Ruby on Rails 2.3.5 Hits Streets

By Darryl K. Taft  |  Posted 2009-11-30 Print this article Print

The Ruby on Rails community releases Rails 2.3.5. Version 2.3.5 of the Ruby on Rails Web development framework features improved support for Ruby 1.9 and more.

The Ruby on Rails community has announced Rails 2.3.5, a new release of the Ruby on Rails Web development framework that features improved support for Ruby 1.9 and more.

In a Nov. 30 blog post, Gregg Pollack, a Rails developer and member of the Rails Activism team, said Rails 2.3.5 provides several bug fixes and one security fix. The new release is compatible with other 2.3.x versions of Rails, he said.

In addition to the improved compatibility with Ruby 1.9, Rails 2.3.5 supports a RailsXss plug-in. "If you want to have this functionality today you can install Koz's RailsXss plug-in in Rails 2.3.5," Pollack said.

In a post Nov. 27, Mike Gunderloy, a Rails developer and contributor, said, "An XSS vulnerability in strip_tags is fixed. Rails 2.3.5 supports the xss_safe plug-in, which gives you the XSS escaping features that will be the default in Rails 3.0."

In addition, "With Rails 2.3 we were given the ability to switch out the default XML parser from REXML to other faster parsers like Nokogiri," Pollack said. "If your application is parsing lots of XML you may want to switch to this faster XML parser."

Gunderloy also said the MySQL adapter for Rails has been updated to allow the use of stored procedures, and a problem that prevented the debugger from going into IRB (Interactive Ruby) mode has been fixed.

Moreover, Gunderloy advises:

"If you're using Rails 2.3.x, you should upgrade to this version as soon as possible, to get the security fixes that it contains. If you're using Rails 2.2, there's a separate patch available. Rails versions older than 2.2 are no longer supported with security patches, and should be retired/upgraded as soon as possible." 

Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel