-
-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update dependency rails to v7.2.2.1 #2623
Open
renovate
wants to merge
1
commit into
main
Choose a base branch
from
renovate/ruby-on-rails-packages
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
5 times, most recently
from
October 21, 2024 11:12
6de72e4
to
7dce594
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
2 times, most recently
from
October 24, 2024 01:23
9a31294
to
a154251
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.1.1
chore(deps): update dependency rails to v7.2.1.2
Oct 24, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
3 times, most recently
from
October 30, 2024 05:07
5d5fe13
to
781fa82
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
October 31, 2024 07:52
781fa82
to
008b6f5
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.1.2
chore(deps): update dependency rails to v7.2.2
Oct 31, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
2 times, most recently
from
November 2, 2024 03:33
e4251f2
to
3c3f8b2
Compare
There's a small change to ActiveJob config that makes these tests pass but we need to wait on paper_trail to update according to postinstall:
Check for updates here: https://github.com/paper-trail-gem/paper_trail?tab=readme-ov-file#1a-compatibility. I've subbed to release updates. |
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
4 times, most recently
from
November 7, 2024 18:18
db0f740
to
6e75e36
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
4 times, most recently
from
November 18, 2024 16:07
9135868
to
fa3f224
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
3 times, most recently
from
November 27, 2024 02:01
cbe2ce4
to
a3c7e4f
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
4 times, most recently
from
December 8, 2024 17:14
a0b83ce
to
8e2717c
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
2 times, most recently
from
December 10, 2024 22:13
ce5204b
to
e250935
Compare
renovate
bot
changed the title
chore(deps): update dependency rails to v7.2.2
chore(deps): update dependency rails to v7.2.2.1
Dec 10, 2024
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
2 times, most recently
from
December 13, 2024 03:26
fb529fe
to
904a57b
Compare
renovate
bot
force-pushed
the
renovate/ruby-on-rails-packages
branch
from
December 13, 2024 06:07
904a57b
to
8387355
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
'7.1.3.4'
->'7.2.2.1'
Release Notes
rails/rails (rails)
v7.2.2.1
: 7.2.2.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v7.2.2
: 7.2.2Compare Source
Active Support
Include options when instrumenting
ActiveSupport::Cache::Store#delete
andActiveSupport::Cache::Store#delete_multi
.Adam Renberg Tamm
Print test names when running
rails test -v
for parallel tests.John Hawthorn, Abeid Ahmed
Active Model
Fix regression in
alias_attribute
to work with user defined methods.alias_attribute
would wrongly assume the attribute accessor was generated by Active Model.Jean Boussier
Active Record
Fix support for
query_cache: false
indatabase.yml
.query_cache: false
would no longer entirely disable the Active Record query cache.zzak
Set
.attributes_for_inspect
to:all
by default.For new applications it is set to
[:id]
in config/environment/production.rb.In the console all the attributes are always shown.
Andrew Novoselac
PG::UnableToSend: no connection to the server
is now retryable as a connection-related exceptionKazuma Watanabe
Fix marshalling of unsaved associated records in 7.1 format.
The 7.1 format would only marshal associated records if the association was loaded.
But associations that would only contain unsaved records would be skipped.
Jean Boussier
Fix incorrect SQL query when passing an empty hash to
ActiveRecord::Base.insert
.David Stosik
Allow to save records with polymorphic join tables that have
inverse_of
specified.
Markus Doits
Fix association scopes applying on the incorrect join when using a polymorphic
has_many through:
.Joshua Young
Fix
dependent: :destroy
for bi-directional has one through association.Fixes #50948.
In the above example
left.destroy
wouldn't destroy its associatedRight
record.
Andy Stewart
Properly handle lazily pinned connection pools.
Fixes #53147.
When using transactional fixtures with system tests to similar tools
such as capybara, it could happen that a connection end up pinned by the
server thread rather than the test thread, causing
"Cannot expire connection, it is owned by a different thread"
errors.Jean Boussier
Fix
ActiveRecord::Base.with
to accept more than two sub queries.Fixes #53110.
The above now works as expected.
fatkodima
Properly release pinned connections with non joinable connections.
Fixes #52973
When running system tests with transactional fixtures on, it could happen that
the connection leased by the Puma thread wouldn't be properly released back to the pool,
causing "Cannot expire connection, it is owned by a different thread" errors in later tests.
