 +54,9 @@ gem "thruster", require: false
 group :development, :test do
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
   gem "debug", platforms: %i[ mri windows ], require: "debug/prelude"
+
+  # Audits gems for known security defects (use config/bundler-audit.yml to ignore issues)
+  gem "bundler-audit", require: false
 <%- unless options.skip_brakeman? -%>
 
   # Static analysis for security vulnerabilities [https://brakemanscanner.org/]

data/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb.tt

@@ -2,5 +2,10 @@ class ApplicationController < ActionController::<%= options.api? ? "API" : "Base
 <%- unless options.api? -%>
   # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
   allow_browser versions: :modern
+<%- if using_importmap? -%>
+
+  # Changes to the importmap will invalidate the etag for HTML responses
+  stale_when_importmap_changes
+<% end -%>
 <% end -%>
 end

data/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt

@@ -4,6 +4,7 @@
     <title><%%= content_for(:title) || "<%= app_name.titleize %>" %></title>
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <meta name="apple-mobile-web-app-capable" content="yes">
+    <meta name="application-name" content="<%= app_name.titleize %>">
     <meta name="mobile-web-app-capable" content="yes">
     <%%= csrf_meta_tags %>
     <%%= csp_meta_tag %>

data/lib/rails/generators/rails/app/templates/bin/bundler-audit.tt

@@ -0,0 +1,5 @@
+require_relative "../config/boot"
+require "bundler/audit/cli"
+
+ARGV.concat %w[ --config config/bundler-audit.yml ] if ARGV.empty? || ARGV.include?("check")
+Bundler::Audit::CLI.start

data/lib/rails/generators/rails/app/templates/bin/ci.tt

@@ -0,0 +1,5 @@
+require_relative "../config/boot"
+require "active_support/continuous_integration"
+
+CI = ActiveSupport::ContinuousIntegration
+require_relative "../config/ci.rb"

data/lib/rails/generators/rails/app/templates/bin/rubocop.tt

@@ -1,7 +1,7 @@
 require "rubygems"
 require "bundler/setup"
 
-# explicit rubocop config increases performance slightly while avoiding config confusion.
+# Explicit RuboCop config increases performance slightly while avoiding config confusion.
 ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__))
 
 load Gem.bin_path("rubocop", "rubocop")