Ruby on Rails

Source: Wikipedia, the free encyclopedia.

Ruby on Rails
Original author(s)David Heinemeier Hansson
Initial releaseAugust 2004; 19 years ago (2004-08)[1]
Stable release
7.0.8[2] Edit this on Wikidata / 9 September 2023; 16 days ago (9 September 2023)
Written in
Web application framework
LicenseMIT License Edit this on Wikidata

Ruby on Rails (simplified as Rails) is a

web application framework written in Ruby under the MIT License. Rails is a model–view–controller (MVC) framework, providing default structures for a database, a web service, and web pages. It encourages and facilitates the use of web standards such as JSON or XML for data transfer and HTML, CSS and JavaScript for user interfacing. In addition to MVC, Rails emphasizes the use of other well-known software engineering patterns and paradigms, including convention over configuration (CoC), don't repeat yourself (DRY), and the active record pattern.[4]

Ruby on Rails' emergence in 2005 greatly influenced web app development, through innovative features such as seamless database table creations, migrations, and scaffolding of views to enable rapid application development. Ruby on Rails' influence on other web frameworks remains apparent today, with many frameworks in other languages borrowing its ideas, including Django in Python; Catalyst in Perl; Laravel, CakePHP and Yii in PHP; Grails in Groovy; Phoenix in Elixir; Play in Scala; and Sails.js in Node.js.

Well-known sites that use Ruby on Rails include Airbnb, Crunchbase, Dribbble,[5] GitHub,[6] Twitch[7] and Shopify.


37signals.[8] Hansson first released Rails as open source in July 2004, but did not share commit rights to the project until February 2005.[citation needed] In August 2006, the framework reached a milestone when Apple announced that it would ship Ruby on Rails with Mac OS X v10.5 "Leopard",[9]
which was released in October 2007.

Rails version 2.3 was released on March 15, 2009, with major new developments in templates, engines, Rack and nested model forms. Templates enable the developer to generate a skeleton application with custom gems and configurations. Engines give developers the ability to reuse application pieces complete with routes, view paths and models. The Rack web server interface and Metal allow one to write optimized pieces of code that route around Action Controller.[10]

On December 23, 2008, Merb, another web application framework, was launched, and Ruby on Rails announced it would work with the Merb project to bring "the best ideas of Merb" into Rails 3, ending the "unnecessary duplication" across both communities.[11] Merb was merged with Rails as part of the Rails 3.0 release.[12][13]

Rails 3.1 was released on August 31, 2011, featuring Reversible Database Migrations, Asset Pipeline, Streaming,

Sass into the stack.[14]

Rails 3.2 was released on January 20, 2012 with a faster development mode and routing engine (also known as Journey engine), Automatic Query Explain and Tagged Logging.[15] Rails 3.2.x is the last version that supports Ruby 1.8.7.[16] Rails 3.2.12 supports Ruby 2.0.[17]

Rails 4.0 was released on June 25, 2013, introducing Russian Doll Caching, Turbolinks, Live Streaming as well as making Active Resource, Active Record Observer and other components optional by splitting them as gems.[18]

Rails 4.1 was released on April 8, 2014, introducing Spring, Variants, Enums, Mailer previews, and secrets.yml.[19]

Rails 4.2 was released on December 19, 2014, introducing Active Job, asynchronous emails, Adequate Record, Web Console, and foreign keys.[20]

Rails 5.0 was released on June 30, 2016, introducing Action Cable, API mode, and Turbolinks 5.[21]

Rails was released on August 10, 2016, with Exclusive use of rails CLI over Rake and support for Ruby version 2.2.2 and above.