Jean Boussier
Make Float distinguish between
float4
andfloat8
in PostgreSQL.Fixes #52742
Ryota Kitazawa, Takayuki Nagatomi
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Action View
Action Pack
Fix non-GET requests not updating cookies in
ActionController::TestCase
.Jon Moss, Hartley McGuire
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.2.1.2
: 7.2.1.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Fix NoMethodError in
block_format
helperMichael Leimstaedtner
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.2.1.1
: 7.2.1.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Avoid regex backtracking in HTTP Token authentication
[CVE-2024-47887]
Avoid regex backtracking in query parameter filtering
[CVE-2024-41128]
Active Job
Action Mailer
Avoid regex backtracking in
block_format
helper[CVE-2024-47889]
Action Cable
Active Storage
Action Mailbox
Action Text
Avoid backtracing in plain_text_for_blockquote_node
[CVE-2024-47888]
Railties
Guides
v7.2.1
: 7.2.1Compare Source
Active Support
Active Model
Active Record
Fix detection for
enum
columns with parallelized tests and PostgreSQL.Rafael Mendonça França
Allow to eager load nested nil associations.
fatkodima
Fix swallowing ignore order warning when batching using
BatchEnumerator
.fatkodima
Fix memory bloat on the connection pool when using the Fiber
IsolatedExecutionState
.Jean Boussier
Restore inferred association class with the same modularized name.
Justin Ko
Fix
ActiveRecord::Base.inspect
to properly explain how to load schema information.Jean Boussier
Check invalid
enum
options for the new syntax.The options using
_
prefix in the old syntax are invalid in the new syntax.Rafael Mendonça França
Fix
ActiveRecord::Encryption::EncryptedAttributeType#type
to returnactual cast type.
Vasiliy Ermolovich
Fix
create_table
with:auto_increment
option for MySQL adapter.fatkodima
Action View
Action Pack
Fix
Request#raw_post
raisingNoMethodError
whenrack.input
isnil
.Hartley McGuire
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Strip
content
attribute if the key is present but the value is emptyJeremy Green
Railties
Fix
rails console
for application with non default application constant.The wrongly assumed the Rails application would be named
AppNamespace::Application
,which is the default but not an obligation.
Jean Boussier
Fix the default Dockerfile to include the full sqlite3 package.
Prior to this it only included
libsqlite3
, so it wasn't enough torun
rails dbconsole
.Jerome Dalbert
Don't update public directory during
app:update
command for API-only Applications.y-yagi
Don't add bin/brakeman if brakeman is not in bundle when upgrading an application.
Etienne Barrié
Remove PWA views and routes if its an API only project.
Jean Boussier
Simplify generated Puma configuration
DHH, Rafael Mendonça França
v7.2.0
Compare Source
v7.1.5.1
: 7.1.5.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Add validation to content security policies to disallow spaces and semicolons.
Developers should use multiple arguments, and different directive methods instead.
[CVE-2024-54133]
Gannon McGibbon
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Update vendored trix version to 2.1.10
John Hawthorn
Railties
Guides
v7.1.5
: 7.1.5Compare Source
Active Support
Active Model
Fix regression in
alias_attribute
to work with user defined methods.alias_attribute
would wrongly assume the attribute accessor was generated by Active Model.Jean Boussier
Active Record
Fix marshalling of unsaved associated records in 7.1 format.
The 7.1 format would only marshal associated records if the association was loaded.
But associations that would only contain unsaved records would be skipped.
Jean Boussier
Fix an issue where
.left_outer_joins
used with multiple associations that havethe same child association but different parents does not join all parents.
Previously, using
.left_outer_joins
with the same child association would only join one of the parents.Now it will correctly join both parents.
Fixes #41498.
Garrett Blehm
Ensure
ActiveRecord::Encryption.config
is always ready before access.Previously,
ActiveRecord::Encryption
configuration was deferred untilActiveRecord::Base
was loaded. Therefore, accessing
ActiveRecord::Encryption.config
properties beforeActiveRecord::Base
was loaded would give incorrect results.ActiveRecord::Encryption
now has its own loading hook so that its configuration is set assoon as needed.
When
ActiveRecord::Base
is loaded, even lazily, it in turn triggers the loading ofActiveRecord::Encryption
, thus preserving the original behavior of having its config readybefore any use of
ActiveRecord::Base
.Maxime Réty
Add
TimeZoneConverter#==
method, so objects will be properly compared bytheir type, scale, limit & precision.
Address #52699.
Ruy Rocha
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.1.4.2
: 7.1.4.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Fix NoMethodError in
block_format
helperMichael Leimstaedtner
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
Guides
v7.1.4.1
: 7.1.4.1Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Avoid regex backtracking in HTTP Token authentication
[CVE-2024-47887]
Avoid regex backtracking in query parameter filtering
[CVE-2024-41128]
Active Job
Action Mailer
Avoid regex backtracking in
block_format
helper[CVE-2024-47889]
Action Cable
Active Storage
Action Mailbox
Action Text
Avoid backtracing in plain_text_for_blockquote_node
[CVE-2024-47888]
Railties
Guides
v7.1.4
: 7.1.4Compare Source
Active Support
Improve compatibility for
ActiveSupport::BroadcastLogger
.Máximo Mussini
Pass options along to write_entry in handle_expired_entry method.
