Rails 2.2: i18n, HTTP validators, thread safety, JRuby/1.9 compatibility, docs

Posted by David November 21, 2008 @ 05:22 PM

Rails 2.2 is finally done after we cleared the last issues from the release candidate program. This release contains an long list of fixes, improvements, and additions that’ll make everything Rails smoother and better, but we also have a number of star player features to parade this time.

Internationalization by default
The most important is that Rails now includes a full-on internationalization framework and that it’s pre-wired from start. The work of the i18n group has been very impressive and it’s great to see that Rails finally ships with a solution in the box that’s both simple and extensible. Great job, guys!

Stronger etag and last-modified support
We’ve also added much better support for HTTP validators in the form of etag and last-modified. Making it so much easier to skip expensive procesesing if the client already has the latest stuff. This also makes it even easier to use Rails with gateway proxies.

Thread safety and a connection pool
Josh Peek has added thread safety to Rails and Nick Sieger from JRuby worked on getting Active Record a proper connection pool. So now all elements of Rails are thread safe, which is a big boon for the JRuby guys in particular. For C Ruby, we still need a bunch of dependent libraries to go non-blocking before it’ll make much of a difference, but work on that is forth coming.

Ruby 1.9 and JRuby compatibility
Jeremy Kemper has been rocking on both Ruby 1.9 and JRuby compatibility. Rails 2.2 is fully compatible with both, but again, there might be supporting libraries and gems that are not. Again, lots of work is going into making everything else fully compatible as well.

Better API docs, great guides
Finally, the last big push has been with the documentation of Rails. Pratik’s docrails project has made immense progress. Not only are the API docs much improved, but we also have a whole new guides section generated from documentation that now lives with the source. A true community project with lots of contributors. I’m sure both those new and old to Rails will greatly appreciate the strong focus on documentation.

To read about all these features and more in details, checkout the Rails 2.2 release notes—another one of those guides from the docrails project.

How to install
As always, you can install Rails 2.2 through RubyGems. We now require RubyGems 1.3.1, so be sure to update that first: gem update --system

Then you can install Rails: gem install rails

If you’re updating an existing application, you can run rake rails:update to get the latest JavaScript files and scripts.

From all of us to all of you, we hope you enjoy this release. It’s a true pleasure to see Rails make such big steps forward once again. Dig in, have fun, and we’ll be back with Rails 2.3 with even more before you know it.

Posted in Releases  | 96 comments

Rails 2.2 RC2: Last stop before final

Posted by David November 14, 2008 @ 03:55 PM

Rails 2.2 has been baking for long enough now. This is the last taste before the goodies are served. So please install and check it out. See if you can find any regressions or bugs in any of the new stuff, so we can have it all delicious by the time we ring the dinner bell (ok, ok, I’ll put down the food metaphor now).

This release also conciedes with the fact that we’ve branches 2-2-stable, which means that master is now actually targeting Rails 2.3/3.0. There’s also a tag available for this RC as v2.2.1.

If you missed RC1, have a look at the Rails 2.2 release notes to see the major additions. You can see what’s new since RC1 in these two This Week in Edge Rails.

To install, you must first have RubyGems 1.3.1:
gem update --system.

Then you can:
gem install rails -s http://gems.rubyonrails.org

Enjoy!

Posted in Releases  | 33 comments

Rails 2.2 RC1: i18n, thread safety, docs, etag/last-modified, JRuby/1.9 compatibility

Posted by David October 24, 2008 @ 12:47 PM

Rails 2.2 is almost ready for its final release, but before we christen the gems, we’d like to have everyone test out a release candidate. Rails 2.2 is a major upgrade that includes a wealth of new features and fixes.

Chief inclusions are an internationalization framework, thread safety (including a connection pool for Active Record), easier access to HTTP caching with etags and last modified, compatibility with Ruby 1.9 and JRuby, and a wealth of new documentation.

Mike Gunderloy has compiled an exhaustive list and walk-through of many of the interesting new features for the Rails 2.2 release notes.

To help test the Rails 2.2 release candidate, please install with:
gem install rails -s http://gems.rubyonrails.org -v 2.2.0

Hopefully there will not be too much folly in the RC and we can quickly move to a final release. But it requires your help to get there.

Note that this release is called 2.2.0, not 2.1.99 as our previous naming scheme would have dictated. So the final release of Rails 2.2 will actually be 2.2.1 (if we only need one RC).

Posted in Releases  | 50 comments

Rails 2.1.2: Security, other fixes

Posted by David October 23, 2008 @ 06:21 PM

Rails 2.1.2 includes the same two security fixes that we pushed out for 2.0.x recently. We’re talking about a backport of the offset/limit sanitization fix for Active Record and a fix against header-injection when using user-contributed strings in redirect_to (see Response Splitting for more information).

In addition, Rails 2.1.2 fixes the warning that users of RubyGems 1.3.0 were having with script/generate as well as a range of other minor fixes. Enjoy!

