railties 8.0.3 → 8.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 46e1da3cb0dd9f90ba6539fcd48b08a77155300031522c2a1d37c70b4c05ea6e
-  data.tar.gz: 8960aaa617926a966e515999e10668b5582a773a132de7cd2575088bc6017490
+  metadata.gz: ad8da0555d797f82b2d0201539e2b87d71a4a034693160ce5f1a695bb2fba206
+  data.tar.gz: 7141209b64c173556b4e68710077f2020a0e4d1f78849f189b618ae5aadf0323
 SHA512:
-  metadata.gz: 3121cd89de8c287937ac033cb0e3bd902fc34d318b857e4176db1fbba562438bfd14e3ebaa669c09adf667ada86c70d84350cf08361bf1949ef1e98be9e2416a
-  data.tar.gz: d09a14c83c7fc1c9e752a52358f8343dc2d49b73ae5387a621c33774828bde8fdccac1a349b32c09205913ecd8e2019b8cfa748b778ed248a49adba06cc493fd
+  metadata.gz: eb16ac913da82747b4d06e8c7578ccc830219010f1ef5846305f2f6640a84f08df45f191f76899b6449d7dd85903a7e89f236b33cb8c83daef7f46863f86cf6f
+  data.tar.gz: badbe8ab05d917deed317baf5d1b8adbb339c95ed6bd0ea01f13c6d61ff41d270e49b27624d0d27f94625bb26466f141506638b44c6e2936b5b99d281f748fb5

data/CHANGELOG.md

@@ -1,289 +1,184 @@
-## Rails 8.0.3 (September 22, 2025) ##
+## Rails 8.1.0 (October 22, 2025) ##
 
-*   Fix `polymorphic_url` and `polymorphic_path` not working when routes are not loaded.
+*   Suggest `bin/rails action_text:install` from Action Dispatch error page
 
-    *Édouard Chin*
-
-*   Fix Rails console to not override user defined IRB_NAME.
-
-    Only change the prompt name if it hasn't been customized in `.irbrc`.
-
-    *Jarrett Lusso*
-
-
-## Rails 8.0.2.1 (August 13, 2025) ##
-
-*   No changes.
-
-
-## Rails 8.0.2 (March 12, 2025) ##
-
-*   Fix Rails console to load routes.
-
-    Otherwise `*_path` and `*url` methods are missing on the `app` object.
-
-    *Édouard Chin*
-
-*   Update `rails new --minimal` option
-
-    Extend the `--minimal` flag to exclude recently added features:
-    `skip_brakeman`, `skip_ci`, `skip_docker`, `skip_kamal`, `skip_rubocop`, `skip_solid` and `skip_thruster`.
-
-    *eelcoj*
-
-*   Use `secret_key_base` from ENV or credentials when present locally.
-
-    When ENV["SECRET_KEY_BASE"] or
-    `Rails.application.credentials.secret_key_base` is set for test or
-    development, it is used for the `Rails.config.secret_key_base`,
-    instead of generating a `tmp/local_secret.txt` file.
-
-    *Petrik de Heus*
-
-
-## Rails 8.0.1 (December 13, 2024) ##
-
-*   Skip generation system tests related code for CI when `--skip-system-test` is given.
-
-    *fatkodima*
-
-*   Don't add bin/thrust if thruster is not in Gemfile.
-
-    *Étienne Barrié*
-
-*   Don't install a package for system test when applications don't use it.
-
-    *y-yagi*
-
-
-## Rails 8.0.0.1 (December 10, 2024) ##
-
-*   No changes.
-
-
-## Rails 8.0.0 (November 07, 2024) ##
-
-*   No changes.
-
-
-## Rails 8.0.0.rc2 (October 30, 2024) ##
-
-*   Fix incorrect database.yml with `skip_solid`.
-
-    *Joé Dupuis*
+    *Sean Doyle*
 
-*   Set `Regexp.timeout` to `1`s by default to improve security over Regexp Denial-of-Service attacks.
+*   Remove deprecated `STATS_DIRECTORIES`.
 
     *Rafael Mendonça França*
 
-
-## Rails 8.0.0.rc1 (October 19, 2024) ##
-
-*   Remove deprecated support to extend Rails console through `Rails::ConsoleMethods`.
+*   Remove deprecated `bin/rake stats` command.
 
     *Rafael Mendonça França*
 
-*   Remove deprecated file `rails/console/helpers`.
+*   Remove deprecated `rails/console/methods.rb` file.
 
