[UNRELEASED] * Improvement: Support file extension names both as symbols and strings for :content_type_mappings * Issue file delete only once per unique style when nullifying attachment or destroying an object. Avoids triggering a rate limit error on Google Cloud Storage. 7.0.0 (2021-05-28) * Replace `mimemagic` gem with `marcel` due to licensing issues. See https://github.com/kreeti/kt-paperclip/pull/54 for details and limitations 6.4.1 (2021-01-30) * Improvement: Use URI.open in ruby > 2.5 (PR #45) 6.4.0 (2020-12-14) * Improvement: Fix Ruby 2.7 method & syntax deprecation warnings (#38) 6.3.0 (2020-08-10) * Feature: Add validation_errors_to option - customize copying of errors (#26) * Stability: Dropped support for ruby 2.1 6.2.2 (2020-02-18) * Bugfix: Add support for Aliases in S3 credentials YAML (accidentally removed during 6.2.0 upgrade). 6.2.1 (2020-01-30) * Bugfix: Auto-loading of the gem code (necessitated due to change in gem name). 6.2.0 (2020-01-23): * Bugfix: Don't do post-processing on invalid attachments (#16). * Improvement: Use AWS::S3 built in download_file method (#9). * Stability: Rubocop recommended syntax updates (#10, #11, #13, #14). * Stability: Testing - replace mocha and bourne with rspec mocks (#6). * Stability: Fix test suite to run with Rails 5 and Rails 6 (#19, #20, #7). 6.1.0 (2018-07-27): * BUGFIX: Don't double-encode URLs (Roderick Monje). * BUGFIX: Only use the content_type when it exists (Jean-Philippe Doyle). * STABILITY: Better handling of the content-disposition header. Now supports file name that is either enclosed or not in double quotes and is case insensitive as per RC6266 grammar (Hasan Kumar, Yves Riel). * STABILITY: Change database column type of attachment file size from unsigned 4-byte `integer` to unsigned 8-byte `bigint`. The former type limits attachment size to just over 2GB, which can easily be exceeded by a large video file (Laurent Arnoud, Alen Zamanyan). * STABILITY: Better error message when thumbnail processing errors (Hayden Ball). * STABILITY: Fix file linking issues around Windows (Akihiko Odaki). * STABILITY: Files without an extension will now be checked for spoofing attempts (George Walters II). * STABILITY: Manually close Tempfiles when we are done with them (Erkki Eilonen). 6.0.0 (2018-03-09): * Improvement: Depend only on `aws-sdk-s3` instead of `aws-sdk` (https://github.com/thoughtbot/paperclip/pull/2481) 5.3.0 (2018-03-09): * Improvement: Use `FactoryBot` instead of `FactoryGirl` (https://github.com/thoughtbot/paperclip/pull/2501) * Improvement: README updates (https://github.com/thoughtbot/paperclip/pull/2411, https://github.com/thoughtbot/paperclip/pull/2433, https://github.com/thoughtbot/paperclip/pull/2374, https://github.com/thoughtbot/paperclip/pull/2417, https://github.com/thoughtbot/paperclip/pull/2536) * Improvement: Remove Ruby 2.4 deprecation warning (https://github.com/thoughtbot/paperclip/pull/2401) * Improvement: Rails 5 migration compatibility (https://github.com/thoughtbot/paperclip/pull/2470) * Improvement: Documentation around post processing (https://github.com/thoughtbot/paperclip/pull/2381) * Improvement: S3 hostname example documentation (https://github.com/thoughtbot/paperclip/pull/2379) * Bugfix: Allow paperclip to load in IRB (https://github.com/thoughtbot/paperclip/pull/2369) * Bugfix: MIME type detection (https://github.com/thoughtbot/paperclip/issues/2527) * Bugfix: Bad tempfile state after symlink failure (https://github.com/thoughtbot/paperclip/pull/2540) * Bugfix: Rewind file after Fog bucket creation (https://github.com/thoughtbot/paperclip/pull/2572) * Improvement: Use `Terrapin` instead of `Cocaine` (https://github.com/thoughtbot/paperclip/pull/2553) 5.2.1 (2018-01-25): * Bugfix: Fix copying files on Windows. (#2532) 5.2.0 (2018-01-23): * Security: Remove the automatic loading of URI adapters. Some of these adapters can be specially crafted to expose your network topology. (#2435) * Bugfix: The rake task no longer rescues `Exception`. (#2476) * Bugfix: Handle malformed `Content-Disposition` headers (#2283) * Bugfix: The `:only_process` option works when passed a lambda again. (#2289) * Improvement: Added `:use_accelerate_endpoint` option when using S3 to enable [Amazon S3 Transfer