This release offers some cool updates. It’s clear that everybody is concerned about what happened at GitHub a while back, when someone managed to access everybodys ssh keys by using mass-assignment to change his permission. So it’s nice to see that the Rails community is addressing this. I really like that the auto-generated ActiveRecord models have been updated to show the importance of attr_accessible. Since a lot of people who are using rails can be fairly new to developing. For some it might even be the first thing the try. So unless they understand the risks, they might end up with an application with some serious security risks.
I recently wanted to implement a drag and drop browser upload to one of my existing Rails applications. Even though it was not difficult, it felt quite rewarding once it was working (because I don’t like the classic upload forms). So I decided to share the solution for anyone who wants to do something similar.
Yehuda Katz has started a KickStarter project were he explains his plans to develop an .app for Mac OS X that will be used to quickly get up and running with Rails. He mentions how it used to be (in the good old days) and goes on to describe what this project will accomplish. The pledge goal for the project is set to $25,000.