     *Rafael Mendonça França*
 
-*   Remove deprecated file `rails/console/app`.
+*   Don't generate system tests by default.
 
-    *Rafael Mendonça França*
+    Rails scaffold generator will no longer generate system tests by default. To enable this pass `--system-tests=true` or generate them with `bin/rails generate system_test name_of_test`.
 
-*   Remove deprecated `config.read_encrypted_secrets`.
+    *Eileen M. Uchitelle*
 
-    *Rafael Mendonça França*
+*   Optionally skip bundler-audit.
+
+    Skips adding the `bin/bundler-audit` & `config/bundler-audit.yml` if the gem is not installed when `bin/rails app:update` runs.
 
-*   Add Kamal support for devcontainers
+    Passes an option to `--skip-bundler-audit` when new apps are generated & adds that same option to the `--minimal` generator flag.
 
-    Previously generated devcontainer could not use docker and therefore Kamal.
+    *Jill Klang*
 
-    *Joé Dupuis*
+*   Show engine routes in `/rails/info/routes` as well.
 
+    *Petrik de Heus*
 
-## Rails 8.0.0.beta1 (September 26, 2024) ##
+*   Exclude `asset_path` configuration from Kamal `deploy.yml` for API applications.
 
-*   Exit `rails g` with code 1 if generator could not be found.
+    API applications don't serve assets, so the `asset_path` configuration in `deploy.yml`
+    is not needed and can cause 404 errors on in-flight requests. The asset_path is now
+    only included for regular Rails applications that serve assets.
 
-    Previously `rails g` returned 0, which would make it harder to catch typos in scripts calling `rails g`.
+    *Saiqul Haq*
 
-    *Christopher Özbek*
+*   Reverted the incorrect default `config.public_file_server.headers` config.
 
-*   Remove `require_*` statements from application.css to align with the transition from Sprockets to Propshaft.
+    If you created a new application using Rails `8.1.0.beta1`, make sure to regenerate
+    `config/environments/production.rb`, or to manually edit the `config.public_file_server.headers`
+    configuration to just be:
 
-    With Propshaft as the default asset pipeline in Rails 8, the require_tree and require_self clauses in application.css are no longer necessary, as they were specific to Sprockets. Additionally, the comment has been updated to clarify that CSS precedence now follows standard cascading order without automatic prioritization by the asset pipeline.
+    ```ruby
+    # Cache assets for far-future expiry since they are all digest stamped.
+    config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" }
+    ```
 
-    *Eduardo Alencar*
+    *Jean Boussier*
 
-*   Do not include redis by default in generated Dev Containers.
+*   Add command `rails credentials:fetch PATH` to get the value of a credential from the credentials file.
 
-    Now that applications use the Solid Queue and Solid Cache gems by default, we do not need to include redis
-    in the Dev Container. We will only include redis if `--skip-solid` is used when generating an app that uses
-    Active Job or Action Cable.
+    ```bash
+    $ bin/rails credentials:fetch kamal_registry.password
+    ```
 
-    When generating a Dev Container for an existing app, we will not include redis if either of the solid gems
-    are in use.
+    *Matthew Nguyen*, *Jean Boussier*
 
-    *Andrew Novoselac*
+*   Generate static BCrypt password digests in fixtures instead of dynamic ERB expressions.
 
-*   Use [Solid Cable](https://github.com/rails/solid_cable) as the default Action Cable adapter in production, configured as a separate queue database in config/database.yml. It keeps messages in a table and continuously polls for updates. This makes it possible to drop the common dependency on Redis, if it isn't needed for any other purpose. Despite polling, the performance of Solid Cable is comparable to Redis in most situations. And in all circumstances, it makes it easier to deploy Rails when Redis is no longer a required dependency for Action Cable functionality.
+    Previously, fixtures with password digest attributes used `<%= BCrypt::Password.create("secret") %>`,
+    which regenerated the hash on each test run. Now generates a static hash with a comment
+    showing how to recreate it.
 
-    *DHH*
+    *Nate Smith*, *Cassia Scheffer*
 
-*   Use [Solid Queue](https://github.com/rails/solid_queue) as the default Active Job backend in production, configured as a separate queue database in config/database.yml. In a single-server deployment, it'll run as a Puma plugin. This is configured in `config/deploy.yml` and can easily be changed to use a dedicated jobs machine.
+*   Broaden the `.gitignore` entry when adding a credentials key to ignore all key files.
 
