chore(deps): update dependency rails to v7.2.2.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
rails (source, changelog)	7.1.3.4 -> 7.2.2.1

---

Release Notes

rails/rails (rails)

v7.2.2.1: 7.2.2.1

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Add validation to content security policies to disallow spaces and semicolons.
  Developers should use multiple arguments, and different directive methods instead.

  [CVE-2024-54133]

  Gannon McGibbon

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• Update vendored trix version to 2.1.10

  John Hawthorn

Railties

• No changes.

Guides

• No changes.

v7.2.2: 7.2.2

Compare Source

Active Support

• Include options when instrumenting ActiveSupport::Cache::Store#delete and ActiveSupport::Cache::Store#delete_multi.

  Adam Renberg Tamm

• Print test names when running rails test -v for parallel tests.

  John Hawthorn, Abeid Ahmed

Active Model

• Fix regression in alias_attribute to work with user defined methods.

  alias_attribute would wrongly assume the attribute accessor was generated by Active Model.

  class Person
    include ActiveModel::AttributeMethods
  
    define_attribute_methods :name
    attr_accessor :name
  
    alias_attribute :full_name, :name
  end
  
  person.full_name # => NoMethodError: undefined method `attribute' for an instance of Person

  Jean Boussier

Active Record

• Fix support for query_cache: false in database.yml.

  query_cache: false would no longer entirely disable the Active Record query cache.

  zzak

• Set .attributes_for_inspect to :all by default.

  For new applications it is set to [:id] in config/environment/production.rb.

  In the console all the attributes are always shown.

  Andrew Novoselac

• PG::UnableToSend: no connection to the server is now retryable as a connection-related exception

  Kazuma Watanabe

• Fix marshalling of unsaved associated records in 7.1 format.

  The 7.1 format would only marshal associated records if the association was loaded.
  But associations that would only contain unsaved records would be skipped.

  Jean Boussier

• Fix incorrect SQL query when passing an empty hash to ActiveRecord::Base.insert.

  David Stosik

• Allow to save records with polymorphic join tables that have inverse_of
  specified.

  Markus Doits

• Fix association scopes applying on the incorrect join when using a polymorphic has_many through:.

  Joshua Young

• Fix dependent: :destroy for bi-directional has one through association.

  Fixes #​50948.

  class Left < ActiveRecord::Base
    has_one :middle, dependent: :destroy
    has_one :right, through: :middle
  end
  
  class Middle < ActiveRecord::Base
    belongs_to :left, dependent: :destroy
    belongs_to :right, dependent: :destroy
  end
  
  class Right < ActiveRecord::Base
    has_one :middle, dependent: :destroy
    has_one :left, through: :middle
  end

  In the above example left.destroy wouldn't destroy its associated Right
  record.

  Andy Stewart

• Properly handle lazily pinned connection pools.

  Fixes #​53147.

  When using transactional fixtures with system tests to similar tools
  such as capybara, it could happen that a connection end up pinned by the
  server thread rather than the test thread, causing
  "Cannot expire connection, it is owned by a different thread" errors.

  Jean Boussier

• Fix ActiveRecord::Base.with to accept more than two sub queries.

  Fixes #​53110.

  User.with(foo: [User.select(:id), User.select(:id), User.select(:id)]).to_sql
  undefined method `union' for an instance of Arel::Nodes::UnionAll (NoMethodError)

  The above now works as expected.

  fatkodima

• Properly release pinned connections with non joinable connections.

  Fixes #​52973

  When running system tests with transactional fixtures on, it could happen that
  the connection leased by the Puma thread wouldn't be properly released back to the pool,
  causing "Cannot expire connection, it is owned by a different thread" errors in later tests.

  Jean Boussier

• Make Float distinguish between float4 and float8 in PostgreSQL.

  Fixes #​52742

  Ryota Kitazawa, Takayuki Nagatomi

• Fix an issue where .left_outer_joins used with multiple associations that have
  the same child association but different parents does not join all parents.

  Previously, using .left_outer_joins with the same child association would only join one of the parents.

  Now it will correctly join both parents.

  Fixes #​41498.

  Garrett Blehm

• Ensure ActiveRecord::Encryption.config is always ready before access.