Graham Cooper
Fix Active Support configurations deprecations.
fatkodima
Fix teardown callbacks.
Tristan Starck
BacktraceCleaner
silence core internal methods by default.Jean Boussier
Fix
delegate_missing_to allow_nil: true
when called with implict selfJean Boussier
Work around a Ruby bug that can cause a VM crash.
This would happen if using
TaggerLogger
with a Procformatter on which you called
object_id
.Jean Boussier
Fix
ActiveSupport::Notifications.publish_event
to preserve units.This solves the incorrect reporting of time spent running Active Record
asynchronous queries (by a factor
1000
).Jean Boussier
Active Model
Active Record
Allow to eager load nested nil associations.
fatkodima
Fix
create_table
with:auto_increment
option for MySQL adapter.fatkodima
Don't load has_one associations during autosave.
Eugene Kenny
Fix migration ordering for
bin/rails db:prepare
across databases.fatkodima
Fix
alias_attribute
to ignore methods defined in parent classes.Jean Boussier
Fix a performance regression in attribute methods.
Jean Boussier
Fix Active Record configs variable shadowing.
Joel Lubrano
Fix running migrations on other databases when
database_tasks: false
on primary.fatkodima
Fix non-partial inserts for models with composite identity primary keys.
fatkodima
Fix
ActiveRecord::Relation#touch_all
with custom attribute aliased as attribute for update.fatkodima
Fix a crash when an Executor wrapped fork exit.
Joé Dupuis
Fix
destroy_async
job for owners with composite primary keys.fatkodima
Ensure pre-7.1 migrations use legacy index names when using
rename_table
.fatkodima
Allow
primary_key:
association option to be composite.Nikita Vasilevsky
Do not try to alias on key update when raw SQL is supplied.
Gabriel Amaral
Memoize
key_provider
fromkey
or deterministickey_provider
if any.Rosa Gutierrez
Fix
upsert
warning for MySQL.fatkodima
Fix predicate builder for polymorphic models referencing models with composite primary keys.
fatkodima
Fix
update_all/delete_all
on CPK model relation with join subquery.Nikita Vasilevsky
Remove memoization to accept
key_provider
overridden bywith_encryption_context
.John Hawthorn
Raise error for Trilogy when prepared_statements is true.
Trilogy doesn't currently support prepared statements. The error that
applications would see is a
StatementInvalid
error. This doesn't quite pointyou to the fact this isn't supported. So raise a more appropriate error
pointing to what to change.
Eileen M. Uchitelle
Fix loading schema cache when all databases have disabled database tasks.
fatkodima
Always request
primary_key
inRETURNING
if no other columns requested.Nikita Vasilevsky
Handle records being loaded with Marshal without triggering schema load
When using the old marshalling format for Active Record and loading
a serialized instance, it didn't trigger loading the schema and defining
attribute methods.
Jean Boussier
Prevent some constant redefinition warnings when defining
inherited
on models.Adrian Hirt
Fix a memory perfomance regression in attribute methods.
Attribute methods used much more memory and were slower to define than
they should have been.
Jean Boussier
Fix an issue that could cause database connection leaks.
If Active Record successfully connected to the database, but then failed
to read the server informations, the connection would be leaked until the
Ruby garbage collector triggers.
Jean Boussier
Fix an issue where the IDs reader method did not return expected results
for preloaded associations in models using composite primary keys.
Jay Ang
PostgreSQL
Cidr#change?
detects the address prefix change.Taketo Takashima
Fix Active Record serialization to not include instantiated but not loaded associations
Jean Boussier, Ben Kyriakou
Allow
Sqlite3Adapter
to usesqlite3
gem version2.x
Mike Dalessio
Strict loading using
:n_plus_one_only
does not eagerly load child associations.With this change, child associations are no longer eagerly loaded, to
match intended behavior and to prevent non-deterministic order issues caused
by calling methods like
first
orlast
. Asfirst
andlast
don't causean N+1 by themselves, calling child associations will no longer raise.
Fixes #49473.
Before:
SELECT * FROM posts WHERE person_id = 1; -- non-deterministic order
SELECT * FROM posts WHERE person_id = 1 ORDER BY id LIMIT 1;
Using
Model.query_constraints
with a single non-primary-key column used to raise as expected, but with anincorrect error message. This has been fixed to raise with a more appropriate error message.
