

Rails version 3.2.7 has been released - jtsagata
http://weblog.rubyonrails.org/2012/7/26/ann-rails-3-2-7-has-been-released/

======
tenderlove
Crap. I keep forgetting to submit these announcements to hacker news. I'm
saving up my HN points to get a commemorative pin! ;)

If you have questions about the release, or the security issue, fire away. :-)

------
film42
Is it just me or does it seem like everyone's stack is moving away from Rails?
I mean, it's a great solution to many problems, I just feel that there's a lot
more platforms that offer you even better customization and leave a far
smaller footprint.

~~~
aaronblohowiak
It is going through the "small, cohesive" -> "full-featured!" -> "bloated" ->
"modular" -> "too many abstractions" cycle.. in terms of overall adoption, I'm
not sure. Many people like having all the "hard" problems solved for them.

People tend to talk about what's new and shiny because there is greater social
reward for being the advocate of something new/better than there is to say
"what we have is good enough and so I like using it!"

~~~
slurgfest
Orthodoxy has greater social reward when everyone around you is orthodox...

------
aaronblohowiak
Don't call to_sym on untrusted input!

~~~
tptacek
Oh wow. rb_intern() is a mess.

~~~
aaronblohowiak
is the badness in st_lookup or rb_enc_str_new ? I haven't traced the execution
deep enough to see where things go south...

~~~
tptacek
There's badness just in rb_intern, at least in 187.

MRI scares the bejeezus out of me.

~~~
jballanc
I vaguely recall somewhere that Matz commented about how he felt that he was a
good language designer, but not necessarily a good language implementor. I've
always felt that MRI should be treated as a reference implementation, and the
fact that there aren't _more_ alternate implementations of Ruby is a (maybe
sad?) reflection on the Ruby community.