Rails 5.1 was released on April 27, 2017, introducing JavaScript integration changes (management of JavaScript dependencies from NPM via Yarn, optional compilation of JavaScript using Webpack, and a rewrite of Rails UJS to use vanilla JavaScript instead of depending on jQuery), system tests using Capybara, encrypted secrets, parameterized mailers, direct & resolved routes, and a unified form_with helper replacing the form_tag/form_for helpers.[22]

Rails 5.2 was released on April 9, 2018, introducing new features that include ActiveStorage, built-in Redis Cache Store, updated Rails Credentials and a new DSL that allows for configuring a Content Security Policy for an application.[23]

Rails 5.2.2 was released on December 4, 2018, introducing numerous bug fixes and several logic improvements.[24]

Rails 6.0 was released on August 16, 2019, making Webpack default, adding mailbox routing, a default online rich-text editor, parallel testing, multiple database support, mailer routing and a new autoloader.[25]

Rails 6.1 was released on December 9, 2020, adding per-database connection switching, horizontal database sharding, eager loading of all associations, Delegated Types as an alternative to single-table inheritance, asynchronous deletion of associations, error objects, and other improvements and bug fixes.[26]

Rails 7.0 was released on December 15, 2021, replacing Node.js and Webpack with import maps for JavaScript management by default, replacing Turbolinks with a combination of Turbo and Stimulus, adding at-work encryption into Active Record, using Zeitwerk exclusively for code loading, and more.[27]

Version History
Version Release Date Compatible Ruby Version(s)[28][29][30]
Old version, no longer maintained: 1.0[31] December 13, 2005 1.8.6
Old version, no longer maintained: 1.2[32] January 19, 2007 1.8.6
Old version, no longer maintained: 2.0[33] December 7, 2007 1.8.6
Old version, no longer maintained: 2.1[34] June 1, 2008 1.8.6
Old version, no longer maintained: 2.2[35] November 21, 2008 1.8.7 recommended; 1.8.6 possible
Old version, no longer maintained: 2.3[36] March 16, 2009 1.8.7 recommended; 1.8.6 and 1.9.1 possible
Old version, no longer maintained: 3.0[37] August 29, 2010 1.9.3 recommended; 1.8.7 and 1.9.2 possible
Old version, no longer maintained: 3.1[38] August 31, 2011 1.9.3 recommended; 1.8.7 and 1.9.2 possible
Old version, no longer maintained: 3.2[39] January 20, 2012 1.9.3 recommended; 1.8.7 and 1.9.2 possible
Old version, no longer maintained: 4.0[40] June 25, 2013 2.0 preferred; 1.9.3 or newer required
Old version, no longer maintained: 4.1[19] April 8, 2014 2.0 preferred; 1.9.3 or newer required
Old version, no longer maintained: 4.2[20] December 19, 2014 2.0 preferred; 1.9.3 or newer required
Old version, no longer maintained: 5.0[21] June 30, 2016 2.2.2 or newer
Old version, no longer maintained: 5.1[22] May 10, 2017 2.2.2 or newer
Old version, no longer maintained: 5.2[23] April 9, 2018 2.2.2 or newer
Older version, yet still maintained: 6.0[25] August 16, 2019 2.5.0 or newer
Older version, yet still maintained: 6.1[26] December 9, 2020 2.5.0 or newer
Current stable version: 7.0[27] December 15, 2021 3.0 preferred; 2.7.0 or newer
Future release: 7.1[41] [to be determined] 3.1 preferred; 2.7.0 or newer
Old version
Older version, still maintained
Latest version
Latest preview version
Future release

Technical overview

Ruby on Rails evolves radically from release to release exploring the use of new technologies and adopting new standards on the Internet. Some features are very stable in Ruby on Rails while some are replaced in favour of new techniques.

Model-view-controller pattern

The model–view–controller (MVC) pattern is the fundamental structure to organize application programming.

In a default configuration, a model in the Ruby on Rails framework maps to a table in a database and to a Ruby file. For example, a model class User will usually be defined in the file 'user.rb' in the app/models directory, and linked to the table 'users' in the database. While developers are free to ignore this convention and choose differing names for their models, files, and database table, this is not common practice and is usually discouraged in accordance with the "convention-over-configuration" philosophy.