  Previously, ActiveRecord::Encryption configuration was deferred until ActiveRecord::Base
  was loaded. Therefore, accessing ActiveRecord::Encryption.config properties before
  ActiveRecord::Base was loaded would give incorrect results.

  ActiveRecord::Encryption now has its own loading hook so that its configuration is set as
  soon as needed.

  When ActiveRecord::Base is loaded, even lazily, it in turn triggers the loading of
  ActiveRecord::Encryption, thus preserving the original behavior of having its config ready
  before any use of ActiveRecord::Base.

  Maxime Réty

• Add TimeZoneConverter#== method, so objects will be properly compared by
  their type, scale, limit & precision.

  Address #​52699.

  Ruy Rocha

Action View

• No changes.

Action Pack

• Fix non-GET requests not updating cookies in ActionController::TestCase.

  Jon Moss, Hartley McGuire

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• No changes.

Railties

• No changes.

Guides

• No changes.

v7.2.1.2: 7.2.1.2

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• No changes.

Active Job

• No changes.

Action Mailer

• Fix NoMethodError in block_format helper

  Michael Leimstaedtner

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• No changes.

Railties

• No changes.

Guides

• No changes.

v7.2.1.1: 7.2.1.1

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Avoid regex backtracking in HTTP Token authentication

  [CVE-2024-47887]

• Avoid regex backtracking in query parameter filtering

  [CVE-2024-41128]

Active Job

• No changes.

Action Mailer

• Avoid regex backtracking in block_format helper

  [CVE-2024-47889]

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• Avoid backtracing in plain_text_for_blockquote_node

  [CVE-2024-47888]

Railties

• No changes.

Guides

• No changes.

v7.2.1: 7.2.1

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• Fix detection for enum columns with parallelized tests and PostgreSQL.

  Rafael Mendonça França

• Allow to eager load nested nil associations.

  fatkodima

• Fix swallowing ignore order warning when batching using BatchEnumerator.

  fatkodima

• Fix memory bloat on the connection pool when using the Fiber IsolatedExecutionState.

  Jean Boussier

• Restore inferred association class with the same modularized name.

  Justin Ko

• Fix ActiveRecord::Base.inspect to properly explain how to load schema information.

  Jean Boussier

• Check invalid enum options for the new syntax.

  The options using _ prefix in the old syntax are invalid in the new syntax.

  Rafael Mendonça França

• Fix ActiveRecord::Encryption::EncryptedAttributeType#type to return
  actual cast type.

  Vasiliy Ermolovich

• Fix create_table with :auto_increment option for MySQL adapter.

  fatkodima

Action View

• No changes.

Action Pack

• Fix Request#raw_post raising NoMethodError when rack.input is nil.

  Hartley McGuire

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• Strip content attribute if the key is present but the value is empty

  Jeremy Green

Railties

• Fix rails console for application with non default application constant.

  The wrongly assumed the Rails application would be named AppNamespace::Application,
  which is the default but not an obligation.

  Jean Boussier

• Fix the default Dockerfile to include the full sqlite3 package.

  Prior to this it only included libsqlite3, so it wasn't enough to
  run rails dbconsole.

  Jerome Dalbert

• Don't update public directory during app:update command for API-only Applications.

  y-yagi

• Don't add bin/brakeman if brakeman is not in bundle when upgrading an application.

  Etienne Barrié

• Remove PWA views and routes if its an API only project.

  Jean Boussier

• Simplify generated Puma configuration

  DHH, Rafael Mendonça França

v7.2.0

Compare Source

v7.1.5.1: 7.1.5.1

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Add validation to content security policies to disallow spaces and semicolons.
  Developers should use multiple arguments, and different directive methods instead.

  [CVE-2024-54133]

  Gannon McGibbon

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• Update vendored trix version to 2.1.10

  John Hawthorn

Railties

• No changes.

Guides

• No changes.

v7.1.5: 7.1.5

Compare Source

Active Support

• No changes.

Active Model

• Fix regression in alias_attribute to work with user defined methods.

  alias_attribute would wrongly assume the attribute accessor was generated by Active Model.

  class Person
    include ActiveModel::AttributeMethods
  
    define_attribute_methods :name
    attr_accessor :name
  
    alias_attribute :full_name, :name
  end
  
  person.full_name # => NoMethodError: undefined method `attribute' for an instance of Person

  Jean Boussier

Active Record

• Fix marshalling of unsaved associated records in 7.1 format.