-    *DHH*
+    *Greg Molnar*
 
-*   Use [Solid Cache](https://github.com/rails/solid_cache) as the default Rails.cache backend in production, configured as a separate cache database in config/database.yml.
+*   Remove unnecessary `ruby-version` input from `ruby/setup-ruby`
 
-    *DHH*
+    *TangRufus*
 
-*   Add Rails::Rack::SilenceRequest middleware and use it via `config.silence_healthcheck_path = path`
-    to silence requests to "/up". This prevents the Kamal-required health checks from clogging up
-    the production logs.
+*   Add --reset option to bin/setup which will call db:reset as part of the setup.
 
     *DHH*
 
-*   Introduce `mariadb-mysql` and `mariadb-trilogy` database options for `rails new`
+*   Add RuboCop cache restoration to RuboCop job in GitHub Actions workflow templates.
 
-    When used with the `--devcontainer` flag, these options will use `mariadb` as the database for the
-    Dev Container. The original `mysql` and `trilogy` options will use `mysql`. Users who are not
-    generating a Dev Container do not need to use the new options.
+    *Lovro Bikić*
 
-    *Andrew Novoselac*
+*   Skip generating mailer-related files in authentication generator if the application does
+    not use ActionMailer
 
-*   Deprecate `::STATS_DIRECTORIES`.
+    *Rami Massoud*
 
-    The global constant `STATS_DIRECTORIES` has been deprecated in favor of
-    `Rails::CodeStatistics.register_directory`.
+*   Introduce `bin/ci` for running your tests, style checks, and security audits locally or in the cloud.
 
-    Add extra directories with `Rails::CodeStatistics.register_directory(label, path)`:
+    The specific steps are defined by a new DSL in `config/ci.rb`.
 
     ```ruby
-    require "rails/code_statistics"
-    Rails::CodeStatistics.register_directory('My Directory', 'path/to/dir')
+    ActiveSupport::ContinuousIntegration.run do
+      step "Setup", "bin/setup --skip-server"
+      step "Style: Ruby", "bin/rubocop"
+      step "Security: Gem audit", "bin/bundler-audit"
+      step "Tests: Rails", "bin/rails test test:system"
+    end
     ```
 
-    *Petrik de Heus*
-
-*   Enable query log tags by default on development env
-
-    This can be used to trace troublesome SQL statements back to the application
-    code that generated these statements. It is also useful when using multiple
-    databases because the query logs can identify which database is being used.
+    Optionally use [gh-signoff](https://github.com/basecamp/gh-signoff) to
+    set a green PR status - ready for merge.
 
-    *Matheus Richard*
+    *Jeremy Daer*, *DHH*
 
-*   Defer route drawing to the first request, or when url_helpers are called
+*   Generate session controller tests when running the authentication generator.
 
-    Executes the first routes reload in middleware, or when a route set's
-    url_helpers receives a route call / asked if it responds to a route.
-    Previously, this was executed unconditionally on boot, which can
-    slow down boot time unnecessarily for larger apps with lots of routes.
+    *Jerome Dalbert*
 
-    Environments like production that have `config.eager_load = true` will
-    continue to eagerly load routes on boot.
+*   Add bin/bundler-audit and config/bundler-audit.yml for discovering and managing known security problems with app gems.
 
-    *Gannon McGibbon*
+    *DHH*
 
-*   Generate form helpers to use `textarea*` methods instead of `text_area*` methods
+*   Rails no longer generates a `bin/bundle` binstub when creating new applications.
 
-    *Sean Doyle*
+    The `bin/bundle` binstub used to help activate the right version of bundler.
+    This is no longer necessary as this mechanism is now part of Rubygem itself.
 
-*   Add authentication generator to give a basic start to an authentication system using database-tracked sessions and password reset.
+    *Edouard Chin*
 
-    Generate with...
+*   Add a `SessionTestHelper` module with `sign_in_as(user)` and `sign_out` test helpers when
+    running `rails g authentication`. Simplifies authentication in integration tests.
 
-    ```
-    bin/rails generate authentication
-    ```
+    *Bijan Rahnema*
 
-    Generated files:
+*   Rate limit password resets in authentication generator
 
-    ```
-    app/models/current.rb
-    app/models/user.rb
-    app/models/session.rb
-    app/controllers/sessions_controller.rb
-    app/controllers/passwords_controller.rb
-    app/mailers/passwords_mailer.rb
-    app/views/sessions/new.html.erb
-    app/views/passwords/new.html.erb
-    app/views/passwords/edit.html.erb
-    app/views/passwords_mailer/reset.html.erb
-    app/views/passwords_mailer/reset.text.erb
-    db/migrate/xxxxxxx_create_users.rb
-    db/migrate/xxxxxxx_create_sessions.rb
-    test/mailers/previews/passwords_mailer_preview.rb
-    ```
+    This helps mitigate abuse from attackers spamming the password reset form.
 
