This month's contributors

Please thank these 49 (and counting) awesome people who helped improve our framework in July!

Rails 3.2.19, 4.0.8 and 4.1.4 have been released!

These security releases addressed several vulnerabilities in Rails and everyone is advised to upgrade as soon as possible. To make the upgrade easy, they only contain the commits that's necessary to address the relevant security issues.

Foreign keys support in migrations and `schema.rb`

One of first major feature to look forward to in Rails 4.2 – you can now add foreign key constraints directly in your migrations. Can't wait? Check out the foreigner gem to start using them today!

`Hash#transform_values`

Have you ever wanted to transform the values of a hash? With this new method in Active Support it should be much easier.

Rollback attribute changes with `undo_changes`

This new method allows you to rollback any in-memory changes on your models without reloading it from the database.

New `--skip-gems` for the Rails application generator

If you are not onboard with turbolinks or CoffeeScript, this new option on the application generator will be your best friend from now.

Introducing `rake db:purge` to empty your databases

Had a bad integration test run left behind some test data behind? No problem, rake db:purge will clean that up for you.

`validate!` your Active Record models

A bang version of the new validate that does what you would expect.                                                                                                    

Regexp/block in the `highlight`/`except` helpers

These two handy just learned a few new tricks to make displaying search results easy.

New `required` option for singular associations

This new option simplifies the common boilerplate of adding a belongs_to association and a "presence" validation for the same association.

Address "rosetta flash" (CVE-2014-4671)

If you haven't heard about it yet, "rosetta flash" is a very clever vulnerability that involves abusing JSONP endpoints to trick the server to serve up a malicious flash file.

`always_permitted_parameters`

If you have been using strong parameters, you might have seen it complain about the unpermitted format parameter or something similar. With this new config you can whitelist some attributes that are always permitted globally.

Removed single-space padding in `render nothing: true`

Once upon a time, there was a buggy version of Safari that would break when an Ajax request returned an empty body. Since the bug has been fixed a long time ago, it's time for us to remove our workaround!

Dirty tracking on string columns and friends

Last time we mentioned that Active Record has (finally) learned to track inline changes in serialized attributes so they can be saved lazily as well. Since then, this support has been expanded to cover other columns such as strings, arrays and more.

Added `rails:update` task to the upgrading guides

When it is time to upgrade to Rails 4.2, you can give this handy rake task a try.

Tip: reversible migrations for changing `default` and `null`

Did you know that you can add migrations to change the default and null options on your column in a reversible manner?

Enabling mailer previews outside of dev environment

Mailer previews was one of my favourite features in Rails 4.1. Want to share your awesome email templates with your marketing department too? Now you can enable this feature on your staging environment with this new setting.

Around callbacks in Rails 4.1

If you are using around callbacks in your application, you might want to double check that they have the right signature before you upgrade to Rails 4.1.