惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Security Affairs
N
News and Events Feed by Topic
T
Tenable Blog
P
Proofpoint News Feed
W
WeLiveSecurity
Simon Willison's Weblog
Simon Willison's Weblog
Google DeepMind News
Google DeepMind News
C
CERT Recently Published Vulnerability Notes
Help Net Security
Help Net Security
I
Intezer
T
Threat Research - Cisco Blogs
S
Secure Thoughts
C
Cyber Attacks, Cyber Crime and Cyber Security
L
Lohrmann on Cybersecurity
AWS News Blog
AWS News Blog
Google Online Security Blog
Google Online Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Project Zero
Project Zero
The Hacker News
The Hacker News
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Tor Project blog
N
News | PayPal Newsroom
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Hacker News - Newest:
Hacker News - Newest: "LLM"
A
Arctic Wolf
Forbes - Security
Forbes - Security
O
OpenAI News
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Latest
Security Latest
P
Palo Alto Networks Blog
S
Schneier on Security
S
Securelist
C
Cybersecurity and Infrastructure Security Agency CISA
H
Heimdal Security Blog
V
Vulnerabilities – Threatpost
www.infosecurity-magazine.com
www.infosecurity-magazine.com
博客园_首页
T
Troy Hunt's Blog
Latest news
Latest news
Recent Announcements
Recent Announcements
MyScale Blog
MyScale Blog
人人都是产品经理
人人都是产品经理
L
LINUX DO - 热门话题
M
MIT News - Artificial intelligence
N
Netflix TechBlog - Medium
V
Visual Studio Blog
H
Hacker News: Front Page

Ruby on Rails: Compress the complexity of modern web apps

Safer to_i coercion, custom to_fs formats, and more! This Week in Rails: May 16, 2026 This Week in Rails: May 8, 2026 This Week in Rails: May 1, 2026 Active Record gets better every week Great big Rails World 2026 update: CFP, Corporate Support tickets, workshops Query command for database queries and more Explicit query: and body: kwargs for integration tests and more! Speedup ActiveRecord::LogSubscriber#sql_color and more! This Week in Rails: March 27, 2026 Rails Versions 8.0.5 and 8.1.3 have been released! Rails Versions 7.2.3.1, 8.0.4.1, and 8.1.2.1 have been released! This Week in Rails: March 20, 2026 Validate URI scheme in Action Text and more This Week in Rails: March 6, 2026 Planning Center is the newest Rails Foundation Contributing member Action Text gets Markdown conversion, editor links in devcontainers, and more! BARRA seeks Rails developer Joe Agliozzo is looking for a Rails developer The rise of lighttpd as the alternative web server When longer is better and more is more Snowdevil: First e-tailer on Rails Natural selection for frameworks in Ruby vs Java Address book tutorial in Portuguese Becoming a better programmer with Rails 10 Things Every Java Programmer Should Know About Ruby Really Getting Started in Rails Off the Treadmill, Onto the Rails Rails 0.9.5: A world of fixes and tweaks Rich clients with Rails and XUL Pedrosa on Rails vs WebWork: 'Language DOES matter' 'Ruby on Rails is unbelievably good' Celebrating six months anniversary! Speeding up CGI access to Gem Rails CD Baby leaves PHP behind for Ruby on Rails "I think Ruby on Rails is way over hyped" Programmer needed for JSP to Rails conversion Beyond the 10,000th gem install of Rails 'That application is so stupid' Matz takes note of Ta-da and Rails Rails tutorial on O'Reilly's ONLamp Welcome Slashdotters! Ta-da goes international with UTF-8 Make your Ta-da list today Rails 0.9.4.1: Cleaning up the mess Rails 0.9.4: Caching, filters, SQLite3... An unusual high presence of Macs Having problems running tests under 1.8.2? It\'s all about the applications But what does Rails go web services with XML-RPC prototype Rails runs through XP Cincinnati RedHanded out-evangelizes the evangelizer Rails on Lighttpd with FastCGI Have a codefest and collect cash from RubyCentral Jamis Buck is working on Basecamp S5 Presents competes with SoapBX 3,000 people are doing 10,804 things... Using the Rails to impress potential employers Brian discovers the default logging goodness SoapBX: Presentations powered by S5, Textile, Rails Road Map: The rails leading to 1.0 Tracks: A Getting Things Done implementation Nicholas presents the Directors Rails 0.9.3: Optimistic locking, dynamic finders, 1.8.2 Ruby on the German Rails 43things in 5,204 lines of Ruby on Rails Watch for huge requests on default FCGI How the redesign of the website came to be Are you watching the health of your software? "Some amazing web apps appear on Ruby on Rails" Learning Ruby on Rails with 43things The Robot Co-op takes 43things.com live! Giving up on Java for lack of love Setting up EliteJournal on TextDrive without a vhost Celebrating 219 applied patches since 0.7 Escaping Java but not its thinking "Simple design that even my grandma can understand" Rails logo remixed by Olivier Hericord Rake 0.4.14 includes fix for Ruby 1.8.2 Splitting off the research patches Running rake tests with Ruby 1.8.2 Marten opens Epilog for Trac'ing Drew McLellan predicts Rails celebrates more than 10,000 downloads Variations on a railed theme Securing your Rails: Keep it secret, keep it safe Available for hire? Collaboa and EliteJournal joins the Trac Playing Active Records on MS SQLServer and DB2 Open sourcing the Rails logo Rails: Technology of the Year #1 Reacting to customer requests in real time Extracting missing content from wiki backups Ruby on Rails has its web presence overhauled 43 things makes The Seattle Times 5.gets David Heinemeier Hansson Ruby 1.8.2 finally sees the light of day Rails 0.9: Fast development, breakpoints, validations Rails 0.9.1: Small, but important bugfix for Action Pack
Keep your passwords secure, one way or the other
David Heinemeier Hansson · 2025-11-07 · via Ruby on Rails: Compress the complexity of modern web apps