  The 7.1 format would only marshal associated records if the association was loaded.
  But associations that would only contain unsaved records would be skipped.

  Jean Boussier

• Fix an issue where .left_outer_joins used with multiple associations that have
  the same child association but different parents does not join all parents.

  Previously, using .left_outer_joins with the same child association would only join one of the parents.

  Now it will correctly join both parents.

  Fixes #​41498.

  Garrett Blehm

• Ensure ActiveRecord::Encryption.config is always ready before access.

  Previously, ActiveRecord::Encryption configuration was deferred until ActiveRecord::Base
  was loaded. Therefore, accessing ActiveRecord::Encryption.config properties before
  ActiveRecord::Base was loaded would give incorrect results.

  ActiveRecord::Encryption now has its own loading hook so that its configuration is set as
  soon as needed.

  When ActiveRecord::Base is loaded, even lazily, it in turn triggers the loading of
  ActiveRecord::Encryption, thus preserving the original behavior of having its config ready
  before any use of ActiveRecord::Base.

  Maxime Réty

• Add TimeZoneConverter#== method, so objects will be properly compared by
  their type, scale, limit & precision.

  Address #​52699.

  Ruy Rocha

Action View

• No changes.

Action Pack

• No changes.

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• No changes.

Railties

• No changes.

Guides

• No changes.

v7.1.4.2: 7.1.4.2

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• No changes.

Active Job

• No changes.

Action Mailer

• Fix NoMethodError in block_format helper

  Michael Leimstaedtner

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• No changes.

Railties

• No changes.

Guides

• No changes.

v7.1.4.1: 7.1.4.1

Compare Source

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Avoid regex backtracking in HTTP Token authentication

  [CVE-2024-47887]

• Avoid regex backtracking in query parameter filtering

  [CVE-2024-41128]

Active Job

• No changes.

Action Mailer

• Avoid regex backtracking in block_format helper

  [CVE-2024-47889]

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• Avoid backtracing in plain_text_for_blockquote_node

  [CVE-2024-47888]

Railties

• No changes.

Guides

• No changes.

v7.1.4: 7.1.4

Compare Source

Active Support

• Improve compatibility for ActiveSupport::BroadcastLogger.

  Máximo Mussini

• Pass options along to write_entry in handle_expired_entry method.

  Graham Cooper

• Fix Active Support configurations deprecations.

  fatkodima

• Fix teardown callbacks.

  Tristan Starck

• BacktraceCleaner silence core internal methods by default.

  Jean Boussier

• Fix delegate_missing_to allow_nil: true when called with implict self

  class Person
    delegate_missing_to :address, allow_nil: true
  
    def address
      nil
    end
  
    def berliner?
      city == "Berlin"
    end
  end
  
  Person.new.city # => nil
  Person.new.berliner? # undefined local variable or method `city' for an instance of Person (NameError)

  Jean Boussier

• Work around a Ruby bug that can cause a VM crash.

  This would happen if using TaggerLogger with a Proc
  formatter on which you called object_id.

  [BUG] Object ID seen, but not in mapping table: proc
  

  Jean Boussier

• Fix ActiveSupport::Notifications.publish_event to preserve units.

  This solves the incorrect reporting of time spent running Active Record
  asynchronous queries (by a factor 1000).

  Jean Boussier

Active Model

• No changes.

Active Record

• Allow to eager load nested nil associations.

  fatkodima

• Fix create_table with :auto_increment option for MySQL adapter.

  fatkodima

• Don't load has_one associations during autosave.

  Eugene Kenny

• Fix migration ordering for bin/rails db:prepare across databases.

  fatkodima

• Fix alias_attribute to ignore methods defined in parent classes.

  Jean Boussier

• Fix a performance regression in attribute methods.

  Jean Boussier

• Fix Active Record configs variable shadowing.

  Joel Lubrano

• Fix running migrations on other databases when database_tasks: false on primary.

  fatkodima

• Fix non-partial inserts for models with composite identity primary keys.

  fatkodima

• Fix ActiveRecord::Relation#touch_all with custom attribute aliased as attribute for update.

  fatkodima

• Fix a crash when an Executor wrapped fork exit.