Acceleration](http://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) (#2291) * Improvement: Make the fingerprint digest configurable per attachment. The default remains MD5. Making this configurable means it can change in a future version because it is not considered secure anymore against intentional file corruption. For more info, see https://en.wikipedia.org/wiki/MD5#Security You can change the digest used for an attachment by adding the `:adapter_options` parameter to the `has_attached_file` options like this: `has_attached_file :avatar, adapter_options: { hash_digest: Digest::SHA256 }` Use the rake task to regenerate fingerprints with the new digest for a given class. Note that this does **not** check the file integrity using the old fingerprint. Run the following command to regenerate fingerprints for all User attachments: `CLASS=User rake paperclip:refresh:fingerprints` You can optionally limit the attachment that will be processed, e.g: `CLASS=User ATTACHMENT=avatar rake paperclip:refresh:fingerprints` (#2229) * Improvement: The new `frame_index` option on the thumbnail processor allows you to select a specific frame from an animated upload to use as a thumbnail. Initial support is for mkv, avi, MP4, mov, MPEG, and GIF. (#2155) * Improvement: Instead of copying files, use hard links. This is an optimization. (#2120) * Improvement: S3 storage option `:s3_prefixes_in_alias`. (#2287) * Improvement: Fog option `:fog_public` can be a lambda. (#2302) * Improvement: One fewer warning on JRuby. (#2352) * Ruby 2.4.0 compatibility (doesn't use Fixnum anymore) 5.1.0 (2016-08-19): * Add default `content_type_detector` to `UploadedFileAdapter` (#2270) * Default S3 protocol to empty string (#2038) * Don't write original file if it wasn't reprocessed (#1993) * Disallow trailing newlines in regular expressions (#2266) * Support for readbyte in Paperclip attachments (#2034) * (port from 4.3) Uri io adapter uses the content-disposition filename (#2250) * General refactors and documentation improvements 5.0.0 (2016-07-01): * Improvement: Add `read_timeout` configuration for URI Adapter download_content method. * README adjustments for Ruby beginners (add links, elucidate model in Quick Start) * Bugfix: Now it's possible to save images from URLs with special characters [#1932] * Bugfix: Return false when file to copy is not present in cloud storage [#2173] * Automatically close file while checking mime type [#2016] * Add `read_timeout` option to `UriAdapter#download_content` method [#2232] * Fix a nil error in content type validation matcher [#1910] * Documentation improvements 5.0.0.beta2 (2016-04-01): * Bugfix: Dynamic fog directory option is now respected * Bugfix: Fixes cocaine duplicated paths [#2169] * Removal of dead code (older versions of Rails and AWS SDK) * README adjustments 5.0.0.beta1 (2016-03-13): * Bug Fix: megabytes of mime-types info in logs when a spoofed media type is detected. * Drop support to end-of-life'd ruby 2.0. * Drop support for end-of-life'd Rails 3.2 and 4.1 * Drop support for AWS v1 * Remove tests for JRuby and Rubinius from Travis CI (they were failing) * Improvement: Add `fog_options` configuration to send options to fog when storing files. * Extracted repository for locales only: https://github.com/thoughtbot/paperclip-i18n * Bugfix: Original file could be unlinked during `post_process_style`, producing failures * Bugfix for image magick scaling images up * Memory consumption improvements * `url` on a unpersisted record returns `default_url` rather than `nil` * Improvement: aws-sdk v2 support https://github.com/thoughtbot/paperclip/pull/1903 If your Gemfile contains aws-sdk (>= 2.0.0) and aws-sdk-v1, paperclip will use aws-sdk v2. With aws-sdk v2, S3 storage requires you to set the s3_region. s3_region may be nested in s3_credentials, and (if not nested in s3_credentials) it may be a Proc. 4.3 See patch versions in v4.3 NEWS: https://github.com/thoughtbot/paperclip/blob/v4.3/NEWS 4.3.0 (2015-06-18): * Improvement: Update aws-sdk and cucumber gem versions. * Improvement: Add `length` alias for `size` method in AbstractAdapter. * Improvement: Removed some cruft * Improvement: deep_merge! Attachment definitions * Improvement: Switch to mimemagic gem for content-type detection * Improvement: Allows multiple content types for spoof detector * Bug Fix: Don't assume we have Rails.env if we have Rails * Performance: Decrease Memory footprint * Ruby Versioning: Drop support for 1.9.3 (EOL'ed) * Rails Versioning: Drop support for 4.0.0 (EOL'ed) 4.2.4 (2015-06-05): * Rollback backwards incompatible change, allowing paperclip to run on Ruby >= 1.9.2. 