mirrors
/
rails
mirror of https://github.com/rails/rails
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Ruby code block indentation issue fix 

[skip ci] indentation fix

[skip ci] review changes added

[skip ci] indentation fix
This commit is contained in:
Akhil G Krishnan 2023-09-06 18:03:58 +00:00
parent 9044d35c2f
commit 61a9c1a92a
10 changed files with 63 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
actionpack/CHANGELOG.md
View File

@ -80,6 +80,7 @@
This is very useful in situations where you only want to add a required param that is part of the route's URL but for other route not append an extraneous query param.
Given the following router...
```ruby
Rails.application.routes.draw do
scope ":account_id" do
@ -91,12 +92,13 @@
```
And given the following `ApplicationController`
```ruby
class ApplicationController < ActionController::Base
def default_url_options
{ path_params: { account_id: "foo" } }
end
class ApplicationController < ActionController::Base
def default_url_options
{ path_params: { account_id: "foo" } }
end
end
```
The standard url_for helper and friends will now behave as follows:

16
activejob/CHANGELOG.md
View File

@ -8,15 +8,15 @@
This method lets job authors define a block which will be run when a job is about to be discarded. For example:
```ruby
class AfterDiscardJob < ActiveJob::Base
after_discard do |job, exception|
Rails.logger.info("#{job.class} raised an exception: #{exception}")
end
def perform
raise StandardError
end
class AfterDiscardJob < ActiveJob::Base
after_discard do |job, exception|
Rails.logger.info("#{job.class} raised an exception: #{exception}")
end
def perform
raise StandardError
end
end
```
The above job will run the block passed to `after_discard` after the job is discarded. The exception will

12
activemodel/CHANGELOG.md
View File

@ -29,14 +29,14 @@
to consider both character count and byte size while keeping the character length validation in place.
```ruby
user = User.new(password: "a" * 73) # 73 characters
user.valid? # => false
user.errors[:password] # => ["is too long"]
user = User.new(password: "a" * 73) # 73 characters
user.valid? # => false
user.errors[:password] # => ["is too long"]
user = User.new(password: "あ" * 25) # 25 characters, 75 bytes
user.valid? # => false
user.errors[:password] # => ["is too long"]
user = User.new(password: "あ" * 25) # 25 characters, 75 bytes
user.valid? # => false
user.errors[:password] # => ["is too long"]
```
*ChatGPT*, *Guillermo Iguaran*

8
activerecord/CHANGELOG.md
View File

@ -788,15 +788,15 @@
Before:
```ruby
serialize :content, JSON
serialize :backtrace, Array
serialize :content, JSON
serialize :backtrace, Array
```
After:
```ruby
serialize :content, coder: JSON
serialize :backtrace, type: Array
serialize :content, coder: JSON
serialize :backtrace, type: Array
```
*Jean Boussier*

28
activestorage/CHANGELOG.md
View File

@ -144,21 +144,21 @@
In the following example, the code failed to upload all but the last file to the configured service.
```ruby
ActiveRecord::Base.transaction do
user.attachments.attach({
content_type: "text/plain",
filename: "dummy.txt",
io: ::StringIO.new("dummy"),
})
user.attachments.attach({
content_type: "text/plain",
filename: "dummy2.txt",
io: ::StringIO.new("dummy2"),
})
end
ActiveRecord::Base.transaction do
user.attachments.attach({
content_type: "text/plain",
filename: "dummy.txt",
io: ::StringIO.new("dummy"),
})
user.attachments.attach({
content_type: "text/plain",
filename: "dummy2.txt",
io: ::StringIO.new("dummy2"),
})
end
assert_equal 2, user.attachments.count
assert user.attachments.first.service.exist?(user.attachments.first.key) # Fails
assert_equal 2, user.attachments.count
assert user.attachments.first.service.exist?(user.attachments.first.key) # Fails
```
This was addressed by keeping track of the subchanges pending upload, and uploading them

1
guides/source/7_0_release_notes.md
View File

@ -96,6 +96,7 @@ Please refer to the [Changelog][action-view] for detailed changes.
#=> <input type="hidden" name="_method" value="post" autocomplete="off" />
# After
#=> <input type="hidden" name="_method" value="patch" autocomplete="off" />
```
Action Mailer
-------------

2
guides/source/7_1_release_notes.md
View File

@ -588,7 +588,7 @@ Please refer to the [Changelog][active-model] for detailed changes.
* Add support for beginless ranges to `inclusivity/exclusivity` validators.
```ruby
```ruby
validates_inclusion_of :birth_date, in: -> { (..Date.today) }
```

2
guides/source/active_support_instrumentation.md
View File

@ -102,7 +102,7 @@ View Timings from Instrumentation in Your Browser
Rails implements the [Server Timing](https://www.w3.org/TR/server-timing/) standard to make timing information available in the web browser. To enable, edit your environment configuration (usually `development.rb` as this is most-used in development) to include the following:
```ruby
config.server_timing = true
config.server_timing = true
```
Once configured (including restarting your server), you can go to the Developer Tools pane of your browser, then select Network and reload your page. You can then select any request to your Rails server, and will see server timings in the timings tab. For an example of doing this, see the [Firefox Documentation](https://firefox-source-docs.mozilla.org/devtools-user/network_monitor/request_details/index.html#server-timing).