  Joé Dupuis

• Fix destroy_async job for owners with composite primary keys.

  fatkodima

• Ensure pre-7.1 migrations use legacy index names when using rename_table.

  fatkodima

• Allow primary_key: association option to be composite.

  Nikita Vasilevsky

• Do not try to alias on key update when raw SQL is supplied.

  Gabriel Amaral

• Memoize key_provider from key or deterministic key_provider if any.

  Rosa Gutierrez

• Fix upsert warning for MySQL.

  fatkodima

• Fix predicate builder for polymorphic models referencing models with composite primary keys.

  fatkodima

• Fix update_all/delete_all on CPK model relation with join subquery.

  Nikita Vasilevsky

• Remove memoization to accept key_provider overridden by with_encryption_context.

  John Hawthorn

• Raise error for Trilogy when prepared_statements is true.

  Trilogy doesn't currently support prepared statements. The error that
  applications would see is a StatementInvalid error. This doesn't quite point
  you to the fact this isn't supported. So raise a more appropriate error
  pointing to what to change.

  Eileen M. Uchitelle

• Fix loading schema cache when all databases have disabled database tasks.

  fatkodima

• Always request primary_key in RETURNING if no other columns requested.

  Nikita Vasilevsky

• Handle records being loaded with Marshal without triggering schema load

  When using the old marshalling format for Active Record and loading
  a serialized instance, it didn't trigger loading the schema and defining
  attribute methods.

  Jean Boussier

• Prevent some constant redefinition warnings when defining inherited on models.

  Adrian Hirt

• Fix a memory perfomance regression in attribute methods.

  Attribute methods used much more memory and were slower to define than
  they should have been.

  Jean Boussier

• Fix an issue that could cause database connection leaks.

  If Active Record successfully connected to the database, but then failed
  to read the server informations, the connection would be leaked until the
  Ruby garbage collector triggers.

  Jean Boussier

• Fix an issue where the IDs reader method did not return expected results
  for preloaded associations in models using composite primary keys.

  Jay Ang

• PostgreSQL Cidr#change? detects the address prefix change.

  Taketo Takashima

• Fix Active Record serialization to not include instantiated but not loaded associations

  Jean Boussier, Ben Kyriakou

• Allow Sqlite3Adapter to use sqlite3 gem version 2.x

  Mike Dalessio

• Strict loading using :n_plus_one_only does not eagerly load child associations.

  With this change, child associations are no longer eagerly loaded, to
  match intended behavior and to prevent non-deterministic order issues caused
  by calling methods like first or last. As first and last don't cause
  an N+1 by themselves, calling child associations will no longer raise.
  Fixes #​49473.

  Before:

  person = Person.find(1)
  person.strict_loading!(mode: :n_plus_one_only)
  person.posts.first

SELECT * FROM posts WHERE person_id = 1; -- non-deterministic order

person.posts.first.firm # raises ActiveRecord::StrictLoadingViolationError
```

After:

```ruby
person = Person.find(1)
person.strict_loading!(mode: :n_plus_one_only)
person.posts.first # this is 1+1, not N+1

SELECT * FROM posts WHERE person_id = 1 ORDER BY id LIMIT 1;