A controller is a server-side component of Rails that responds to external requests from the web server to the application, by determining which view file to render. The controller may also have to query one or more models for information and pass these on to the view. For example, in an airline reservation system, a controller implementing a flight-search function would need to query a model representing individual flights to find flights matching the search, and might also need to query models representing airports and airlines to find related secondary data. The controller might then pass some subset of the flight data to the corresponding view, which would contain a mixture of static HTML and logic that use the flight data to create an HTML document containing a table with one row per flight. A controller may provide one or more actions. In Ruby on Rails, an action is typically a basic unit that describes how to respond to a specific external web-browser request. Also, note that the controller/action will be accessible for external web requests only if a corresponding route is mapped to it. Rails encourages developers to use

routes, which include actions such as create, new, edit, update, destroy, show, and index. These mappings of incoming requests/routes to controller actions can be easily set up in the routes.rb configuration file.

A view in the default configuration of Rails is an

erb file, which is evaluated and converted to HTML
at run-time. Alternatively, many other templating systems can be used for views.

Ruby on Rails includes tools that make common development tasks easier "out-of-the-box", such as scaffolding that can automatically construct some of the models and views needed for a basic website.[42] Also included are WEBrick, a simple Ruby web server that is distributed with Ruby, and Rake, a build system, distributed as a gem. Together with Ruby on Rails, these tools provide a basic development environment.

HTTP Servers

Ruby on Rails is most commonly not connected to the Internet directly, but through some front-end

Cherokee, Hiawatha, Nginx (either as a module – Phusion Passenger for example – or via CGI, FastCGI or mod ruby), and many others. From 2008 onward, Passenger replaced Mongrel as the most-used web server for Ruby on Rails.[43] Ruby is also supported natively on IBM i.[44]


Ruby on Rails is also noteworthy for its extensive use of the

web services
. Ruby on Rails 3.0 separates the markup of the page (which defines the structure of the page) from scripting (which determines functionality or logic of the page).

Web Services

Since version 2.0, Ruby on Rails offers both HTML and XML as standard output formats. The latter is the facility for RESTful web services.


Rails 3.1 introduced

Sass as standard CSS


By default, the server uses


Ruby versions

Ruby on Rails 3.0 has been designed to work with Ruby 1.8.7, Ruby 1.9.2, and JRuby 1.5.2+; earlier versions are not supported.[46]

Ruby on Rails 3.2 is the last series of releases that support Ruby 1.8.7.

Framework structure

Ruby on Rails is separated into various packages, namely

object-relational mapping system for database access), Action Pack, Active Support and Action Mailer. Prior to version 2.0, Ruby on Rails also included the Action Web Service package that is now replaced by Active Resource. Apart from standard packages, developers can make plugins to extend existing packages. Earlier Rails supported plugins within their own custom framework; version 3.2 deprecates these in favor of standard Ruby "gems".[47]


Ruby on Rails is often installed using

package management system

Ruby on Rails is typically deployed with a database server such as MySQL or PostgreSQL, and a web server such as Apache running the Phusion Passenger module.

Philosophy and design

Ruby on Rails is intended to emphasize

Don't Repeat Yourself
(DRY) principle.

The Rails Doctrine is an enduring enabler that guides the philosophy, design, and implementation of the Ruby on Rails framework.

"Convention over Configuration" means a developer only needs to specify unconventional aspects of the application. For example, if there is a class Sale in the model, the corresponding table in the database is called sales by default. It is only if one deviates from this convention, such as calling the table "products sold", that the developer needs to write code regarding these names. Generally, Ruby on Rails conventions lead to less code and less repetition.[49]

"Don't repeat yourself" means that information is located in a single, unambiguous place. For example, using the ActiveRecord module of Rails, the developer does not need to specify database column names in class definitions. Instead, Ruby on Rails can retrieve this information from the database based on the class name.

"Fat models, skinny controllers" means that most of the application logic should be placed within the model while leaving the controller as light as possible.

HTML Over The Wire (Hotwire),[50][51] Conceptual compression,[52][53] and robust security[54] mark Rails 7.0's approach to the One person framework.[a]


In March 2007,

Apress permission to use the Ruby on Rails logo on the cover of a new Ruby on Rails book written by some authoritative community members. The episode gave rise to a polite protest in the Ruby on Rails community.[59][60]
In response to this criticism, Hansson replied:

I only grant promotional use [of the Rails logo] for products I'm directly involved with. Such as books that I've been part of the development process for or conferences where I have a say in the execution. I would most definitely seek to enforce all the trademarks of Rails.[59]

The trademark of the logo was cancelled on October 25, 2019.[58]



In earlier days, Rails running on

Java Virtual Machine) for their queueing system and other middleware.[62][63] The user interface aspects of the site continued to run Ruby on Rails[64] until 2011 when it was replaced due to concerns over performance.[65] On the other hand, many Rails business application developers relied on system architecture design, including choices of database engine, cache configuration, and servers, to tackle scalability issues. The original author of Rails, David Heinemeier Hansson, criticized Twitter, saying that their problems scaling were the consequences of their own poor architectural decisions and not the fault of Rails. According to Hansson, blaming Rails for their troubles while making no contributions to the framework is ungrateful and unjust.[66]

In 2011,

Basecamp.[68] As of January 2016, it is estimated that more than 1.2 million web sites are running Ruby on Rails.[69][70]


In March 2012, security researcher Egor Homakov discovered a mass assignment vulnerability that allowed certain Rails applications to be remotely exploited, and demonstrated it by non-maliciously hacking GitHub after his earlier attempts at responsible disclosure were dismissed.[71]

On September 24, 2013, a session cookie persistence security flaw was reported in Ruby on Rails. In a default configuration, the entire session hash is stored within a session cookie known as CookieStore, allowing any authenticated session possessing the session cookie to log in as the target user at any time in the future. As a workaround, administrators are advised to configure cookies to be stored on the server using mechanisms such as ActiveRecordStore.[72]

Researchers Daniel Jackson and Joseph Near developed a data debugger they called "Space" that can analyze the data access of a Rails program and determine if the program properly adheres to rules regarding access restrictions. On April 15, 2016, Near reported that an analysis of 50 popular Web applications using Space uncovered 23 previously unknown security flaws.[73]


  1. ^ Ruby on Rails version 7.0 allows the One-Person Framework (of which the Single page application is one approach) [55]


