All Versions
34
Latest Version
Avg Release Cycle
106 days
Latest Release
116 days ago

Changelog History
Page 1

  • v6.6.0 Changes

    January 29, 2022

    โž• Added

    • Ability to have access to the request object instead of only env (still can access env with request.env) when customizing throttle and blocklist responses with new methods Rack::Attack.blocklisted_responder= and Rack::Attack.throttled_responder= which yield the request to your lambda. ([@NikolayRys])

    ๐Ÿ—„ Deprecated

    • Rack::Attack.blocklisted_response=
    • Rack::Attack.throttled_response=
  • v6.5.0 Changes

    February 07, 2021

    โž• Added

    • Added ability to normalize throttle discriminator by setting Rack::Attack.throttle_discriminator_normalizer (@fatkodima)

    Example:

      Rack::Attack.throttle_discriminator_normalizer = ->(discriminator) { ... }
    

    or disable default normalization with:

      Rack::Attack.throttle_discriminator_normalizer = nil
    

    โœ‚ Removed

    • โฌ‡๏ธ Dropped support for ruby v2.4
    • โฌ‡๏ธ Dropped support for rails v5.1
  • v6.4.0 Changes

    January 23, 2021

    โž• Added

    • โž• Added support for ruby v3.0

    โœ‚ Removed

    • โฌ‡๏ธ Dropped support for ruby v2.3
  • v6.3.1 Changes

    May 21, 2020

    ๐Ÿ›  Fixed

    • โš  Warning when using ActiveSupport::Cache::RedisCacheStore as a cache store with rails 5.2.4.3 (#482) (@rofreg)
  • v6.3.0 Changes

    April 26, 2020

    โž• Added

    • Rack::Attack.reset! to reset state (#436) (@fatkodima)
    • Rack::Attack.throttled_response_retry_after_header= setting that enables a Retry-After response header when client is throttled (#440) (@fatkodima)

    ๐Ÿ”„ Changed

    • ๐Ÿ”ง No longer swallow Redis non-connection errors if Redis is configured as cache store (#450) (@fatkodima)

    ๐Ÿ›  Fixed

    • ๐Ÿ”ง Rack::Attack.clear_configuration also clears blocklisted_response and throttled_response back to defaults
  • v6.2.2 Changes

    December 17, 2019

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fixed occasional Redis::FutureNotReady error (#445) (@fatkodima)
  • v6.2.1 Changes

    October 30, 2019

    ๐Ÿ›  Fixed

    • โœ‚ Remove unintended side-effects on Rails app initialization order. It was potentially affecting the order of config/initializers/* in respect to gems initializers (#457)
  • v6.2.0 Changes

    October 12, 2019

    โž• Added

    • Failsafe on Redis error replies in RedisCacheStoreProxy (#421) (@cristiangreco)
    • ๐Ÿš… Rack::Attack middleware is now auto added for Rails 5.1+ apps to simplify gem setup (#431) (@fatkodima)
    • You can disable Rack::Attack with Rack::Attack.enabled = false (#431) (@fatkodima)
  • v6.1.0 Changes

    July 11, 2019

    โž• Added

    • Provide throttle discriminator in the env throttle_data
  • v6.0.0 Changes

    April 18, 2019

    โž• Added

    • #blocklist and #safelist name argument (the first one) is now optional.
    • โž• Added support to subscribe only to specific event types via ActiveSupport::Notifications, e.g. subscribe to the throttle.rack_attack or the blocklist.rack_attack event.

    ๐Ÿ”„ Changed

    • ๐Ÿ”„ Changed ActiveSupport::Notifications event naming to comply with the recommended format.
    • ๐Ÿ”„ Changed ActiveSupport::Notifications event so that the 5th yielded argument to the #subscribe method is now a Hash instead of a Rack::Attack::Request, to comply with ActiveSupports spec. The original request object is still accessible, being the value of the hash's :request key.

    ๐Ÿ—„ Deprecated

    • ๐Ÿ‘ Subscriptions via ActiveSupport::Notifications to the "rack.attack" event will continue to work (receive event notifications), but it is going to be removed in a future version. Replace the event name with /rack_attack/ to continue to be subscribed to all events, or "throttle.rack_attack" e.g. for specific type of events only.

    โœ‚ Removed

    • โœ‚ Removed support for ruby 2.2.
    • โœ‚ Removed support for obsolete memcache-client as a cache store.
    • โœ‚ Removed deprecated methods #blacklist and #whitelist (use #blocklist and #safelist instead).