The release brings very exciting new features along with a triple threat for the modern web which we’ll be powering through in this blog post so keep on reading!
Rails’ full-stack strategy has been a leading factor in its success, but yet poses confusion as to what’s enough to include and what’s not. Regardless, Rails 7’s alpha release has brought on some massive changes with a comprehensive list of tools shipped in the box.
Something that intrigued me the most was what David Hansson refers to as the “triple threat” in his Alpha preview video, a gamechanger for the modern web which includes:
- Advancements in browser support for ES6/ESM (required to escape the transpiling step)
- Widespread adoption of HTTP/2 (makes bundling no longer necessary)
- Import maps
Rails 7 will default to import-mapped Hotwire
Meanwhile, you can make use of the cssbundling-rails gem to bundle and process CSS in Rails with Tailwind CSS, Bootstrap, Bulma, PostCSS, or Dart Sass.
At-Work Encryption With Active Record
Encrypted attributes have been added to Active Record that are declared at the model level, which means that your application can offer at-work encryption in addition to the traditional at-rest and in-transit coverage. This not only adds an extra layer of security but using Active Record Encryption lets you define what constitutes sensitive information at the code level.
Some of the additional features in this library quoted on GitHub include:
- Encrypt action text attributes
- Support ignoring case
- Work with encrypted and unencrypted data simultaneously.
- Configurable encryption schemes
- Support old encryption schemes while migrating existing encrypted data to a new scheme
- Fixtures support
- Filter parameters based on encrypted attributes (to remove sensitive params from logs).
The Alpha 2 release of Rails 7 also comes with a load of new features and updates.
Const_missing has also been replaced with Zeitwerk, an efficient and thread-safe code loader for Ruby.
Server Timing Middleware has also made its way into Ruby on Rails. Used to surface any backend server timing metrics, Server-Timing header displays durations for all ActiveSupport::Notifications.
Check basic auth credentials before authenticate
http_basic_authentication_with, if you send a request to a controller protected by basic authentication with wrong credentials, the following error will be displayed:
NoMethodError: undefined method 'bytesize' for nil:NilClass
Allow link_to helper to infer link name from Model#to_s
With this PR, if your model defines #to_s you will no longer have to supply a second argument to link_to.
Of course, the list of the latest updates and improvements in Rails 7 continues to grow. Our team is looking forward to seeing what comes to the beta -> release candidate -> final train.
While we wait, do make sure to check out the full edition of Rails 7 Alpha 1 and Alpha 2.