  1. ^ "Rails 1.0: Party like it's one oh oh!". 13 December 2005. Retrieved 1 March 2017.
  2. ^ "Release 7.0.8". 9 September 2023. Retrieved 19 September 2023.
  3. ^ "Release v6.0.3.4 · rails/rails · GitHub". GitHub. Retrieved 16 December 2019.
  4. ^ "Getting Started with Rails: What Is Rails?". Retrieved 10 August 2014.
  5. ^ Goswami, Shubham. "Django vs Ruby on Rails – The Choice for Mobile App Development". Retrieved 28 November 2020.
  6. IEEE
    . Retrieved 9 November 2021.
  7. ^ "Breaking the Monolith at Twitch: Part One".
  8. ^ Grimmer, Lenz−− (February 2006). "Interview with David Heinemeier Hansson from Ruby on Rails". MySQL AB. Archived from the original on 25 February 2013. Retrieved 8 June 2008.
  9. ^ Hansson, David (7 August 2006). "Ruby on Rails will ship with OS X 10.5 (Leopard)". Retrieved 8 June 2008.
  10. ^ Hansson, David (16 March 2009). "Rails 2.3: Templates, Engines, Rack, Metal, much more!".
  11. ^ "The day Merb joined Rails". 27 December 2008. Archived from the original on 9 February 2013.
  12. ^ "Ruby on Rails 3.0 Release Notes — Ruby on Rails Guides". Retrieved 24 May 2017.
  13. ^ "Ruby on Rails 3.0 goes modular". 10 February 2010. Retrieved 6 August 2010.
  14. ^ "Ruby on Rails 3.1 Release Notes". 1 September 2012.
  15. ^ "Ruby on Rails 3.2 Release Notes". 1 September 2012.
  16. ^ "Rails/master is now 4.0.0.beta". 1 September 2012.
  17. ^ Rails 3.2.x is now compatible with Ruby 2.0.0 by sikachu · Pull Request #9406 · rails/rails · GitHub. Retrieved on 2014-05-30.
  18. ^ "Rails 4.0: Final version released!". 25 June 2013. Retrieved 24 May 2017.
  19. ^ a b "Rails 4.1.0: Spring, Variants, Enums, Mailer previews, secrets.yml". 8 April 2014.
  20. ^ a b "Rails 4.2: Active Job, Asynchronous Mails, Adequate Record, Web Console, Foreign Keys". 19 December 2014. Retrieved 5 December 2015.
  21. ^ a b "Rails 5.0: Action Cable, API mode, and so much more". 30 June 2016. Retrieved 19 November 2016.
  22. ^ a b "Rails 5.1: Loving JavaScript, System Tests, Encrypted Secrets, and more". 27 April 2017. Retrieved 10 May 2017.
  23. ^ a b "Rails 5.2.0 FINAL: Active Storage, Redis Cache Store, HTTP/2 Early Hints, CSP, Credentials". 9 April 2018. Retrieved 9 April 2018.
  24. ^ rafaelfranca (4 December 2018). "Rails 5.2.2 has been released!". Retrieved 4 January 2019.
  25. ^ a b dhh (19 August 2019). "Rails 6.0: Action Mailbox, Action Text, Multiple DBs, Parallel Testing, Webpacker by default, and Zeitwerk". Retrieved 12 November 2019.
  26. ^ a b eileencodes (9 December 2020). "Rails 6.1: Horizontal Sharding, Multi-DB Improvements, Strict Loading, Destroy Associations in Background, Error Objects, and more!". Retrieved 28 December 2020.
  27. ^ a b dhh (15 December 2021). "Rails 7.0: Fulfilling a vision". Retrieved 16 December 2021.
  28. ^ "Ruby/Rails Compatibility Matrix". Retrieved 5 March 2021.
  29. ^ "Upgrading Ruby on Rails". Retrieved 5 March 2021.
  30. ^ "Upgrading Ruby on Rails". Retrieved 5 March 2021.
  31. ^ "Rails 1.0: Party like it's one oh oh!". Retrieved June 9, 2010.
  32. ^ "Rails 1.2: REST admiration, HTTP lovefest, and UTF-8 celebrations" Archived 2012-11-02 at the Wayback Machine. Retrieved June 9, 2010.
  33. ^ "Rails 2.0: It's done!". Retrieved June 9, 2010.
  34. ^ Rails 2.1: Time zones, dirty, caching, gem dependencies, caching, etc Archived 2012-11-02 at the Wayback Machine. Retrieved June 9, 2010.
  35. ^ "Rails 2.2: i18n, HTTP validators, thread safety, JRuby/1.9 compatibility, docs". Retrieved June 9, 2010.
  36. ^ "Rails 2.3: Templates, Engines, Rack, Metal, much more!". Retrieved June 9, 2010.
  37. ^ "Rails 3.0: It's ready!". Retrieved August 30, 2010.
  38. ^ "bumping to 3.1.0".
  39. ^ "Preparing for 3.2.0 release".
  40. ^ "Rails 4 in 30'". Archived from the original on 4 December 2012. Retrieved 15 December 2012.
  41. ^ França, Rafael. "Start Rails 7.1 development". Github. Retrieved 24 February 2022.
  42. ^ Sean Lynch (15 December 2007). "fairleads: Rails 2.0 and Scaffolding Step by Step". Retrieved 24 May 2017.
  43. ^ "Ruby on Rails: Deploy". Archived from the original on 7 July 2009. Retrieved 3 December 2012.