Joshua Young
Fix
has_one
association autosave setting the foreign key attribute when it is unchanged.This behaviour is also inconsistent with autosaving
belongs_to
and can have unintended side effects like raisingan
ActiveRecord::ReadonlyAttributeError
when the foreign key attribute is marked as read-only.Joshua Young
Fix an issue where
ActiveRecord::Encryption
configurations are not ready before the loadingof Active Record models, when an application is eager loaded. As a result, encrypted attributes
could be misconfigured in some cases.
Maxime Réty
Properly synchronize
Mysql2Adapter#active?
andTrilogyAdapter#active?
As well as
disconnect!
andverify!
.This generally isn't a big problem as connections must not be shared between
threads, but is required when running transactional tests or system tests
and could lead to a SEGV.
Jean Boussier
Fix counter caches when the foreign key is composite.
If the model holding the counter cache had a composite primary key,
inserting a dependent record would fail with an
ArgumentError
Expected corresponding value for...
fatkodima
Fix loading of schema cache for multiple databases.
Before this change, if you have multiple databases configured in your
application, and had schema cache present, Rails would load the same
cache to all databases.
Rafael Mendonça França
Fix eager loading of composite primary key associations.
relation.eager_load(:other_model)
could load the wrong records ifother_model
had a composite primary key.
Nikita Vasilevsky
Fix async queries returning a doubly wrapped result when hitting the query cache.
fatkodima
Fix single quote escapes on default generated MySQL columns
MySQL 5.7.5+ supports generated columns, which can be used to create a column that is computed from an expression.
Previously, the schema dump would output a string with double escapes for generated columns with single quotes in the default expression.
This would result in issues when importing the schema on a fresh instance of a MySQL database.
Now, the string will not be escaped and will be valid Ruby upon importing of the schema.
Yash Kapadia
Fix Migrations with versions older than 7.1 validating options given to
t.references
.Hartley McGuire
Action View
Action View Test Case
rendered
memoization.Sean Doyle
Restore the ability for templates to return any kind of object and not just strings
Jean Boussier
Fix threading issue with strict locals.
Robert Fletcher
Action Pack
Resolve deprecation warning in latest
selenium-webdriver
.Earlopain
Don't preload Selenium browser when remote.
Noah Horton
Fix crash for invalid Content-Type in ShowExceptions middleware.
Earlopain
Fix inconsistent results of
params.deep_transform_keys
.Iago Pimenta
Do not report rendered errors except 500.
Nikita Vasilevsky
Improve routes source location detection.
Jean Boussier
Fix
Request#raw_post
raisingNoMethodError
whenrack.input
isnil
.Hartley McGuire
Fix url generation in nested engine when script name is empty.
zzak
Fix
Mime::Type.parse
handling type parameters for HTTP Accept headers.Taylor Chaparro
Fix the error page that is displayed when a view template is missing to account for nested controller paths in the
suggested correct location for the missing template.
Joshua Young
Fix a regression in 7.1.3 passing a
to:
option without a controller when the controller is already defined by a scope.Étienne Barrié
Fix
ActionDispatch::Executor
middleware to report errors handled byActionDispatch::ShowExceptions
In the default production environment,
ShowExceptions
rescues uncaught errorsand returns a response. Because of this the executor wouldn't report production
errors with the default Rails configuration.
Jean Boussier
Active Job
Register autoload for
ActiveJob::Arguments
.Rafael Mendonça França
Action Mailer
Action Cable
Active Storage
Fixes race condition for multiple preprocessed video variants.
Justin Searls
Action Mailbox
Action Text
Strip
content
attribute if the key is present but the value is emptyJeremy Green
Only sanitize
content
attribute when present in attachments.Petrik de Heus
Railties
Preserve
--asset-pipeline propshaft
when runningapp:update
.Zacharias Knudsen
Allow string keys for SQLCommenter.
Ngan Pham
Fix derived foreign key to return correctly when association id is part of query constraints.
Varun Sharma
Show warning for
secret_key_base
in development too.fatkodima
Fix sanitizer vendor configuration in 7.1 defaults.
In apps where
rails-html-sanitizer
was not eagerly loaded, the sanitizer default could end upbeing Rails::HTML4::Sanitizer when it should be set to
Rails::HTML5::Sanitizer
.Mike Dalessio, Rafael Mendonça França
Revert the use of
Concurrent.physical_processor_count
in default Puma configWhile for many people this saves one config to set, for many others using
a shared hosting solution, this cause the default configuration to spawn
way more workers than reasonable.
There is unfortunately no reliable way to detect how many cores an application
can realistically use, and even then, assuming the application should use
all the machine resources is often wrong.
Jean Boussier
Configuration
📅 Schedule: Branch creation - "* 0-4,22-23 * * 1-5,* * * * 0,6" in timezone Europe/London, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.