4.2.3: * Fix dependency specifications (didn't work with Rails 4.1) * Fix paperclip tests in CI 4.2.2: * Security fix: Fix a potential security issue with spoofing 4.2.1: * Improvement: Added `validate_media_type` options to allow/bypass spoof check * Improvement: Added incremental backoff when AWS gives us a SlowDown error. * Improvement: Stream downloads when usign aws-sdk. * Improvement: Documentation fixes, includes Windows instructions. * Improvement: Added pt-BR, zh-HK, zh-CN, zh-TW, and ja-JP locales. * Improvement: Better escaping for characters in URLs * Improvement: Honor `fog_credentials[:scheme]` * Improvement: Also look for custom processors in lib/paperclip * Improvement: id partitioning for string IDs works like integer id * Improvement: Can pass options to DB adapters in migrations * Improvement: Update expiring_url creation for later versions of fog * Improvement: `path` can be a Proc in S3 attachments * Test Fix: Improves speed and reliability of the specs * Bug Fix: #original_filename= does not error when passed `nil` 4.2.0: * Improvement: Converted test suite from test/unit to RSpec * Improvement: Refactored Paperclip::Attachment#assign * Improvement: Added Spanish and German locales * Improvement: Required Validators accept validator subclasses * Improvement: EXIF orientation checking can be turned off for performance * Improvement: Documentation updates * Improvement: Better #human_size method for AttachmentSizeValidators * Bug Fix: Allow MIME-types with dots in them * Improvement: Travis CI updates * Improvement: Validators can take multiple messages * Improvement: Per-style options for S3 storage * Improvement: Allow `nil` geometry strings * Improvement: Use `eager_load!` 4.1.1: * Improvement: Add default translations for spoof validation * Bug Fix: Don't check for spoofs if the file hasn't changed * Bug Fix: Callback chain terminator is different in Rails 4.1, remove warnings * Improvement: Fixed various Ruby warnings * Bug Fix: Give bundler a hint, so it doesn't run forever on a fresh bundle * Improvement: Documentation fixes * Improvement: Allow travis-ci to finish-fast 4.1.0: * Improvement: Add :content_type_mappings to correct for missing spoof types * Improvement: Credit Egor Homakov with discovering the content_type spoof bug * Improvement: Memoize calls to identify in the thumbnail processor * Improvement: Make MIME type optional for Data URIs. * Improvement: Add default format for styles 4.0.0: * Security: Attachments are checked to make sure they're not pulling a fast one. * Security: It is now *enforced* that every attachment has a file/mime validation. * Bug Fix: Removed a call to IOAdapter#close that was causing issues. * Improvement: Added bullets to the 3.5.3 list of changes. Very important. * Improvement: Updated the copyright to 2014 3.5.3: * Improvement: After three long, hard years... we know how to upgrade * Bug Fix: #expiring_url returns 'missing' urls if nothing is attached * Improvement: Lots of documentation fixes * Improvement: Lots of fixes for Ruby warnings * Improvement: Test the most appropriate Ruby/Rails comobinations on Travis * Improvement: Delegate more IO methods through IOAdapters * Improvement: Remove Rails 4 deprecations * Improvement: Both S3's and Fog's #expiring_url can take a Time or Int * Bug Fix: Both S3's and Fog's expiring_url respect style when missing the file * Bug Fix: Timefiles will have a reasonable-length name. They're all MD5 hashes now * Bug Fix: Don't delete files off S3 when reprocessing due to AWS inconsistencies * Bug Fix: "swallow_stream" isn't thread dafe. Use :swallow_stderr * Improvement: Regexps use \A and \Z instead of ^ and $ * Improvement: :s3_credentials can take a lambda as an argument * Improvement: Search up the class heirarchy for attachments * Improvement: deep_merge options instead of regular merge * Bug Fix: Prevent file deletion