Hi, it’s Claudio Baccigalupo. Let’s explore this week’s changes in the Rails codebase.

Add :algorithm option to has_secure_password
Active Model’s has_secure_password now supports different password hashing algorithms.

Add built-in Argon2 support for has_secure_password
Building on top of the previous PR, you can now add gem "argon2" and then call has_secure_password algorithm: :argon2. Unlike BCrypt’s 72-byte restriction, Argon2 has no password length limit.

New guides for Rails Engines
After months of rewriting, the brand new Rails Engines guides are live!

Support international characters in humanize
Calling ActiveSupport::Inflector.humanize("аБВГДЕ") now correctly returns “Абвгде”.

Add ability to use a block when rendering a collection
When using a partial that yields, we could already use this partial with render partial: or render @model. Now we can do that with collections as well, writing code like this:

// index.html.erb
<%= render @posts do |post| %>
  <%= link_to "Edit", [:edit, post] %>
<% end %>

// _post.html.erb
<article class="post">
  <h1><%= post.title %></h1>
  <%= yield post if block_given? %>
</article>

Introduce Parameter Object: QueryIntent
A thorough improvement to Active Record internals which results in the deprecation of exec_update, exec_delete, and exec_insert in favor of update, delete, and insert.

Make Rails 8.1 schema cache backward-compatible
Rails 8.1 changed how the default value for a column is assigned. This PR ensures that a schema cache produced by Rails 8.1 can be deserialized by Rails 8.0 without any errors.

Prevent duplicates when eager-loading models with a composite primary key
The code in JoinDependency#instantiate was not properly handling models with a composite primary key, resulting in duplicate records being returned.

Fix the stylesheet_link_tag generated by rails new
stylesheet_link_tag "application" will be used when generating Rails apps with CSS bundling (for instance: rails new myapp --css tailwind --js esbuild).

Fix double filtering rescue_from_handled backtrace
ActionController::StructuredEventSubscriber was taking the first frame of the backtrace and removing the Rails root. However, the event being consumed already did this, so the backtrace output was a single character. This commit fixes the issue by removing the duplicate backtrace filtering.

Use -infinity for lower value of unbounded PG time ranges
In PostgreSQL if you have a time range column (daterange, tstzrange, etc.) and save a record with a Ruby range that begins or ends with nil you were getting an unexpected behavior:

Product.create(period: Time.utc(2000)...nil) # => ["2000-01-01 00:00:00",infinity)
Product.create(period: nil...Time.utc(2000)) # => (NULL,"2000-01-01 00:00:00")

The behavior has now been fixed to use -infinity rather than NULL for the lower value.

Fix content_security_policy_nonce error in mailers
Fixes an error that you would get invoking stylesheet_link_tag in a mailer view with the default content_security_policy.rb enabled.

You can view the whole list of changes here.
We had 22 contributors to the Rails codebase this past week!

Until next time!

Subscribe to get these updates mailed to you.