Aug 02, 2019 app error: Missing `secretkeybase` for 'production' environment, set this value in `config/secrets.yml` (RuntimeError) - secretkeybase. Upgrading Ruby on Rails. Use rake secret to generate new keys for the. If you leave your existing secrettoken in place and add the new secretkeybase. With this gem you can generate a new secret key base for rails, directly written to config/secrets.yml by capistrano. Installation Add this line to your application's Gemfile. Apr 28, 2016 An Introduction to Using JWT Authentication in Rails With the advent of Single Page Applications (SPA) and mobile applications, APIs have come to the forefront of web development. Jan 31, 2020 Generate a new secret by running rake secret copy the output; Run rails credentials:edit -environment production and enter the value from step 1 as the value of the secretkeybase key in the file. Make sure RAILSMASTERKEY is passed in as a variable to your container. This is used by Rails to decrypt production.yml.enc file.
If you're upgrading an existing application, it's a great idea to have good testcoverage before going in. You should also first upgrade to Rails 4.0 in case youhaven't and make sure your application still runs as expected before attemptingan update to Rails 4.1. A list of things to watch out for when upgrading isavailable in theUpgrading Ruby on Railsguide.
Spring is a Rails application preloader. It speeds up development by keepingyour application running in the background so you don't need to boot it everytime you run a test, rake task or migration.
New Rails 4.1 applications will ship with 'springified' binstubs. This meansthat bin/rails
and bin/rake
will automatically take advantage of preloadedspring environments.
Running rake tasks:
Running a Rails command:
Spring introspection:
Have a look at theSpring README tosee all available features.
See the Upgrading Ruby on Railsguide on how to migrate existing applications to use this feature.
config/secrets.yml
Rails 4.1 generates a new secrets.yml
file in the config
folder. By default,this file contains the application's secret_key_base
, but it could also beused to store other secrets such as access keys for external APIs.
The secrets added to this file are accessible via Rails.application.secrets
.For example, with the following config/secrets.yml
:
Rails.application.secrets.some_api_key
returns SOMEKEY
in the developmentenvironment.
See the Upgrading Ruby on Railsguide on how to migrate existing applications to use this feature.
We often want to render different HTML/JSON/XML templates for phones,tablets, and desktop browsers. Variants make it easy.
The request variant is a specialization of the request format, like :tablet
,:phone
, or :desktop
.
You can set the variant in a before_action
:
Respond to variants in the action just like you respond to formats:
Provide separate templates for each format and variant:
You can also simplify the variants definition using the inline syntax:
Action Mailer previews provide a way to see how emails look by visitinga special URL that renders them.
You implement a preview class whose methods return the mail object you'd liketo check:
The preview is available in http://localhost:3000/rails/mailers/notifier/welcome,and a list of them in http://localhost:3000/rails/mailers.
By default, these preview classes live in test/mailers/previews
.This can be configured using the preview_path
option.
See itsdocumentationfor a detailed write up.
Declare an enum attribute where the values map to integers in the database, butcan be queried by name.
See itsdocumentationfor a detailed write up.
Message verifiers can be used to generate and verify signed messages. This canbe useful to safely transport sensitive data like remember-me tokens andfriends.
The method Rails.application.message_verifier
returns a new message verifierthat signs messages with a key derived from secret_key_base and the givenmessage verifier name:
A natural, low-ceremony way to separate responsibilities within a class:
This example is equivalent to defining a EventTracking
module inline,extending it with ActiveSupport::Concern
, then mixing it in to theTodo
class.
See itsdocumentationfor a detailed write up and the intended use cases.
<script>
tagsCross-site request forgery (CSRF) protection now covers GET requests withJavaScript responses, too. That prevents a third-party site from referencingyour JavaScript URL and attempting to run it to extract sensitive data.
This means any of your tests that hit .js
URLs will now fail CSRF protectionunless they use xhr
. Upgrade your tests to be explicit about expectingXmlHttpRequests. Instead of post :create, format: :js
, switch to the explicitxhr :post, :create, format: :js
.
Please refer to theChangelogfor detailed changes.
Removed update:application_controller
rake task.
Removed deprecated Rails.application.railties.engines
.
Removed deprecated threadsafe!
from Rails Config.
Removed deprecated ActiveRecord::Generators::ActiveModel#update_attributes
infavor of ActiveRecord::Generators::ActiveModel#update
.
Removed deprecated config.whiny_nils
option.
Removed deprecated rake tasks for running tests: rake test:uncommitted
andrake test:recent
.