-    *DHH*
+    *Chris Oliver*
 
+*   Update `rails new --minimal` option
 
-*   Add not-null type modifier to migration attributes.
+    Extend the `--minimal` flag to exclude recently added features:
+    `skip_brakeman`, `skip_ci`, `skip_docker`, `skip_kamal`, `skip_rubocop`, `skip_solid` and `skip_thruster`.
 
-    Generating with...
+    *eelcoj*
 
-    ```
-    bin/rails generate migration CreateUsers email_address:string!:uniq password_digest:string!
-    ```
+*   Add `application-name` metadata to application layout
 
-    Produces:
+    The following metatag will be added to `app/views/layouts/application.html.erb`
 
-    ```ruby
-    class CreateUsers < ActiveRecord::Migration[8.0]
-      def change
-        create_table :users do |t|
-          t.string :email_address, null: false
-          t.string :password_digest, null: false
-
-          t.timestamps
-        end
-        add_index :users, :email_address, unique: true
-      end
-    end
+    ```html
+    <meta name="application-name" content="Name of Rails Application">
     ```
 
-    *DHH*
-
-*   Add a `script` folder to applications, and a scripts generator.
-
-    The new `script` folder is meant to hold one-off or general purpose scripts,
-    such as data migration scripts, cleanup scripts, etc.
+    *Steve Polito*
 
-    A new script generator allows you to create such scripts:
-
-    ```
-    bin/rails generate script my_script
-    bin/rails generate script data/backfill
-    ```
+*   Use `secret_key_base` from ENV or credentials when present locally.
 
-    You can run the generated script using:
+    When ENV["SECRET_KEY_BASE"] or
+    `Rails.application.credentials.secret_key_base` is set for test or
+    development, it is used for the `Rails.config.secret_key_base`,
+    instead of generating a `tmp/local_secret.txt` file.
 
-    ```
-    bundle exec ruby script/my_script.rb
-    bundle exec ruby script/data/backfill.rb
-    ```
+    *Petrik de Heus*
 
-    *Jerome Dalbert*, *Haroon Ahmed*
+*   Introduce `RAILS_MASTER_KEY` placeholder in generated ci.yml files
 
-*   Deprecate `bin/rake stats` in favor of `bin/rails stats`.
+    *Steve Polito*
 
-    *Juan Vásquez*
+*   Colorize the Rails console prompt even on non standard environments.
 
-*   Add internal page `/rails/info/notes`, that displays the same information as `bin/rails notes`.
+    *Lorenzo Zabot*
 
-    *Deepak Mahakale*
+*   Don't enable YJIT in development and test environments
 
-*   Add Rubocop and GitHub Actions to plugin generator.
-    This can be skipped using --skip-rubocop and --skip-ci.
+    Development and test environments tend to reload code and redefine methods (e.g. mocking),
+    hence YJIT isn't generally faster in these environments.
 
-    *Chris Oliver*
+    *Ali Ismayilov*, *Jean Boussier*
 
-*   Use Kamal for deployment by default, which includes generating a Rails-specific config/deploy.yml.
-    This can be skipped using --skip-kamal. See more: https://kamal-deploy.org/
+*   Only include PermissionsPolicy::Middleware if policy is configured.
 
