We had 36 people who helped make Rails better this week.
Six of them contributed for the first time ever!
If you would like to help out, check the issues list.

If you've used current_user from Devise, you've already come across what CurrentAttributes partly provides, but wait there's more!

Using CurrentAttributes you can start using per request variables that are accessible across the whole system like Models, Controllers, Views, during a Rails request cycle.

For example you can start using attributes like current_user, account, etc, and much more that your system might need without passing them all around to different methods.

Encrypted cookies now use AES-GCM which couples authentication and encryption in one faster step and produces shorter ciphertexts.

Older cookies encrypted using AES in CBC HMAC mode will be seamlessly upgraded when this new mode is enabled via the action_dispatch.use_authenticated_cookie_encryption configuration value.

On a new app, if you did rails secrets:edit before you've called rails secrets:setup, Rails would throw an error.

With this addition, Rails takes care of doing that for you if not already done.

This change fixes a regression in Numericality validator where extra decimal places on a user input for a decimal column were ignored by numerically validations, for example when comparing 9.18 vs 9.179. 

Rails had a performance regression from 4.2x to 5.0 where initialization of records slowed down by factor of 2x in some cases.

This change optimizes initializations to improve by a factor of 2x for STI models and 1.3x for non-STI models