123456789_123456789_123456789_123456789_123456789_

DO NOT READ THIS FILE ON GITHUB, GUIDES ARE PUBLISHED ON https://guides.rubyonrails.org.

Ruby on Rails 4.1 Release Notes

Highlights in Rails 4.1:

These release notes cover only the major changes. To learn about various bug fixes and changes, please refer to the change logs or check out the list of commits in the main Rails repository on GitHub.


Upgrading to Rails 4.1

If you're upgrading an existing application, it's a great idea to have good test coverage before going in. You should also first upgrade to Rails 4.0 in case you haven't and make sure your application still runs as expected before attempting an update to Rails 4.1. A list of things to watch out for when upgrading is available in the Upgrading Ruby on Rails guide.

Major Features

Spring Application Preloader

Spring is a Rails application preloader. It speeds up development by keeping your application running in the background so you don't need to boot it every time you run a test, rake task or migration.

New Rails 4.1 applications will ship with "springified" binstubs. This means that bin/rails and bin/rake will automatically take advantage of preloaded spring environments.

Running rake tasks:

$ bin/rake test:models

Running a Rails command:

$ bin/rails console

Spring introspection:

$ bin/spring status
Spring is running:

 1182 spring server | my_app | started 29 mins ago
 3656 spring app    | my_app | started 23 secs ago | test mode
 3746 spring app    | my_app | started 10 secs ago | development mode

Have a look at the [Spring README]) to see all available features.

See the Upgrading Ruby on Rails guide on how to migrate existing applications to use this feature.

config/secrets.yml

Rails 4.1 generates a new secrets.yml file in the config folder. By default, this file contains the application's secret_key_base, but it could also be used to store other secrets such as access keys for external APIs.

The secrets added to this file are accessible via Rails.application.secrets. For example, with the following config/secrets.yml:

development:
  secret_key_base: 3b7cd727ee24e8444053437c36cc66c3
  some_api_key: SOMEKEY

Rails.application.secrets.some_api_key returns SOMEKEY in the development environment.

See the Upgrading Ruby on Rails guide on how to migrate existing applications to use this feature.

Action Pack Variants

We often want to render different HTML/JSON/XML templates for phones, tablets, and desktop browsers. Variants make it easy.

The request variant is a specialization of the request format, like :tablet, :phone, or :desktop.

You can set the variant in a before_action:

request.variant = :tablet if request.user_agent =~ /iPad/

Respond to variants in the action just like you respond to formats:

respond_to do |format|
  format.html do |html|
    html.tablet # renders app/views/projects/show.html+tablet.erb
    html.phone { extra_setup; render ... }
  end
end

Provide separate templates for each format and variant:

app/views/projects/show.html.erb
app/views/projects/show.html+tablet.erb
app/views/projects/show.html+phone.erb

You can also simplify the variants definition using the inline syntax:

respond_to do |format|
  format.js         { render "trash" }
  format.html.phone { redirect_to progress_path }
  format.html.none  { render "trash" }
end

Action Mailer Previews

Action Mailer previews provide a way to see how emails look by visiting a special URL that renders them.

You implement a preview class whose methods return the mail object you'd like to check:

class NotifierPreview < ActionMailer::Preview
  def welcome
    Notifier.welcome(User.first)
  end
end

The preview is available in http://localhost:3000/rails/mailers/notifier/welcome, and a list of them in http://localhost:3000/rails/mailers.

By default, these preview classes live in test/mailers/previews. This can be configured using the preview_path option.

See its documentation for a detailed write up.

Active Record enums

Declare an enum attribute where the values map to integers in the database, but can be queried by name.

class Conversation < ActiveRecord::Base
  enum status: [ :active, :archived ]
end

conversation.archived!
conversation.active? # => false
conversation.status  # => "archived"

Conversation.archived # => Relation for all archived Conversations

Conversation.statuses # => { "active" => 0, "archived" => 1 }

See its documentation for a detailed write up.

Message Verifiers

Message verifiers can be used to generate and verify signed messages. This can be useful to safely transport sensitive data like remember-me tokens and friends.

The method Rails.application.message_verifier returns a new message verifier that signs messages with a key derived from secret_key_base and the given message verifier name:

signed_token = Rails.application.message_verifier(:remember_me).generate(token)
Rails.application.message_verifier(:remember_me).verify(signed_token) # => token

Rails.application.message_verifier(:remember_me).verify(tampered_token)
# raises ActiveSupport::MessageVerifier::InvalidSignature

Module#concerning

A natural, low-ceremony way to separate responsibilities within a class:

class Todo < ActiveRecord::Base
  concerning :EventTracking do
    included do
      has_many :events
    end

    def latest_event
      # ...
    end

    private
      def some_internal_method
        # ...
      end
  end
end

This example is equivalent to defining a EventTracking module inline, extending it with ::ActiveSupport::Concern, then mixing it in to the Todo class.

See its documentation for a detailed write up and the intended use cases.

CSRF protection from remote <script> tags

Cross-site request forgery (CSRF) protection now covers GET requests with JavaScript responses, too. That prevents a third-party site from referencing your JavaScript URL and attempting to run it to extract sensitive data.

This means any of your tests that hit .js URLs will now fail CSRF protection unless they use xhr. Upgrade your tests to be explicit about expecting XmlHttpRequests. Instead of post :create, format: :js, switch to the explicit xhr :post, :create, format: :js.

Railties

Please refer to the [Changelog]) for detailed changes.

Removals

Notable changes

Action Pack

Please refer to the [Changelog]) for detailed changes.

Removals

Removed Successor
ActionController::AbstractRequest ActionDispatch::Request
ActionController::Request ActionDispatch::Request
ActionController::AbstractResponse ActionDispatch::Response
ActionController::Response ActionDispatch::Response
ActionController::Routing ActionDispatch::Routing
ActionController::Integration ActionDispatch::Integration
ActionController::IntegrationTest ActionDispatch::IntegrationTest

Notable changes

Action Mailer

Please refer to the [Changelog]) for detailed changes.

Notable changes

Active Record

Please refer to the [Changelog]) for detailed changes.

Removals

Deprecations

Notable changes

Before this change when you defined a default_scope in a model it was overridden by chained conditions in the same field. Now it is merged like any other scope. More Details.

Active Model

Please refer to the [Changelog]) for detailed changes.

Deprecations

Notable changes

Active Support

Please refer to the [Changelog]) for detailed changes.

Removals

Deprecations

Notable changes

Credits

See the full list of contributors to Rails for the many people who spent many hours making Rails, the stable and robust framework it is. Kudos to all of them.