on transaction rollback * Test Improvement: Ensure more files are properly closed during tests * Test Bug Fix: Return the gemfile's syntax to normal 3.5.2: * Security: Force cocaine to at least 0.5.3 to include a security fix * Improvement: Fixed some README exmaples * Feature: Added HTTP URL Proxy Adapter, can assign string URLs as attachments * Improvement: Put validation errors on the base attribute and the sub-attribute 3.5.1: * Bug Fix: Returned the class-level `attachment_definitions` method for compatability. * Improvement: Ensured compatability with Rails 4 * Improvement: Added Rails 4 to the Appraisals * Bug Fix: #1296, where validations were generating errors * Improvement: Specify MIT license in the gemspec 3.5.0: * Feature: Handle Base64-encoded data URIs as uploads * Feature: Add a FilenameCleaner class to allow custom filename sanitation * Improvement: Satisfied Mocha deprecation warnings * Bug Fix: Allow empty string to be submitted and ignored, as some forms do this * Improvement: Make #expiring_url behavior consistent with #url * Bug Fix: "Validate" attachments without invoking AR's validations * Improvement: Various refactorings for a cleaner codebase * Improvement: Be agnostic, use ActiveModel when appropriate * Improvement: Add validation errors to the base attachment attribute * Improvement: Handle errors in rake tasks * Improvement: Largely refactor has_attached_file into a new class * Improvement: Added Ruby 2.0.0 as a supported platform and removed 1.8.7 * Improvement: Fixed some incompatabilities in the test suite 3.4.2: * Improvement: Use https for Gemfile urls * Improvement: Updated and more correct documentation * Improvement: Use the -optimize flag on animated GIFs * Improvement: Remove the Gemfile.lock * Improvement: Add #expiring_url as an alias for #url until the storage defines it * Improvement: Remove path clash checking, as it's unnecessary * Bug Fix: Do not rely on checking version numbers for aws-sdk 3.4.1: * Improvement: Various documentation fixes and improvements * Bug Fix: Clearing an attachment with `preserve_files` on should still clear the attachment * Bug Fix: Instances are #changed? when a new file is assigned * Bug Fix: Correctly deal with S3 styles when using a lambda * Improvement: Accept and pass :credential_provider option to AWS-SDK * Bug Fix: Sanitize original_filename more correctly in IO Adapters * Improvement: s3_host_name can be a lambda * Improvement: Cache some interpolations for speed * Improvement: Update to latest cocaine * Improvement: Update copyrights, various typos 3.4.0: * Bug Fix: Allow UploadedFileAdapter to force the use of `file` * Bug Fix: Close the file handle when dealing with URIs * Bug Fix: Ensure files are closed for writing when we're done. * Bug Fix: Fixed 'type' being nil on Windows 7 error. * Bug Fix: Fixed nil access when no s3 headers are defined * Bug Fix: Fixes auto_orientation * Bug Fix: Prevent a missing method error when switching from aws_sdk to fog * Bug Fix: Properly fail to process invalid attachments * Bug Fix: Server-side encryption is specified correctly * Bug Fix: fog_public returned to true by default * Bug Fix: Check attachment paths for duplicates, not URLs * Feature: Add Attachment#blank? * Feature: Add support for blacklisting certain content_types * Feature: Add support for style-specific s3 headers and meta data * Feature: Allow only_process to be a lambda * Feature: Allow setting of escape url as a default option * Feature: Create :override_file_permissions option for filesystem attachments * Improvement: Add Attachment#as_json * Improvement: Evaluate lambdas for fog_file properties * Improvement: Extract geometry parsing into factories * Improvement: Fixed various typos * Improvement: Refactored some tests * Improvement: Reuse S3 connections New In 3.3.1: * Bug Fix: Moved Filesystem's copy_to_local_file to the right place. 3.3.0: * Improvement: Upgrade cocaine to 0.4 3.2.0: * Bug Fix: Use the new correct Amazon S3 encryption header. * Bug Fix: The rake task respects the updated_at column. * Bug Fix: Strip newline from content type. * Feature: Fog file visibility can be specified per style. * Feature: Automatically rotate images. * Feature: Reduce class-oriented programming of the attachment definitions. 