These security releases addressed several vulnerabilities in Rails and everyone is advised to upgrade as soon as possible. To make the upgrade easy, they only contain the commits that's necessary to address the relevant security issues.
If you have been using strong parameters, you might have seen it complain about the unpermitted format parameter or something similar. With this new config you can whitelist some attributes that are always permitted globally.
Once upon a time, there was a buggy version of Safari that would break when an Ajax request returned an empty body. Since the bug has been fixed a long time ago, it's time for us to remove our workaround!
Last time we mentioned that Active Record has (finally) learned to track inline changes in serialized attributes so they can be saved lazily as well. Since then, this support has been expanded to cover other columns such as strings, arrays and more.
Mailer previews was one of my favourite features in Rails 4.1. Want to share your awesome email templates with your marketing department too? Now you can enable this feature on your staging environment with this new setting.