This week 26 fabulous people contributed to Rails, including 6 first-time contributors! Check out the list of issues if you'd like to help out as well.

GZip file generation was taken out last year from sprockets. This change re-introduces compressed file generation and parallel file writing, which is useful for web servers that don't support gzipping static assets. This is pretty useful if you are on a service like Heroku.

New shortcuts were added to after_commit .. on: :action.
For example,
after_commit :add_to_index_later, on: :create
can now be written as
after_create_commit :add_to_index_later

Previously error pages are always being delivered in html pages in development mode, which is not handy when you would like to view json responses. This change adds support for viewing errors in json format. It also makes sure that when requesting resources like post/1.json, when error occurs, it returns json response based on json format in url, unlike previously used html format.

protect_from_forgery will now be inserted into the callback chain at the
point it is called in the application. This is useful for cases where you
want to protect_from_forgery after you perform required authentication
callbacks or other callbacks that are required to run after forgery protection.

If needed, you can use
protect_from_forgery prepend: true
to always run protect_from_forgery before others.

Usually in Rails API, you would not use protect_from_forgery, by default. The initializer to add this option- request_forgery_protection is now removed if you are creating an API.

Previously if we tried to do

ActiveSupport::Notifications.instrument('foo') do
  ActiveSupport::Notifications.subscribe('foo') {}
end

it would create an error, because for the subscribe inside block, the dynamic subscription does not yet exist.
This change make sure that subscriptions inside instrumentation get notified as well.

Previously, if assert_response was checking for any non-redirect response like :success and actual response was a :redirect then, the error message displayed was like -
Expected response to be a <success>.
This change, now shows the redirected path in error response as-
Expected response to be a <success>, but was a redirect to <http://test.host/posts/lol>