Ruby on Rails 2.3.5 Released

Posted by Gregg Pollack November 30, 2009 @ 07:58 PM

Rails 2.3.5 was released over the weekend which provides several bug-fixes and one security fix. It should be fully compatible with all prior 2.3.x releases and can be easily upgraded to with “gem update rails”. The most interesting bits can be summarized in three points.

Improved compatibility with Ruby 1.9

There were a few small bugs preventing full compatibility with Ruby 1.9. However, we wouldn’t be surprised you were already running Rails 2.3.X successfully before these bugs were fixed (they were small).

RailsXss plugin availability

As you may have heard, in Rails 3 we are now automatically escaping all string content in erb (where as before you needed to use “h()” to escape). If you want to have this functionality today you can install Koz’s RailsXss plugin in Rails 2.3.5.

Fixes for the Nokogiri backend for XmlMini

With Rails 2.3 we were given the ability to switch out the default XML parser from REXML to other faster parsers like Nokogiri. There were a few issues with using Nokogiri which are now resolved, so if your application is parsing lots of xml you may want to switch to this faster XML parser.

And that’s the gist of it

Feel free to browse through the commit history if you’d like to see what else has been fixed (but it’s mostly small stuff).

Posted in Releases  | 50 comments

Rails 2.3: Templates, Engines, Rack, Metal, much more!

Posted by David March 16, 2009 @ 02:39 PM

Rails 2.3 is finally done and out the door. This is one of the most substantial upgrades to Rails in a very long time. A brief rundown of the top hitters:

  • Templates: Allows your new skeleton Rails application to be built your way with your default stack of gems, configs, and more.
  • Engines: Share reusable application pieces complete with routes that Just Work, models, view paths, and the works.
  • Rack: Rails now runs on Rack which gives you access to all the middleware goodness.
  • Metal: Write super fast pieces of optimized logic that routes around Action Controller.
  • Nested forms: Deal with complex forms so much easier.

And that’s just the tip of the iceberg. We’ve put together a complete guide for the Rails 2.3 release notes with much more information. Be sure to checkout the section on what was deprecated when you’re ready to upgrade your application.

You install 2.3 with (the final version is marked 2.3.2):

gem install rails

If you’re running on Passenger, be sure to upgrade to 2.1.2 as well. Rails 2.3 doesn’t run on older versions of Passenger!

We hope you’ll love it.

Posted in Releases  | 102 comments

Rails 2.3 RC2: Final stop before release

Posted by David March 05, 2009 @ 11:01 AM

The past month has seen a flurry of activity getting Rails 2.3 solid. We think we’ve ironed out all the major kinks now, but just to be sure, we’re running one last release candidate before it heads off to the presses. So please take some time to test out this release candidate. If we don’t get any reports of major blockers, we’re going to call this final within a week or two.

We’ve put together a complete guide for the Rails 2.3 release notes with all the information on what’s new, what’s changed, and what’s deprecated.

You can install the release candidate with:

gem install rails --source http://gems.rubyonrails.org

Posted in Releases  | 33 comments

Rails 2.3.0 RC1: Templates, Engines, Rack, Metal, much more!

Posted by David February 01, 2009 @ 11:40 PM

Rails 2.3 is almost ready for release, but this package is so stock full of amazing new stuff that we’re making dutifully sure that everything works right before we call it official.

So please help us do thorough testing of this release candidate. Lots of the underpinnings changed. Especially the move to Rack. So we need solid testing and will probably have a slightly longer than average release candidate phase to account for that.

But boy will it be worth it. This is one of the most substantial upgrades to Rails in a very long time. A brief rundown of the top hitters:

  • Templates: Allows your new skeleton Rails application to be built your way with your default stack of gems, configs, and more.
  • Engines: Share reusable application pieces complete with routes that Just Work, models, view paths, and the works.
  • Rack: Rails now runs on Rack which gives you access to all the middleware goodness.
  • Metal: Write super fast pieces of optimized logic that routes around Action Controller.
  • Nested forms: Deal with complex forms so much easier.

And that’s just the tip of the iceberg. We’ve put together a complete guide for the Rails 2.3 release notes with much more information.

You can install the release candidate with:

gem install rails --source http://gems.rubyonrails.org

Enjoy, report the bugs, and let’s get Rails 2.3 final out the door soon.

Posted in Releases  | 46 comments

New REE with OS X, 64-bit, Solaris support and GC patches

Posted by David December 05, 2008 @ 05:07 PM

Phusion is on a roll today. Not only did we just get a new Passenger, they’ve also just dropped a new REE (the Ruby patches for copy-on-write) that includes 64-bit support as well as compatibility with OS X and Solaris. They’ve also fitted the excellent RailsBench patches from Stefan Kaes that allows you to tweak the GC settings in Ruby if you need to.