The Spring applicationpreloader is now installedby default for new applications. It uses the development group ofthe Gemfile
, so will not be installed inproduction. (Pull Request)
BACKTRACE
environment variable to show unfiltered backtraces for testfailures. (Commit)
Exposed MiddlewareStack#unshift
to environmentconfiguration. (Pull Request)
Added Application#message_verifier
method to return a messageverifier. (Pull Request)
The test_help.rb
file which is required by the default generated testhelper will automatically keep your test database up-to-date withdb/schema.rb
(or db/structure.sql
). It raises an error ifreloading the schema does not resolve all pending migrations. Opt outwith config.active_record.maintain_test_schema = false
. (PullRequest)
Introduce Rails.gem_version
as a convenience method to returnGem::Version.new(Rails.version)
, suggesting a more reliable way to performversion comparison. (Pull Request)
Please refer to theChangelogfor detailed changes.
Removed deprecated Rails application fallback for integration testing, setActionDispatch.test_app
instead.
Removed deprecated page_cache_extension
config.
Removed deprecated ActionController::RecordIdentifier
, useActionView::RecordIdentifier
instead.
Removed deprecated constants from Action Controller:
Removed | Successor |
---|---|
ActionController::AbstractRequest | ActionDispatch::Request |
ActionController::Request | ActionDispatch::Request |
ActionController::AbstractResponse | ActionDispatch::Response |
ActionController::Response | ActionDispatch::Response |
ActionController::Routing | ActionDispatch::Routing |
ActionController::Integration | ActionDispatch::Integration |
ActionController::IntegrationTest | ActionDispatch::IntegrationTest |
protect_from_forgery
also prevents cross-origin <script>
tags.Update your tests to use xhr :get, :foo, format: :js
instead ofget :foo, format: :js
.(Pull Request)
#url_for
takes a hash with options inside anarray. (Pull Request)
Added session#fetch
method fetch behaves similarly toHash#fetch,with the exception that the returned value is always saved into thesession. (Pull Request)
Separated Action View completely from ActionPack. (Pull Request)
Log which keys were affected by deepmunge. (Pull Request)
New config option config.action_dispatch.perform_deep_munge
to opt out ofparams 'deep munging' that was used to address security vulnerabilityCVE-2013-0155. (Pull Request)
New config option config.action_dispatch.cookies_serializer
for specifying aserializer for the signed and encrypted cookie jars. (Pull Requests1,2 /More Details)
Added render :plain
, render :html
and render:body
. (Pull Request /More Details)
Please refer to theChangelogfor detailed changes.
Added mailer previews feature based on 37 Signals mail_viewgem. (Commit)
Instrument the generation of Action Mailer messages. The time it takes togenerate a message is written to the log. (Pull Request)
Please refer to theChangelogfor detailed changes.
Removed deprecated nil-passing to the following SchemaCache
methods:primary_keys
, tables
, columns
and columns_hash
.
Removed deprecated block filter from ActiveRecord::Migrator#migrate
.
Removed deprecated String constructor from ActiveRecord::Migrator
.
Removed deprecated scope
use without passing a callable object.
Removed deprecated transaction_joinable=
in favor of begin_transaction
with a :joinable
option.
Removed deprecated decrement_open_transactions
.
Removed deprecated increment_open_transactions
.
Removed deprecated PostgreSQLAdapter#outside_transaction?
method. You can use #transaction_open?
instead.
Removed deprecated ActiveRecord::Fixtures.find_table_name
in favor ofActiveRecord::Fixtures.default_fixture_model_name
.
Removed deprecated columns_for_remove
from SchemaStatements
.
Removed deprecated SchemaStatements#distinct
.
Moved deprecated ActiveRecord::TestCase
into the Rails testsuite. The class is no longer public and is only used for internalRails tests.
Removed support for deprecated option :restrict
for :dependent
in associations.
Removed support for deprecated :delete_sql
, :insert_sql
, :finder_sql
and :counter_sql
options in associations.
Removed deprecated method type_cast_code
from Column.
Removed deprecated ActiveRecord::Base#connection
method.Make sure to access it via the class.
Removed deprecation warning for auto_explain_threshold_in_seconds
.
Removed deprecated :distinct
option from Relation#count
.
Removed deprecated methods partial_updates
, partial_updates?
andpartial_updates=
.
Removed deprecated method scoped
.
Removed deprecated method default_scopes?
.
Remove implicit join references that were deprecated in 4.0.
Removed activerecord-deprecated_finders
as a dependency.Please see the gem READMEfor more info.
