Ruby on Rails: Security Fixes and Format Freezing Reverts
Rails merged four pull requests on May 10-11, addressing a security vulnerability in Action Mailbox's Mandrill ingress and reverting unintended freezing of date and database type formats that broke third-party gem compatibility.
Duration: PT1M35S
Episode overview
This episode is a short developer briefing from Ruby on Rails.
It explains recent repository work in plain language.
- Show: Ruby on Rails
- Published: 2026-05-11T10:01:48Z
- Audio duration: PT1M35S
Transcript excerpt
This excerpt keeps the crawler page concise. Listen to the episode or use the RSS feed for the full update.
Good morning, this is your Ruby on Rails briefing for Tuesday, May 11th, 2026.
Four pull requests were merged yesterday and today, primarily addressing format freezing issues and a security fix.
afurm merged a security fix for Action Mailbox's Mandrill ingress that handles missing signature headers. Previously, when the X-Mandrill-Signature header was absent, the system would raise a NoMethodError before properly rejecting the request. The fix now requires a present signature before performing the security…
luizkowalski reverted an unintended freeze on Date::DATE_FORMATS that was breaking the ability to add new date formats, contradicting the documented behavior of the constant. This follows a similar pattern already implemented for Time conversions.
chaadow disabled freezing of NATIVE_DATABASE_TYPES for the MySQL adapter, resolving compatibility issues with third-party gems like 'neighbor' that modify these constants. This aligns the MySQL adapter with the PostgreSQL adapter's approach.
RDIL contributed a documentation fix, correcting a broken link in the Rails 4.0 release notes.
Nearby episodes from Ruby on Rails
- PostgreSQL Performance Enhancements and Database Optimizations
- Documentation and Code Cleanup
- Rendering System Updates and Developer Experience Improvements
- Rendering Improvements and Active Storage Fix
- Code Quality and Test Infrastructure Updates
- Active Storage API Support and Transaction Fixes
- Cache Improvements and Ractor Safety Updates
- Image Analysis Fixes and New Form Helpers