This edition was sponsored by 37signals, Curve21, Dr Dispatch Transportation Software, InfoEther, Martian Interactive, New York Times, Shopify, Trevor Turk, and Utah Imaging.

Posted in Releases  | 8 comments

Phusion Passenger 2.0.5 now compatible with Edge Rails

Posted by David December 05, 2008 @ 01:20 PM

The Phusion team keeps blazing ahead with Passenger and improving it rapidly. They’ve just released version 2.0.5, which includes a few fixes and introduces compatibility with the Rack-based Edge Rails.

At 37signals, we’ve already switched over Ta-da List and are busy working on getting the rest of our suite running on Passenger. It’s just so much easier to deal with and the memory savings you get through REE are a nice cherry on top.

I keep getting a steady stream of success reports from all over the world as well. I’ve even read of a few people getting back into Rails development because Passenger finally took out the inconvenience of deploying.

It’s hard to argue with the usability. I’ve personally been setting up a new server running Ubuntu 8.10 and using Apache 2 with Passenger. The time it took me to go from a fresh install to a complete production setup was ridiculously low. There’s just so much less to worry about.

If you haven’t given Passenger a chance yet, now is definitely the time.

Posted in Releases  | 14 comments

Rails 2.2: i18n, HTTP validators, thread safety, JRuby/1.9 compatibility, docs

Posted by David November 21, 2008 @ 05:22 PM

Rails 2.2 is finally done after we cleared the last issues from the release candidate program. This release contains an long list of fixes, improvements, and additions that’ll make everything Rails smoother and better, but we also have a number of star player features to parade this time.

Internationalization by default
The most important is that Rails now includes a full-on internationalization framework and that it’s pre-wired from start. The work of the i18n group has been very impressive and it’s great to see that Rails finally ships with a solution in the box that’s both simple and extensible. Great job, guys!

Stronger etag and last-modified support
We’ve also added much better support for HTTP validators in the form of etag and last-modified. Making it so much easier to skip expensive procesesing if the client already has the latest stuff. This also makes it even easier to use Rails with gateway proxies.

Thread safety and a connection pool
Josh Peek has added thread safety to Rails and Nick Sieger from JRuby worked on getting Active Record a proper connection pool. So now all elements of Rails are thread safe, which is a big boon for the JRuby guys in particular. For C Ruby, we still need a bunch of dependent libraries to go non-blocking before it’ll make much of a difference, but work on that is forth coming.

Ruby 1.9 and JRuby compatibility
Jeremy Kemper has been rocking on both Ruby 1.9 and JRuby compatibility. Rails 2.2 is fully compatible with both, but again, there might be supporting libraries and gems that are not. Again, lots of work is going into making everything else fully compatible as well.

Better API docs, great guides
Finally, the last big push has been with the documentation of Rails. Pratik’s docrails project has made immense progress. Not only are the API docs much improved, but we also have a whole new guides section generated from documentation that now lives with the source. A true community project with lots of contributors. I’m sure both those new and old to Rails will greatly appreciate the strong focus on documentation.

To read about all these features and more in details, checkout the Rails 2.2 release notes—another one of those guides from the docrails project.

How to install
As always, you can install Rails 2.2 through RubyGems. We now require RubyGems 1.3.1, so be sure to update that first: gem update --system

Then you can install Rails: gem install rails

If you’re updating an existing application, you can run rake rails:update to get the latest JavaScript files and scripts.

From all of us to all of you, we hope you enjoy this release. It’s a true pleasure to see Rails make such big steps forward once again. Dig in, have fun, and we’ll be back with Rails 2.3 with even more before you know it.

Posted in Releases  | 107 comments

Rails 2.2 RC2: Last stop before final

Posted by David November 14, 2008 @ 03:55 PM

Rails 2.2 has been baking for long enough now. This is the last taste before the goodies are served. So please install and check it out. See if you can find any regressions or bugs in any of the new stuff, so we can have it all delicious by the time we ring the dinner bell (ok, ok, I’ll put down the food metaphor now).

This release also conciedes with the fact that we’ve branches 2-2-stable, which means that master is now actually targeting Rails 2.3/3.0. There’s also a tag available for this RC as v2.2.1.

If you missed RC1, have a look at the Rails 2.2 release notes to see the major additions. You can see what’s new since RC1 in these two This Week in Edge Rails.

To install, you must first have RubyGems 1.3.1:
gem update --system.

Then you can:
gem install rails -s http://gems.rubyonrails.org

Enjoy!

Posted in Releases  | 33 comments

Rails 2.2 RC1: i18n, thread safety, docs, etag/last-modified, JRuby/1.9 compatibility

Posted by David October 24, 2008 @ 12:47 PM

Rails 2.2 is almost ready for its final release, but before we christen the gems, we’d like to have everyone test out a release candidate. Rails 2.2 is a major upgrade that includes a wealth of new features and fixes.