-    *DHH*
+    *Petrik de Heus*
 
-Please check [7-2-stable](https://github.com/rails/rails/blob/7-2-stable/railties/CHANGELOG.md) for previous changes.
+Please check [8-0-stable](https://github.com/rails/rails/blob/8-0-stable/railties/CHANGELOG.md) for previous changes.

data/lib/minitest/rails_plugin.rb

@@ -26,6 +26,8 @@ module Minitest
   end
 
   class ProfileReporter < Reporter
+    attr_accessor :results
+
     def initialize(io = $stdout, options = {})
       super
       @results = []
@@ -33,26 +35,49 @@ module Minitest
     end
 
     def record(result)
-      @results << result
+      if output_file = ENV["RAILTIES_OUTPUT_FILE"]
+        File.open(output_file, "a") do |f|
+          # Round-trip for re-serialization
+          data = JSON.parse(result.to_json)
+          data[:location] = result.location
+          f.puts(data.to_json)
+        end
+      else
+        @results << result
+      end
+    end
+
+    def passed?
+      true
     end
 
     def report
-      total_time = @results.sum(&:time)
+      # Skip if we're outputting to a file
+      return if ENV["RAILTIES_OUTPUT_FILE"]
+      print_summary
+    end
 
-      @results.sort! { |a, b| b.time <=> a.time }
-      slow_results = @results.take(@count)
-      slow_tests_total_time = slow_results.sum(&:time)
+    def summary
+      print_summary
+    end
+
+    private
+      def print_summary
+        total_time = @results.sum(&:time)
 
-      ratio = (total_time == 0) ? 0.0 : (slow_tests_total_time / total_time) * 100
+        @results.sort! { |a, b| b.time <=> a.time }
+        slow_results = @results.take(@count)
+        slow_tests_total_time = slow_results.sum(&:time)
 
-      io.puts("\nTop %d slowest tests (%.2f seconds, %.1f%% of total time):\n" % [slow_results.size, slow_tests_total_time, ratio])
-      slow_results.each do |result|
-        io.puts("  %s\n    %.4f seconds %s\n" % [result.location, result.time, source_location(result)])
+        ratio = (total_time == 0) ? 0.0 : (slow_tests_total_time / total_time) * 100
+
+        io.puts("\nTop %d slowest tests (%.2f seconds, %.1f%% of total time):\n" % [slow_results.size, slow_tests_total_time, ratio])
+        slow_results.each do |result|
+          io.puts("  %s\n    %.4f seconds %s\n" % [result.location, result.time, source_location(result)])
+        end
+        io.puts("\n")
       end
-      io.puts("\n")
-    end
 
-    private
       def source_location(result)
         filename, line = result.source_location
         return "" unless filename
@@ -102,8 +127,19 @@ module Minitest
       options[:profile] = count
     end
 
+    opts.on(/^[^-]/) do |test_file|
+      options[:test_files] ||= []
+      options[:test_files] << test_file
+    end
+
     options[:color] = true
     options[:output_inline] = true
+
+    opts.on do
+      if ::Rails::TestUnit::Runner.load_test_files
+        ::Rails::TestUnit::Runner.load_tests(options.fetch(:test_files, []))
+      end
+    end
   end
 
   # Owes great inspiration to test runner trailblazers like RSpec,

data/lib/rails/application/bootstrap.rb

@@ -71,6 +71,11 @@ module Rails
         end
       end
 
+      initializer :initialize_event_reporter, group: :all do
+        Rails.event.raise_on_error = config.consider_all_requests_local
+        Rails.event.debug_mode = Rails.env.development?
+      end
+
       # Initialize cache early in the stack so railties can make use of it.
       initializer :initialize_cache, group: :all do
         cache_format_version = config.active_support.delete(:cache_format_version)

data/lib/rails/application/configuration.rb

@@ -21,6 +21,7 @@ module Rails
                     :beginning_of_week, :filter_redirect, :x,
                     :content_security_policy_report_only,
                     :content_security_policy_nonce_generator, :content_security_policy_nonce_directives,
+                    :content_security_policy_nonce_auto,
                     :require_master_key, :credentials, :disable_sandbox, :sandbox_by_default,
                     :add_autoload_paths_to_load_path, :rake_eager_load, :server_timing, :log_file_size,
                     :dom_testing_default_html_version, :yjit
@@ -72,6 +73,7 @@ module Rails
         @content_security_policy_report_only     = false
         @content_security_policy_nonce_generator = nil
         @content_security_policy_nonce_directives = nil
+        @content_security_policy_nonce_auto      = false
         @require_master_key                      = false
         @loaded_config_version                   = nil
         @credentials                             = ActiveSupport::InheritableOptions.new(credentials_defaults)
@@ -115,10 +117,6 @@ module Rails
             action_controller.forgery_protection_origin_check = true
           end
 
