Awareness list for Rails upgrades with version-specific pitfalls and workflow references, including production logging changes in Rails 7 and 6.

log_level :debug can expose sensitive user data in Rails production logs, especially in SQL queries. Use :info, avoid SQL logging, and ensure filtered attributes are applied.

Complex plots in Ruby often need direct access to Gnuplot syntax for histograms, boxplots, and multi-column data. Ruby wrappers differ in how much file handling and array support they hide.

Historic timing data keeps test distribution balanced, but stale logs and CI-only updates can skew results and clutter diffs. Automating runtime log generation reduces maintenance.

CLI test case prioritization for Ruby on Rails using coverage data can surface failing specs earlier and reduce regression testing time.

||= and &&= only assign conditionally; other op= operators always evaluate and assign. Side effects on the left-hand side still occur when reading the variable.

Rerun failing Cucumber scenarios automatically or from tmp/parallel_cucumber_failures.log when a test run leaves broken features behind.

git restore and git reset both revert changes, but one targets files while the other moves HEAD and rewrites commit history.

Rails URL redirects differ in status code, query-parameter handling, and security implications; choosing 301 or 302 affects browser behavior and search engine indexing.

Passing untrusted parameters into url_for or _url helpers can create open redirect vulnerabilities and send users to attacker-controlled hosts.

params.permit! marks all request parameters as safe and mutates the original object, risking mass assignment vulnerabilities later in Rails code.

Reliable process execution in Ruby needs clean output capture, status checks, and safe handling of stdin, environment variables, and long-running commands.

Move a feature branch from one base branch to another with git rebase --onto, preserving only the branch’s own commits and avoiding unrelated history.

Touch devices do not support hover or mouseover states, so tooltips and controls hidden behind hover can disappear for iPads and smartphones.

Chromedriver 116 breaks mobile emulation user-agent spoofing for deviceName; navigator.userAgent falls back to HeadlessChrome unless device metrics and userAgent are set manually.

Focused-element lookup in Capybara can be filtered directly with focused: true; the old :focus pseudo-class no longer works in newer versions.

Web components often raise accessibility questions, especially around semantics, keyboard support, and assistive technology behavior.

String sort order can change when PostgreSQL runs in an Alpine-based Docker image because locale and collation defaults differ from Debian images.

JavaScript minifiers can shorten private members safely when internal names follow _ or # conventions, reducing bundle size without mangling public APIs.

SPF records can be hard to validate, especially when syntax errors or DNS lookup limits break mail delivery. Online checkers help test coverage and new policies before deployment.

Browsers may keep PATCH and DELETE on 302 redirects instead of switching to GET, breaking AJAX flows. Use 303 See Other or POST method override to force a GET follow-up.

PDF text extraction is harder than it looks because the format allows extreme flexibility, so automatic text data retrieval often fails in edge cases.

Globally installed npm packages are not directly runnable with npx --no-install; npx -- works when given the global package path.

Cookie-dependent behavior in Rails specs is hard to test outside controller specs, especially signed and encrypted values. ActionDispatch::Cookies::CookieJar provides isolated access in request and helper specs.