person.posts.first.firm # no longer raises
```

*Reid Lynch*

• Using Model.query_constraints with a single non-primary-key column used to raise as expected, but with an
  incorrect error message. This has been fixed to raise with a more appropriate error message.

  Joshua Young

• Fix has_one association autosave setting the foreign key attribute when it is unchanged.

  This behaviour is also inconsistent with autosaving belongs_to and can have unintended side effects like raising
  an ActiveRecord::ReadonlyAttributeError when the foreign key attribute is marked as read-only.

  Joshua Young

• Fix an issue where ActiveRecord::Encryption configurations are not ready before the loading
  of Active Record models, when an application is eager loaded. As a result, encrypted attributes
  could be misconfigured in some cases.

  Maxime Réty

• Properly synchronize Mysql2Adapter#active? and TrilogyAdapter#active?

  As well as disconnect! and verify!.

  This generally isn't a big problem as connections must not be shared between
  threads, but is required when running transactional tests or system tests
  and could lead to a SEGV.

  Jean Boussier

• Fix counter caches when the foreign key is composite.

  If the model holding the counter cache had a composite primary key,
  inserting a dependent record would fail with an ArgumentError
Expected corresponding value for...

  fatkodima

• Fix loading of schema cache for multiple databases.

  Before this change, if you have multiple databases configured in your
  application, and had schema cache present, Rails would load the same
  cache to all databases.

  Rafael Mendonça França

• Fix eager loading of composite primary key associations.

  relation.eager_load(:other_model) could load the wrong records if other_model
  had a composite primary key.

  Nikita Vasilevsky

• Fix async queries returning a doubly wrapped result when hitting the query cache.

  fatkodima

• Fix single quote escapes on default generated MySQL columns

  MySQL 5.7.5+ supports generated columns, which can be used to create a column that is computed from an expression.

  Previously, the schema dump would output a string with double escapes for generated columns with single quotes in the default expression.

  This would result in issues when importing the schema on a fresh instance of a MySQL database.

  Now, the string will not be escaped and will be valid Ruby upon importing of the schema.

  Yash Kapadia

• Fix Migrations with versions older than 7.1 validating options given to
  t.references.

  Hartley McGuire

Action View

• Action View Test Case rendered memoization.

  Sean Doyle

• Restore the ability for templates to return any kind of object and not just strings

  Jean Boussier

• Fix threading issue with strict locals.

  Robert Fletcher

Action Pack

• Resolve deprecation warning in latest selenium-webdriver.

  Earlopain

• Don't preload Selenium browser when remote.

  Noah Horton

• Fix crash for invalid Content-Type in ShowExceptions middleware.

  Earlopain

• Fix inconsistent results of params.deep_transform_keys.

  Iago Pimenta

• Do not report rendered errors except 500.

  Nikita Vasilevsky

• Improve routes source location detection.

  Jean Boussier

• Fix Request#raw_post raising NoMethodError when rack.input is nil.

  Hartley McGuire

• Fix url generation in nested engine when script name is empty.

  zzak

• Fix Mime::Type.parse handling type parameters for HTTP Accept headers.

  Taylor Chaparro

• Fix the error page that is displayed when a view template is missing to account for nested controller paths in the
  suggested correct location for the missing template.

  Joshua Young

• Fix a regression in 7.1.3 passing a to: option without a controller when the controller is already defined by a scope.

  Rails.application.routes.draw do
    controller :home do
      get "recent", to: "recent_posts"
    end
  end

  Étienne Barrié

• Fix ActionDispatch::Executor middleware to report errors handled by ActionDispatch::ShowExceptions

  In the default production environment, ShowExceptions rescues uncaught errors
  and returns a response. Because of this the executor wouldn't report production
  errors with the default Rails configuration.

  Jean Boussier

Active Job

• Register autoload for ActiveJob::Arguments.

  Rafael Mendonça França

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• Fixes race condition for multiple preprocessed video variants.

  Justin Searls

Action Mailbox

• No changes.

Action Text

• Strip content attribute if the key is present but the value is empty

  Jeremy Green

• Only sanitize content attribute when present in attachments.

  Petrik de Heus

Railties

• Preserve --asset-pipeline propshaft when running app:update.

  Zacharias Knudsen

• Allow string keys for SQLCommenter.

  Ngan Pham

• Fix derived foreign key to return correctly when association id is part of query constraints.

  Varun Sharma

• Show warning for secret_key_base in development too.

  fatkodima

• Fix sanitizer vendor configuration in 7.1 defaults.

  In apps where rails-html-sanitizer was not eagerly loaded, the sanitizer default could end up
  being Rails::HTML4::Sanitizer when it should be set to Rails::HTML5::Sanitizer.

  Mike Dalessio, Rafael Mendonça França

• Revert the use of Concurrent.physical_processor_count in default Puma config

  While for many people this saves one config to set, for many others using
  a shared hosting solution, this cause the default configuration to spawn
  way more workers than reasonable.

  There is unfortunately no reliable way to detect how many cores an application
  can realistically use, and even then, assuming the application should use
  all the machine resources is often wrong.

  Jean Boussier

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.