Removed usage of implicit_readonly
. Please use readonly
methodexplicitly to mark records asreadonly
. (Pull Request)
Deprecated quoted_locking_column
method, which isn't used anywhere.
Deprecated ConnectionAdapters::SchemaStatements#distinct
,as it is no longer used by internals. (Pull Request)
Deprecated rake db:test:*
tasks as the test database is nowautomatically maintained. See railties release notes. (PullRequest)
Deprecate unused ActiveRecord::Base.symbolized_base_class
and ActiveRecord::Base.symbolized_sti_name
withoutreplacement. Commit
Before this change when you defined a default_scope
in a model it was overridden by chained conditions in the same field. Now it is merged like any other scope. More Details.
Added ActiveRecord::Base.to_param
for convenient 'pretty' URLs derived froma model's attribute ormethod. (Pull Request)
Added ActiveRecord::Base.no_touching
, which allows ignoring touch onmodels. (Pull Request)
Unify boolean type casting for MysqlAdapter
and Mysql2Adapter
.type_cast
will return 1
for true
and 0
for false
. (Pull Request)
.unscope
now removes conditions specified indefault_scope
. (Commit)
Added ActiveRecord::QueryMethods#rewhere
which will overwrite an existing,named where condition. (Commit)
Extended ActiveRecord::Base#cache_key
to take an optional list of timestampattributes of which the highest will be used. (Commit)
Added ActiveRecord::Base#enum
for declaring enum attributes where the valuesmap to integers in the database, but can be queried byname. (Commit)
Type cast json values on write, so that the value is consistent with readingfrom the database. (Pull Request)
Type cast hstore values on write, so that the value is consistentwith reading from the database. (Commit)
Make next_migration_number
accessible for third partygenerators. (Pull Request)
Calling update_attributes
will now throw an ArgumentError
whenever itgets a nil
argument. More specifically, it will throw an error if theargument that it gets passed does not respond to tostringify_keys
. (Pull Request)
CollectionAssociation#first
/#last
(e.g. has_many
) use a LIMIT
edquery to fetch results rather than loading the entirecollection. (Pull Request)
inspect
on Active Record model classes does not initiate a newconnection. This means that calling inspect
, when the database is missing,will no longer raise an exception. (Pull Request)
Removed column restrictions for count
, let the database raise if the SQL isinvalid. (Pull Request)
Rails now automatically detects inverse associations. If you do not set the:inverse_of
option on the association, then Active Record will guess theinverse association based on heuristics. (Pull Request)
Handle aliased attributes in ActiveRecord::Relation. When using symbol keys,ActiveRecord will now translate aliased attribute names to the actual columnname used in the database. (Pull Request)
The ERB in fixture files is no longer evaluated in the context of the mainobject. Helper methods used by multiple fixtures should be defined on modulesincluded in ActiveRecord::FixtureSet.context_class
. (Pull Request)
Don't create or drop the test database if RAILS_ENV is specifiedexplicitly. (Pull Request)
Relation
no longer has mutator methods like #map!
and #delete_if
. Convertto an Array
by calling #to_a
before using these methods. (Pull Request)
find_in_batches
, find_each
, Result#each
and Enumerable#index_by
nowreturn an Enumerator
that can calculate itssize. (Pull Request)
scope
, enum
and Associations now raise on 'dangerous' nameconflicts. (Pull Request,Pull Request)
second
through fifth
methods act like the first
finder. (Pull Request)
Make touch
fire the after_commit
and after_rollback
callbacks. (Pull Request)
Enable partial indexes for sqlite >= 3.8.0
.(Pull Request)
Make change_column_null
revertible. (Commit)
Added a flag to disable schema dump after migration. Eset nod32 antivirus serial key generator. This is set to false
by default in the production environment for new applications.(Pull Request)
Please refer to theChangelogfor detailed changes.
Validator#setup
. This should be done manually now in thevalidator's constructor. (Commit)Added new API methods reset_changes
and changes_applied
toActiveModel::Dirty
that control changes state.
Ability to specify multiple contexts when defining avalidation. (Pull Request)
attribute_changed?
now accepts a hash to check if the attribute was changed:from
and/or :to
a givenvalue. (Pull Request)
Please refer to theChangelogfor detailed changes.
Removed MultiJSON
dependency. As a result, ActiveSupport::JSON.decode
no longer accepts an options hash for MultiJSON
. (Pull Request / More Details)
Removed support for the encode_json
hook used for encoding custom objects intoJSON. This feature has been extracted into the activesupport-json_encodergem.(Related Pull Request /More Details)
Removed deprecated ActiveSupport::JSON::Variable
with no replacement.
