Rails adds :strict option to the default SQLite database.yml fileSQLite can be configured to be strict to circumvent some of its quirks. Rails can now specify this in the default database.yml file.
Rails now validates options used in migration functionsPreviously erroneous options were silently ignored in migration functions such as "create_table" or "add_column", now they raise an error.
Rails now allows specifying the HTTP status code in assert_redirected_toThe assertion statement previous was only able to assert that the request was redirected, but not the status code.
Rails adds source attribute to its ErrorReporting APISubscribers can now filter error reports based on source, making it easier to ignore internal errors or focus on specific errors.
Rails raises exception when config.active_storage.service is not explicitly setDevelopers are no longer presented vague errors when config.active_storage.service is not set. Instead a clear exception is raised.
Rails now supports infinite range options in LengthValidatorsModels that need to be validated for length can use infinite ranges in :in / :within options
Rails no longer produces false-positive query cache hits when querying with mutable bound parametersActiveRecord now dups and freezes complex types when making query attributes which prevents false-positive query cache hits.
Rails now allows EML files to be downloaded from the email previewAn option to download .eml files directly from the browser when using the email preview feature will now be available in Rails 7.0.
Rails improves the "in_order_of" querying methodThe query that previously only used to allow symbolic column names, now handles string values.
How to enable Rails CSRF Protection?Let’s find out what cross-site request forgery (CSRF) is, how it works in Rails, and understand how we can prevent CSRF vulnerabilities.