3.1.4: * Bug Fix: Allow user to be able to set path without `:style` attribute and not raising an error. This is a regression introduced in 3.1.3, and that feature will be postponed to another minor release instead. * Feature: Allow for URI Adapter as an optional paperclip io adapter. 3.1.3: * Bug Fix: Copy empty attachment between instances is now working. * Bug Fix: Correctly rescue Fog error. * Bug Fix: Using default path and url options in Fog storage now work as expected. * Bug Fix: `Attachment#s3_protocol` now returns a protocol without colon suffix. * Feature: Paperclip will now raise an error if multiple styles are defined but no `:style` interpolation exists in `:path`. * Feature: Add support for `#{attachment}_created_at` field * Bug Fix: Paperclip now gracefully handles msising file command. * Bug Fix: `StringIOAdapter` now accepts content type. 3.1.2: * Bug Fix: #remove_attachment on 3.1.0 and 3.1.1 mistakenly trying to remove the column that has the same name as data type (such as :string, :datetime, :interger.) You're advised to update to Paperclip 3.1.2 as soon as possible. 3.1.1: * Bug Fix: Paperclip will only load Paperclip::Schema only when Active Record is available. 3.1.0: * Feature: Paperclip now support new migration syntax (sexy migration) that reads better: class AddAttachmentToUsers < ActiveRecord::Migration def self.up create_table :users do |t| t.attachment :avatar end end end Also, schema-definition level syntax has been added: add_attachment :users, :avatar remove_attachment :users, :avatar * Feature: Migration now support Rails 3.2+ `change` method. * API CHANGE: Old `t.has_attached_file` and `drop_attached_file` are now deprecated. You're advised to update your migration file before the next MAJOR version. * Bug Fix: Tempfile now rewinded before generating fingerprint * API CHANGE: Tempfiles are now unlinked after `after_flush_writes` If you need to interact with the generated tempfiles, please define an `after_flush_writes` method in your model. You'll be able to access files via `@queue_for_write` instance variable. * Bug Fix: `:s3_protocol` can now be defined as either String or Symbol * Bug Fix: Tempfiles are now rewinded before get passed into `after_flush_writes` * Feature: Added expiring_url method to Fog Storage * API CHANGE: Paperclip now tested against AWS::SDK 1.5.2 onward * Bug Fix: Improved the output of the content_type validator so the actual failure is displayed * Feature: Animated formats now identified using ImageMagick. * Feature: AttachmentAdapter now support fetching attachment with specific style. * Feature: Paperclip default options can now be configured in Rails.configuration. * Feature: add Geometry#resize_to to calculate dimensions of new source. * Bug Fix: Fixed a bug whereby a file type with multiple mime types but no official type would cause the best_content_type to throw an error on trying nil.content_type. * Bug Fix: Fix problem when the gem cannot be installed on the system that has Asepsis installed. 3.0.4: * Feature: Adds support for S3 scheme-less URL generation. 3.0.3: * Bug Fix: ThumbnailProcessor now correctly detects and preserve animated GIF. * Bug Fix: File extension is now preserved in generated Tempfile from adapter. * Bug Fix: Uploading file with unicode file name now won't raise an error when logging in the AWS is turned on. * Bug Fix: Task "paperclip:refresh:missing_styles" now work correctly. * Bug Fix: Handle the case when :restricted_characters is nil. * Bug Fix: Don't delete all the existing styles if we reprocess. * Bug Fix: Content type is now ensured to not having a new line character. * API CHANGE: Non-Rails usage should include Paperclip::Glue directly. `Paperclip::Railtie` was intended to be used with Ruby on Rails only. If you're using Paperclip without Rails, you should include `Paperclip::Glue` into `ActiveRecord::Base` instead of requiring `paperclip/railtie`: ActiveRecord::Base.send :include, Paperclip::Glue * Bug Fix: AttachmentContentTypeValidator now allow you to specify :allow_blank/:allow_nil * Bug Fix: Make sure content type always a String. * Bug Fix: Fix attachment.reprocess! when using storage providers fog and s3. * Bug Fix: Fix a problem with incorrect content_type detected with 'file' command for an empty file on Mac. 3.0.2: * API CHANGE: Generated migration class name is now plural (AddAttachmentToUsers instead of AddAttachmentToUser) * API CHANGE: Remove Rails plugin initialization code. * API CHANGE: Explicitly require Ruby 1.9.2 in the Gemfile. * Bug Fix: Fixes AWS::S3::Errors::RequestTimeout on Model#save. * Bug Fix: Fix a problem when there's no logger specified. * Bug Fix: Fix a problem when attaching Rack::Test::UploadedFile instance. 