Chief inclusions are an internationalization framework, thread safety (including a connection pool for Active Record), easier access to HTTP caching with etags and last modified, compatibility with Ruby 1.9 and JRuby, and a wealth of new documentation.

Mike Gunderloy has compiled an exhaustive list and walk-through of many of the interesting new features for the Rails 2.2 release notes.

To help test the Rails 2.2 release candidate, please install with:
gem install rails -s http://gems.rubyonrails.org -v 2.2.0

Hopefully there will not be too much folly in the RC and we can quickly move to a final release. But it requires your help to get there.

Note that this release is called 2.2.0, not 2.1.99 as our previous naming scheme would have dictated. So the final release of Rails 2.2 will actually be 2.2.1 (if we only need one RC).

Posted in Releases  | 50 comments

Rails 2.1.2: Security, other fixes

Posted by David October 23, 2008 @ 06:21 PM

Rails 2.1.2 includes the same two security fixes that we pushed out for 2.0.x recently. We’re talking about a backport of the offset/limit sanitization fix for Active Record and a fix against header-injection when using user-contributed strings in redirect_to (see Response Splitting for more information).

In addition, Rails 2.1.2 fixes the warning that users of RubyGems 1.3.0 were having with script/generate as well as a range of other minor fixes. Enjoy!

As always, you can install with:
gem install rails --version 2.1.2

Posted in Releases  | 23 comments

Rails 2.0.5: Security fixes

Posted by David October 19, 2008 @ 10:08 PM

Time for another small security fix for Rails 2.0.x. The 2.0.5 release contains just two changes: A backport of the offset/limit sanitization fix for Active Record and a fix against header-injection when using user-contributed strings in redirect_to (see Response Splitting for more information).

As always, you can install with:
gem install rails --version 2.0.5

Posted in Releases  | 4 comments

Rails 2.1.1: Lots of bug fixes

Posted by David September 05, 2008 @ 09:19 AM

Rails 2.1.1 is another maintenance release that includes a bunch of bug fixes and a fix for the REXML vulnerability. I’ve extracted all the changes from the CHANGELOGs into a single Gist. Enjoy!

To install, just do: gem install rails --version 2.1.1.

Next upcoming release will be Rails 2.2 beta which is quite close.

Posted in Releases  | 22 comments

Rails 2.0.4: Maintenance release

Posted by David September 03, 2008 @ 09:43 AM

Thanks to Git it’s been a lot easier to maintain older branches of the code base, so we’ve taken the opportunity to backport a bunch of bug fixes to the 2.0 branch and here’s the release for that.

The only major issue is that we’ve fixed the REXML DoS vulnerability with a monkey patch that ships in the box. So if you’re on 2.0 and haven’t dealt with the issue already, you can upgrade to 2.0.4 and get it fixed.

You can install with: gem install rails --version 2.0.4

See all the changes

UPDATE: The actual 2.0.4 gem didn’t get published yesterday due to a bug in the release script. It’s been fixed and 2.0.4 is actually available on the main gem repository. Sorry about that!

Posted in Releases  | 14 comments

Capistrano 2.4.0

Posted by jamis June 13, 2008 @ 05:14 PM

Capistrano 2.4.0 is now available. Capistrano is the deployment tool of choice for many Rails programmers, but can be used for much more, allowing you to automate remote tasks using a simple task-oriented framework in Ruby.

Install it via RubyGems:

  gem install capistrano

You can read the entire release announcement on Jamis Buck’s weblog.

Posted in Releases  | 0 comments

Rails 2.1: Time zones, dirty, caching, gem dependencies, caching, etc

Posted by David June 01, 2008 @ 02:12 AM

Rails 2.1 is now available for general consumption with all the features and fixes we’ve been putting in over the last six months since 2.0. This has been a huge effort by a very wide range of contributors helping to make it happen.

Over the past six months, we’ve had 1,400 contributors creating patches and vetting them. This has resulted in 1,600+ patches. A truly staggering number. And lots of that has made it into this release.

New features
The new major features are:

Thanks to Ryan Daigle for the feature introductions and Ryan Bates for the Railscasts. It makes writing the release notes so much easier :).

As always, you can install with:

gem install rails

...or you can use the Git tag for 2.1.0.

Enjoy!

Posted in Releases  | 87 comments

Ruby on Rails was created by David Heinemeier Hansson, a partner at 37signals,
then extended and improved by a core team of committers and hundreds of open-source contributors.

Rails is released under the MIT license. Ruby under the Ruby License.

"Rails", "Ruby on Rails", and the Rails logo are trademarks of David Heinemeier Hansson. All rights reserved.

Sponsored by

 37signals