-          if respond_to?(:active_support)
-            active_support.to_time_preserves_timezone = :offset
-          end
-
           if respond_to?(:active_record)
             active_record.belongs_to_required_by_default = true
           end
@@ -265,7 +263,7 @@ module Rails
           end
 
           if respond_to?(:action_controller)
-            action_controller.raise_on_open_redirects = true
+            action_controller.action_on_open_redirect = :raise
             action_controller.wrap_parameters_by_default = true
           end
         when "7.1"
@@ -337,15 +335,39 @@ module Rails
         when "8.0"
           load_defaults "7.2"
 
-          if respond_to?(:active_support)
-            active_support.to_time_preserves_timezone = :zone
-          end
-
           if respond_to?(:action_dispatch)
             action_dispatch.strict_freshness = true
           end
 
           Regexp.timeout ||= 1 if Regexp.respond_to?(:timeout=)
+        when "8.1"
+          load_defaults "8.0"
+
+          # Development and test environments tend to reload code and
+          # redefine methods (e.g. mocking), hence YJIT isn't generally
+          # faster in these environments.
+          self.yjit = !Rails.env.local?
+
+          if respond_to?(:action_controller)
+            action_controller.escape_json_responses = false
+            action_controller.action_on_path_relative_redirect = :raise
+          end
+
+          if respond_to?(:active_record)
+            active_record.raise_on_missing_required_finder_order_columns = true
+          end
+
+          if respond_to?(:active_support)
+            active_support.escape_js_separators_in_json = false
+          end
+
+          if respond_to?(:action_view)
+            action_view.render_tracker = :ruby
+          end
+
+          if respond_to?(:action_view)
+            action_view.remove_hidden_field_autocomplete = true
+          end
         else
           raise "Unknown version #{target_version.to_s.inspect}"
         end

data/lib/rails/application/default_middleware_stack.rb

@@ -83,7 +83,7 @@ module Rails
           unless config.api_only
             middleware.use ::ActionDispatch::Flash
             middleware.use ::ActionDispatch::ContentSecurityPolicy::Middleware
-            middleware.use ::ActionDispatch::PermissionsPolicy::Middleware
+            middleware.use ::ActionDispatch::PermissionsPolicy::Middleware if config.permissions_policy
           end
 
           middleware.use ::Rack::Head

data/lib/rails/application/finisher.rb

@@ -229,7 +229,8 @@ module Rails
 
       initializer :enable_yjit do
         if config.yjit && defined?(RubyVM::YJIT.enable)
-          RubyVM::YJIT.enable
+          options = config.yjit.is_a?(Hash) ? config.yjit : {}
+          RubyVM::YJIT.enable(**options)
         end
       end
     end

data/lib/rails/application/routes_reloader.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require "active_support/core_ext/module/delegation"
 
 module Rails
   class Application

data/lib/rails/application.rb

@@ -2,10 +2,8 @@
 
 require "yaml"
 require "active_support/core_ext/hash/keys"
-require "active_support/core_ext/object/blank"
 require "active_support/key_generator"
 require "active_support/message_verifiers"
-require "active_support/deprecation"
 require "active_support/encrypted_configuration"
 require "active_support/hash_with_indifferent_access"
 require "active_support/configuration_file"
@@ -616,7 +614,7 @@ module Rails
     end
 
     def railties_initializers(current) # :nodoc:
-      initializers = []
+      initializers = Initializable::Collection.new
       ordered_railties.reverse.flatten.each do |r|
         if r == self
           initializers += current

data/lib/rails/code_statistics.rb

@@ -42,8 +42,11 @@ module Rails
 
     HEADERS = { lines: " Lines", code_lines: "   LOC", classes: "Classes", methods: "Methods" }
 
+    PATTERN = /^(?!\.).*?\.(rb|js|ts|css|scss|coffee|rake|erb)$/
+
     class_attribute :directories, default: DIRECTORIES
     class_attribute :test_types, default: TEST_TYPES
+    class_attribute :pattern, default: PATTERN
 
     # Add directories to the output of the <tt>bin/rails stats</tt> command.
     #
@@ -81,7 +84,7 @@ module Rails
         Hash[@pairs.map { |pair| [pair.first, calculate_directory_statistics(pair.last)] }]
       end
 
-      def calculate_directory_statistics(directory, pattern = /^(?!\.).*?\.(rb|js|ts|css|scss|coffee|rake|erb)$/)
+      def calculate_directory_statistics(directory, pattern = self.class.pattern)
         stats = Rails::CodeStatisticsCalculator.new
 
         Dir.foreach(directory) do |file_name|