3.0.1: * Feature: Introduce Paperlip IO adapter. * Bug Fix: Regression in AttachmentContentTypeValidator has been fixed. * API CHANGE: #to_file has been removed. Use the #copy_to_local_file method instead. 3.0.0: * API CHANGE: Paperclip now requires at least Ruby on Rails version 3.0.0 * API CHANGE: The default :url and :path have changed. The new scheme avoids filesystem conflicts and scales to handle larger numbers of uploads. The easiest way to upgrade is to add an explicit :url and :path to your has_attached_file calls: has_attached_file :avatar, :path => ":rails_root/public/system/:attachment/:id/:style/:filename", :url => "/system/:attachment/:id/:style/:filename" * Feature: Adding Rails 3 style validators, and adding `validates_attachment` method as a shorthand. * Bug Fix: Paperclip's rake tasks now loading records in batch. * Bug Fix: Attachment style name with leading number now not raising an error. * Bug Fix: File given to S3 and Fog storage will now be rewinded after flush_write. * Feature: You can now pass addional parameter to S3 expiring URL, such as :content_type. 2.7.0: * Bug Fix: Checking the existence of a file on S3 handles all AWS errors. * Bug Fix: Clear the fingerprint when removing an attachment. * Bug Fix: Attachment size validation message reads more nicely now. * Feature: Style names can be either symbols or strings. * Compatibility: Support for ActiveSupport < 2.3.12. * Compatibility: Support for Rails 3.2. 2.6.0: * Bug Fix: Files are re-wound after reading. * Feature: Remove Rails dependency from specs that need Paperclip. * Feature: Validation matchers support conditionals. 2.5.2: * Bug Fix: Can be installed on Windows. * Feature: The Fog bucket name, authentication, and host can be determined at runtime via Proc. * Feature: Special characters are replaced with underscores in #url and #path. 2.5.1: * Feature: After we've computed the content type, pass it to Fog. * Feature: S3 encryption with the new :s3_server_side_encryption option. * Feature: Works without ActiveRecord, allowing for e.g. mongo backends. 2.5.0: * Performance: Only connect to S3 when absolutely needed. * Bug Fix: STI with cached classes respect new options. * Bug Fix: conditional validations broke, and now work again. * Feature: URL generation is now parameterized and can be changed with plugins or custom code. * Feature: :convert_options and :source_file_options to control the ImageMagick processing. * Performance: String geometry specifications now parse more quickly. * Bug Fix: Handle files with question marks in the filename. * Bug Fix: Don't raise an error when generating an expiring URL on an unassigned attachment. * Bug Fix: The rake task runs over all instances of an ActiveRecord model, ignoring default scopes. * Feature: DB migration has_attached_file and drop_attached_file methods. * Bug Fix: Switch from AWS::S3 to AWS::SDK for the S3 backend. * Bug Fix: URL generator uses '?' in the URL unless it already appears and there is no prior '='. * Bug Fix: Always convert the content type to a string before stripping blanks. * Feature: The :keep_old_files option preserves the files in storage even when the attachment is cleared or changed. * Performance: Optimize Fog's public_url access by avoiding it when possible. * Bug Fix: Avoid a runtime error when generating the ID partition for an unsaved attachment. * Performance: Do not calculate the fingerprint if it is never persisted. * Bug Fix: Process the :original style before all others, in case of a dependency. * Feature: S3 headers can be set at runtime by passing a proc object as the value. * Bug Fix: Generating missing attachment styles for a model which has had its attachment changed should not raise. * Bug Fix: Do not collide with the built-in Ruby hashing method.