As always, you can install with:
gem install rails --version 2.1.2

Posted in Releases  | 23 comments

Rails 2.0.5: Security fixes

Posted by David October 19, 2008 @ 10:08 PM

Time for another small security fix for Rails 2.0.x. The 2.0.5 release contains just two changes: A backport of the offset/limit sanitization fix for Active Record and a fix against header-injection when using user-contributed strings in redirect_to (see Response Splitting for more information).

As always, you can install with:
gem install rails --version 2.0.5

Posted in Releases  | 4 comments

Rails 2.1.1: Lots of bug fixes

Posted by David September 05, 2008 @ 09:19 AM

Rails 2.1.1 is another maintenance release that includes a bunch of bug fixes and a fix for the REXML vulnerability. I’ve extracted all the changes from the CHANGELOGs into a single Gist. Enjoy!

To install, just do: gem install rails --version 2.1.1.

Next upcoming release will be Rails 2.2 beta which is quite close.

Posted in Releases  | 22 comments

Rails 2.0.4: Maintenance release

Posted by David September 03, 2008 @ 09:43 AM

Thanks to Git it’s been a lot easier to maintain older branches of the code base, so we’ve taken the opportunity to backport a bunch of bug fixes to the 2.0 branch and here’s the release for that.

The only major issue is that we’ve fixed the REXML DoS vulnerability with a monkey patch that ships in the box. So if you’re on 2.0 and haven’t dealt with the issue already, you can upgrade to 2.0.4 and get it fixed.

You can install with: gem install rails --version 2.0.4

See all the changes

UPDATE: The actual 2.0.4 gem didn’t get published yesterday due to a bug in the release script. It’s been fixed and 2.0.4 is actually available on the main gem repository. Sorry about that!

Posted in Releases  | 14 comments

Capistrano 2.4.0

Posted by jamis June 13, 2008 @ 05:14 PM

Capistrano 2.4.0 is now available. Capistrano is the deployment tool of choice for many Rails programmers, but can be used for much more, allowing you to automate remote tasks using a simple task-oriented framework in Ruby.

Install it via RubyGems:

  gem install capistrano

You can read the entire release announcement on Jamis Buck’s weblog.

Posted in Releases  | 0 comments

Rails 2.1: Time zones, dirty, caching, gem dependencies, caching, etc

Posted by David June 01, 2008 @ 02:12 AM

Rails 2.1 is now available for general consumption with all the features and fixes we’ve been putting in over the last six months since 2.0. This has been a huge effort by a very wide range of contributors helping to make it happen.

Over the past six months, we’ve had 1,400 contributors creating patches and vetting them. This has resulted in 1,600+ patches. A truly staggering number. And lots of that has made it into this release.

New features
The new major features are:

Thanks to Ryan Daigle for the feature introductions and Ryan Bates for the Railscasts. It makes writing the release notes so much easier :).

As always, you can install with:

gem install rails

...or you can use the Git tag for 2.1.0.

Enjoy!

Posted in Releases  | 87 comments

Rails 2.1 release candidate is imminent!

Posted by David April 30, 2008 @ 10:23 PM

Threat level orange, guys! The release candidate for Rails 2.1 is drawing awfully close, so if you’ve been sitting on a patch that just must make it in now is the time to rise hell or high water to make it so. Once we cut the release candidate, we’ll be loathe to introduce anything but bug fixes to the features already there.

So get in your saddle, cowboy, and make that patch happen. Remember that the party has moved to Github and Lighthouse. Giddiyap!

Posted in Releases  | 25 comments

Capistrano 2.2.0

Posted by jamis February 28, 2008 @ 04:15 AM

Capistrano is a utility for managing remote servers and automating remote tasks. It is popularly used to deploy Rails applications (but can do oh, so much more!). Version 2.2.0 is now available (well, it’s released, anyway, you might need to wait for the file to propagate to the gem mirrors).

gem install capistrano

Version 2.2.0 sports the following changes:

FEATURE: Dynamic role definition. The role() method now accepts a block, which should return either a host name, a Capistrano::ServerDefinition object, an array of host names, or an array of Capistrano::ServerDefinition objects. This can be used to describe the servers in a role at runtime.

role :app do
  hosts = some_method_that_looks_up_the_current_hosts
  hosts[0,3]
end

FEATURE: Alternative server-centric role definitions, using the server() method:

role :app, "server" 
role :web, "server" 

# the above is the same as this:
server "server", :app, :web

FEATURE: Support for a :max_hosts option in tasks, that restricts the task so that it is only executed in hosts at a time, in chunks. This helps people who use Capistrano with very large numbers of servers, and prevents them running into connection caps and from running out of memory.

task :ping, :max_hosts => 100 do
  # anything here will only run against 100 hosts at a time
end

# alternatively, you can pass :max_hosts to the run command itself for
# finer granularity
task :pong do
  # this will run on ALL hosts at once
  run "something" 

  # this will run on no more than 100 hosts at a time
  run "something-else", :max_hosts => 100
end

ENHANCEMENT: Improved Git support!

ENHANCEMENT: Password prompt support in the Mercurial SCM.