12
guides/source/security.md
View File

@ -527,7 +527,7 @@ INFO: _A common pitfall in Ruby's regular expressions is to match the string's b
Ruby uses a slightly different approach than many other languages to match the end and the beginning of a string. That is why even many Ruby and Rails books get this wrong. So how is this a security threat? Say you wanted to loosely validate a URL field and you used a simple regular expression like this:
```ruby
/^https?:\/\/[^\n]+$/i
/^https?:\/\/[^\n]+$/i
```
This may work fine in some languages. However, _in Ruby `^` and `$` match the **line** beginning and line end_. And thus a URL like this passes the filter without problems:
@ -541,7 +541,7 @@ http://hi.com
This URL passes the filter because the regular expression matches - the second line, the rest does not matter. Now imagine we had a view that showed the URL like this:
```ruby
link_to "Homepage", @user.homepage
link_to "Homepage", @user.homepage
```
The link looks innocent to visitors, but when it's clicked, it will execute the JavaScript function "exploit_code" or any other JavaScript the attacker provides.
@ -549,14 +549,14 @@ The link looks innocent to visitors, but when it's clicked, it will execute the
To fix the regular expression, `\A` and `\z` should be used instead of `^` and `$`, like so:
```ruby
/\Ahttps?:\/\/[^\n]+\z/i
/\Ahttps?:\/\/[^\n]+\z/i
```
Since this is a frequent mistake, the format validator (validates_format_of) now raises an exception if the provided regular expression starts with ^ or ends with $. If you do need to use ^ and $ instead of \A and \z (which is rare), you can set the :multiline option to true, like so:
```ruby
# content should include a line "Meanwhile" anywhere in the string
validates :content, format: { with: /^Meanwhile$/, multiline: true }
# content should include a line "Meanwhile" anywhere in the string
validates :content, format: { with: /^Meanwhile$/, multiline: true }
```
Note that this only protects you against the most common mistake when using the format validator - you always need to keep in mind that ^ and $ match the **line** beginning and line end in Ruby, and not the beginning and end of a string.
@ -1143,7 +1143,7 @@ browser automatically upgrades to HTTPS for current and future connections.
The header is added to the response when enabling the `force_ssl` option:
```ruby
config.force_ssl = true
config.force_ssl = true
```
[`Strict-Transport-Security`]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

32
guides/source/upgrading_ruby_on_rails.md
View File

@ -2292,10 +2292,10 @@ Rails 4.0 no longer supports loading plugins from `vendor/plugins`. You must rep
* Rails 4.0 requires that scopes use a callable object such as a Proc or lambda:
```ruby
scope :active, where(active: true)
scope :active, where(active: true)
# becomes
scope :active, -> { where active: true }
# becomes
scope :active, -> { where active: true }
```
* Rails 4.0 has deprecated `ActiveRecord::Fixtures` in favor of `ActiveRecord::FixtureSet`.
@ -2356,9 +2356,9 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
* Rails 4.0 introduces `ActiveSupport::KeyGenerator` and uses this as a base from which to generate and verify signed cookies (among other things). Existing signed cookies generated with Rails 3.x will be transparently upgraded if you leave your existing `secret_token` in place and add the new `secret_key_base`.
```ruby
# config/initializers/secret_token.rb
Myapp::Application.config.secret_token = 'existing secret token'
Myapp::Application.config.secret_key_base = 'new secret key base'
# config/initializers/secret_token.rb
Myapp::Application.config.secret_token = 'existing secret token'
Myapp::Application.config.secret_key_base = 'new secret key base'
```
Please note that you should wait to set `secret_key_base` until you have 100% of your userbase on Rails 4.x and are reasonably sure you will not need to rollback to Rails 3.x. This is because cookies signed based on the new `secret_key_base` in Rails 4.x are not backwards compatible with Rails 3.x. You are free to leave your existing `secret_token` in place, not set the new `secret_key_base`, and ignore the deprecation warnings until you are reasonably sure that your upgrade is otherwise complete.
@ -2422,14 +2422,14 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
* Rails 4.0 requires that routes using `match` must specify the request method. For example:
```ruby
# Rails 3.x
match '/' => 'root#index'
# Rails 3.x
match '/' => 'root#index'
# becomes
match '/' => 'root#index', via: :get
# becomes
match '/' => 'root#index', via: :get
# or
get '/' => 'root#index'
# or
get '/' => 'root#index'
```
* Rails 4.0 has removed `ActionDispatch::BestStandardsSupport` middleware, `<!DOCTYPE html>` already triggers standards mode per https://msdn.microsoft.com/en-us/library/jj676915(v=vs.85).aspx and ChromeFrame header has been moved to `config.action_dispatch.default_headers`.
@ -2446,10 +2446,10 @@ Rails 4.0 extracted Active Resource to its own gem. If you still need the featur
* Rails 4.0 allows configuration of HTTP headers by setting `config.action_dispatch.default_headers`. The defaults are as follows:
```ruby
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'SAMEORIGIN',
'X-XSS-Protection' => '1; mode=block'
}
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'SAMEORIGIN',
'X-XSS-Protection' => '1; mode=block'
}
```
Please note that if your application is dependent on loading certain pages in a `<frame>` or `<iframe>`, then you may need to explicitly set `X-Frame-Options` to `ALLOW-FROM ...` or `ALLOWALL`.