· Log files are always flushed.
· Failing tests will exit with nonzero status code.
· Elimination of calls to deprecated methods.
· Query cache instrumentation includes bindings in the payload.
· Hidden checkbox values are not set if the value is nil.
· Various Ruby 2.0 compatibility fixes.
· Some fixes and doc improvements.
· Faster dev mode & routing
· Tagged logger
· Active Record Store
· ActiveSupport::Base64 is deprecated in favor of ::Base64.
· Added font_path helper method.
· Depends on rack ~> 1.4.0.
· Added :gzip option to caches_page. The default option can be configured globally using page_cache_compression.
· Faster dev mode & routing
· Explain queries
· Tagged logger
· Active Record Store
· This release mainly contains fixes for regressions that popped up in 3.1.2.
· Fixed possible XSS vulnerability in the translate helper method in Ruby on Rails.
· Streaming.
· Reversible Migrations.
· Assets Pipeline.
· jQuery as the default JavaScript library.
· This is the final release candidate before the 3.1.0. final.
4 Security Fixes:
· Filter Skipping bugs
· SQL Injection issues
· Parse error in strip_tags
· UTF-8 escaping vulnerability
· Fixes an issue where cache sweepers with only after filters would have no controller object, it would raise undefined method controller_name for nil
· Ensure status codes are logged when exceptions are raised.
· Subclasses of OutputBuffer are respected.
· Fixed ActionView::FormOptionsHelper#select with :multiple => false
· Avoid extra call to Cache#read in case of a fragment cache hit
· Magic encoding comment added to schema.rb files
· schema.rb is written as UTF-8 by default.
· Ensuring an established connection when running rake db:schema:dump
· Association conditions will not clobber join conditions.
· Destroying a record will destroy the HABTM record before destroying itself.
· Make ActiveRecord::Batches#find_each to not return self.
· Update table_exists? in PG to to always use current search_path or schema if explicitly set.
· The major changes in this release of Rails are bug fixes surrounding modifications to SafeBuffer strings.
· escape_javascript safebuffer fixes.
· json_escape safebuffer fixes.
· RDoc / ruby-debug conflict fixes.
· arel_table is cached unless the table_name changes.
Security issues:
· There are security issues in the rails_xss plugin, and they were fixed in with this release. Please make sure to upgrade your rails_xss plugin.
Changes:
· The main changes in this release are fixing compatibility issues with Rubygems 1.8.5.
· jQuery is now the default
· DRY migrations that know how to revert themselves. Cleaner, nicer migrations.
· Engines can now have their own routing and helper scope. They can also take advantage of the asset pipeline (more documentation on this soon). Read the story behind mountable engines (even if the asset stuff is now out of date).
· It’s not enabled by default because of some important caveats that are still to be ironed out, but if you can deal with those, it’s a great way to cut down on the number of queries your app will trigger. Faster is better!
· Active Record now uses cached prepared statements, which is a big boost for PostgreSQL in all cases and a boost for MySQL on complex statements.
· This makes it possible to use HTTP caching with conditional get as a replacement for page caching (which we’ll soon factor into a plugin and remove from core).
· Much nicer test output courtesy of the Turn gem. It’s on with new applications by default on Ruby 1.9.
· It’s now easier than ever to keep your app safe with force_ssl. Either per-app or per-controller.
· attr_protected now accepts roles, so it’s easier do deal with admin/non-admin splits and more.
· Dead-simple BCrypt-based passwords. Now there’s no excuse not to roll your own authentication scheme.
· Serialize objects with JSON or whatever else you’d like.
activesupport:
· Hash.from_xml no longer loses attributes on tags containing only whitespace.
activerecord:
· Destroying records via nested attributes works independent of reject_if LH #6006.
· Delegate any? and many? to Model.scoped for consistency.
· Quote the ORDER BY clause in batched finds - fixes #6620.
· Change exists? so records are not instantiated - fixes #6127. This prevents after_find and after_initialize callbacks being triggered when checking for record existence.
· Fix performance bug with attribute accessors which only occurred on Ruby 1.8.7, and ensure we cache type-casted values when the column returned from the db contains non-standard chars.
· Fix a performance regression introduced here 86acbf1cc050c8fa8c74a10c735e467fb6fd7df8 related to read_attribute method.
actionmailer:
· remove AM delegating register_observer and register_interceptor to Mail.
· Fix when gzip returns a UTF-8 string on Ruby 1.9, when it is actually binary.
· Active Record limit values will not escape Arel SQL Literal nodes.
· Relation#where calls will always produce AND statements regardless of how conditions hashes behaves (reverting 00693209ecc).
· Observer callbacks will only be executed once when using STI classes in ActiveRecord.
· Two new versions of Ruby On Rails have been released including a number of bug fixes that contain fixes for some security issues.
Find us on Google+