  44. ^ Maxcer, Chris. "PowerRuby Brings Enterprise Ruby on Rails Support to IBM i". iPro Developer. Archived from the original on 9 October 2013. Retrieved 9 May 2014.
  45. ^ Js_Escape_Map. "ActionView::Helpers::JavaScriptHelper". Retrieved 24 May 2017.
  46. ^ "Rails 3.0: It's ready!". 29 August 2010. Retrieved 30 August 2010. Rails 3.0 has been designed to work with Ruby 1.8.7, Ruby 1.9.2, and JRuby 1.5.2+.
  47. ^ "Rails 3.2.0.rc2 has been released!". 1 September 2012.
  48. ^ "Ruby on Rails: Download". Archived from the original on 12 December 2009.
  49. ^ "Getting Started with Rails". Retrieved 10 March 2014.
  50. ^ David Heinemeier Hansson (7 Dec 2021) The time is right for Hotwire
  51. ^ David Heinemeier Hansson (September 6, 2021) Rails 7 will have three great answers to JavaScript in 2021+
  52. ^ David Heinemeier Hansson (19 April 2018) Conceptual compression means beginners don’t need to know SQL — hallelujah!
  53. ^ David Heinemeier Hansson (May 15, 2018) RailsConf 2018: Opening Keynote: FIXME by David Heinemeier Hansson Conceptual compression
  54. ^ David Heinemeier Hansson (31 Aug 2020) Serious security
  55. ^ David Heinemeier Hansson, creator of Ruby on Rails and (19 Dec 2021) Ruby on Rails Creator Touts 7.0 as One-Person Framework, 'The Way It Used To Be'
  56. USPTO
    . Retrieved 15 December 2021.
  57. USPTO
    . Retrieved 15 December 2021.
  58. ^
    . Retrieved 15 December 2021.
  59. ^ a b Forde, Pete (23 July 2007). "Beginning Rails: From Novice to Professional". Archived from the original on 5 August 2007. Retrieved 1 August 2007.
  60. ^ Cooper, Peter (24 July 2007). "David Heinemeier Hansson says No to Use of Rails Logo". Retrieved 1 August 2007.
  61. ^ "5 Question Interview with Twitter Developer Alex Payne". 29 March 2007. Archived from the original on 23 April 2009. Retrieved 4 November 2014. By various metrics Twitter is the biggest Rails site on the net right now. Running on Rails has forced us to deal with scaling issues - issues that any growing site eventually contends with – far sooner than I think we would on another framework.
  62. ^ Steve Jenson; Alex Payne & Robey Pointer interview (3 April 2009). "Twitter on Scala". Retrieved 18 July 2009. We had a Ruby-based queuing system that we used for communicating between the Rails front ends and the daemons, and we ended up replacing that with one written in Scala. The Ruby one actually worked pretty decently in a normal steady state, but the startup time and the crash behavior were undesirable.
  63. ^ "Twitter jilts Ruby for Scala". 1 April 2009. Retrieved 18 July 2009. By the end of this year, Payne said, Twitter hopes to have its entire middleware infrastructure and its APIs ported to the new language. Ruby will remain, but only on the front end. "We're still happy with Rails for building user facing features... performance-wise, it's fine for people clicking around web pages. It's the heavy lifting, asynchronous processing type of stuff that we've moved away from."
  64. ^ Ryan King (25 September 2009). "Twitter on Ruby". Evan Weaver. Retrieved 29 September 2009. We use Scala for a few things at Twitter, but the majority of the site is Ruby.
  65. ^ "Twitter Search is Now 3x Faster". Twitter. Retrieved 6 June 2014.
  66. ^ "I won't let you pay me for my open source". Retrieved 15 December 2021.
  67. ^ "Why we're sticking with Ruby on Rails". GitLab. Retrieved 29 August 2022.
  68. ^ "Here's Why Ruby On Rails Is Hot". Business Insider. Archived from the original on 21 December 2011. Retrieved 10 February 2012.
  69. ^ "Ruby on Rails Usage Statistics". Retrieved 4 January 2016.
  70. ^ "Ruby on Rails Token Usage Statistics". Retrieved 4 January 2016.
  71. ^ Protalinski, Emil. "How GitHub handled getting hacked". Retrieved 24 May 2017.
  72. ^ Brook, Chris (25 September 2013). "Security Issue in Ruby on Rails Could Expose Cookies". Threat Post. The Kaspersky Lab Security News Service. Retrieved 4 June 2014.
  73. ^ "Patching up Web applications". MIT News. Retrieved 21 April 2016.


External links