ENHANCEMENT: Implement Bzr#next_revision so that pending changes can be reported correctly, and use checkout—lightweight instead of branch.

ENHANCEMENT: Bring back the :p4sync_flags and :p4client_root variables for perforce SCM.

Additionally, there are several minor bugs and typos that have been fixed. You can see the CHANGELOG for all the gory details.

As ever, please report bugs via the Rails trac, at http://dev.rubyonrails.org. And if you aren’t yet subscribed to the Capistrano mailing list, it’s where all the cool cappists hang out.

Posted in Releases  | 5 comments

ActiveMerchant 1.3 released

Posted by tobi January 31, 2008 @ 03:37 PM

ActiveMerchant 1.3 has been released. The focus on this latest release was the addition of standardized support for the Address Verification System (AVS) and credit card verification value (CVV2) checks across all gateways which is the latest extraction from Shopify.

AVS information helps reduce fraud by checking the billing address of the customer with the cardholder information on file at the credit card company. CVV2 checks help ensure that the cardholder information has not been stolen from a database of credit card numbers because it is forbidden to record or store CVV2 numbers in any way.

The results of the AVS and CVV2 checks are now available in the response object. ActiveMerchant does all the work of interpreting the information returned from the payment gateways for you and makes the information available in a consistent hash format.

Sample AVS/CVV2 result:


response.avs_result['message']      #=> 
     "Street address and 9-digit postal code match." 

response.cvv_result['message']      #=> 
     "Suspicious Transaction." 

# Details: 
response.avs_result['code']         #=> "X" 
response.avs_result['street_match'] #=> "Y" 
response.avs_result['postal_match'] #=> "Y" 
response.cvv_result['code']    #=> "D"

Other notable improvements with the 1.3 release include:

  • Improved documentation
  • Common interface to AVS / CVV2 results
  • New gateways, including Authorize.net Recurring Billing (ARB)
  • Improved supported feature set of many existing gateways
  • Automatically retry failed connections (when it’s safe)

Coinciding with the 1.3 release of ActiveMerchant is the ActiveMerchant PeepCode PDF by Cody Fauser. The PDF goes over the basics of payment processing, making purchases with ActiveMerchant, and security considerations to keep in mind when processing credit cards in your Rails application. The PDF also walks through the development of a sample Rails application that addresses topics such as order pipelines, order state management and the appropriate unit testing a financial application requires. It is definitely a great read if you are curious about payment processing or require payment processing in your application.

Posted in Releases  | 20 comments

Rails 2.0.2: Some new defaults and a few fixes

Posted by David December 17, 2007 @ 02:47 PM

Now that we have the big Rails 2.0 release out the door, it’s a lot easier to push out smaller updates more frequently. So that’s what we’re going to do. Rails 2.0.2 contains a bunch of smaller fixes to various bugs, no show-stopping action, just further polish. But it also contains a few new defaults.

Read more...

Posted in Releases  | 100 comments

Rails 2.0: It's done!

Posted by David December 07, 2007 @ 03:03 PM

Rails 2.0 is finally finished after about a year in the making. This is a fantastic release that’s absolutely stuffed with great new features, loads of fixes, and an incredible amount of polish. We’ve even taken a fair bit of cruft out to make the whole package more coherent and lean.

What a milestone for Ruby on Rails as well. I’ve personally been working on this framework for about four and a half years and we have contributors who’ve been around for almost as long as well. It’s really satisfying to see how far we’ve come in that period of time. That we’ve proven the initial hype worthy, that we’ve been able to stick with it and continue to push the envelope.

Before jumping into the breakdown of features, I’d just like to extend my deep gratitude towards everyone who helped make this release possible. From the stable of merry men in the Rails core to the hundreds of contributors who got a patch applied to everyone who participated in the community over the year. This release is a triumph for large-scale open source development and you can all be mighty proud of the role you played. Cheers!

With the touchy-feely stuff out of the way, let’s dig into the feast and look at just a sliver of what’s new:

Read more...

Posted in Releases  | 250 comments

Rails 2.0: Release Candidate 2

Posted by David November 29, 2007 @ 05:08 AM

After another batch of fixes, tweaks, and buckets of polish, we’ve prepared the hopefully last step before 2.0 can go final: Release Candidate 2. If nothing major pops up, expect the final version to land within the next week or two at the most.

As usual, we got the latest gems on the gems.rubyonrails.org server and there’s a RC2 tag as well. Please put this final test through the ringer so we can get a clean 2.0.0 final release.

If you haven’t kept up to date on what’s new in 2.0, have a look at the original preview release announcement. The gem version for this release is 1.99.1. Enjoy!

Posted in Releases  | 39 comments

Ruby on Rails was created by David Heinemeier Hansson, a partner at 37signals,
then extended and improved by a core team of committers and hundreds of open-source contributors.

Rails is released under the MIT license. Ruby under the Ruby License.

"Rails", "Ruby on Rails", and the Rails logo are trademarks of David Heinemeier Hansson. All rights reserved.

Sponsored by

 37signals