Removed deprecated String#encoding_aware?
core extensions (core_ext/string/encoding
).
Removed deprecated Module#local_constant_names
in favor of Module#local_constants
.
Removed deprecated DateTime.local_offset
in favor of DateTime.civil_from_format
.
Removed deprecated Logger
core extensions (core_ext/logger.rb
).
Removed deprecated Time#time_with_datetime_fallback
, Time#utc_time
andTime#local_time
in favor of Time#utc
and Time#local
.
Removed deprecated Hash#diff
with no replacement.
Removed deprecated Date#to_time_in_current_zone
in favor of Date#in_time_zone
.
Removed deprecated Proc#bind
with no replacement.
Removed deprecated Array#uniq_by
and Array#uniq_by!
, use nativeArray#uniq
and Array#uniq!
instead.
Removed deprecated ActiveSupport::BasicObject
, useActiveSupport::ProxyObject
instead.
Removed deprecated BufferedLogger
, use ActiveSupport::Logger
instead.
Removed deprecated assert_present
and assert_blank
methods, use assertobject.blank?
and assert object.present?
instead.
Remove deprecated #filter
method for filter objects, use the correspondingmethod instead (e.g. #before
for a before filter).
Removed 'cow' => 'kine' irregular inflection from defaultinflections. (Commit)
Deprecated Numeric#{ago,until,since,from_now}
, the user is expected toexplicitly convert the value into an AS::Duration, i.e. 5.ago
=> 5.seconds.ago
(Pull Request)
Deprecated the require path active_support/core_ext/object/to_json
. Requireactive_support/core_ext/object/json
instead. (Pull Request)
Deprecated ActiveSupport::JSON::Encoding::CircularReferenceError
. This featurehas been extracted into the activesupport-json_encodergem.(Pull Request /More Details)
Deprecated ActiveSupport.encode_big_decimal_as_string
option. This feature hasbeen extracted into the activesupport-json_encodergem.(Pull Request /More Details)
Deprecate custom BigDecimal
serialization. (Pull Request)
ActiveSupport
's JSON encoder has been rewritten to take advantage of theJSON gem rather than doing custom encoding in pure-Ruby.(Pull Request /More Details)
Improved compatibility with the JSON gem.(Pull Request /More Details)
Added ActiveSupport::Testing::TimeHelpers#travel
and #travel_to
. Thesemethods change current time to the given time or duration by stubbingTime.now
and Date.today
.
Added ActiveSupport::Testing::TimeHelpers#travel_back
. This method returnsthe current time to the original state, by removing the stubs added by travel
and travel_to
. (Pull Request)
Added Numeric#in_milliseconds
, like 1.hour.in_milliseconds
, so we can feedthem to JavaScript functions likegetTime()
. (Commit)
Added Date#middle_of_day
, DateTime#middle_of_day
and Time#middle_of_day
methods. Also added midday
, noon
, at_midday
, at_noon
andat_middle_of_day
asaliases. (Pull Request)
Added Date#all_week/month/quarter/year
for generating dateranges. (Pull Request)
Added Time.zone.yesterday
andTime.zone.tomorrow
. (Pull Request)
Added String#remove(pattern)
as a short-hand for the common pattern ofString#gsub(pattern,')
. (Commit)
Added Hash#compact
and Hash#compact!
for removing items with nil valuefrom hash. (Pull Request)
blank?
and present?
commit to returnsingletons. (Commit)
Default the new I18n.enforce_available_locales
config to true
, meaningI18n
will make sure that all locales passed to it must be declared in theavailable_locales
list. (Pull Request)
Introduce Module#concerning
: a natural, low-ceremony way to separateresponsibilities within aclass. (Commit)
Added Object#presence_in
to simplify adding values to a permitted list.(Commit)
See thefull list of contributors to Rails forthe many people who spent many hours making Rails, the stable and robustframework it is. Kudos to all of them.
You're encouraged to help improve the quality of this guide.
Please contribute if you see any typos or factual errors. To get started, you can read our documentation contributions section.
You may also find incomplete content or stuff that is not up to date. Please do add any missing documentation for master. Make sure to check Edge Guides first to verify if the issues are already fixed or not on the master branch. Check the Ruby on Rails Guides Guidelines for style and conventions.
If for whatever reason you spot something to fix but cannot patch it yourself, please open an issue.
And last but not least, any kind of discussion regarding Ruby on Rails documentation is very welcome on the rubyonrails-docs mailing list.