Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Added

  • Production Logging: Structured logging via Rhales.logger= for security auditing and debugging
    • View rendering events with template details, timing, and hydration size
    • Schema validation warnings for production debugging (missing/extra keys)
    • Error logging with line numbers and section context
    • Security events: unescaped variable warnings, CSP nonce generation
    • Performance logging: template compilation, cache behavior, partial resolution
  • Window collision detection prevents silent data overwrites when multiple templates use the same window attribute
  • Explicit merge strategies (shallow, deep, strict) for controlled data sharing between templates
  • HydrationCollisionError with detailed error messages showing file paths and line numbers
  • HydrationRegistry for thread-safe tracking of window attributes per request
  • merge_strategy method on RueDocument to extract merge attribute from data elements
  • JavaScript merge functions for client-side data composition
  • Comprehensive test coverage for collision detection and merge strategies

Changed

  • Replaced json-schema gem with json_schemer for better JSON Schema Draft 2020-12 support
  • Improved validation error messages with more structured output from json_schemer
  • Validation performance improved to <0.05ms average (was ~2ms with json-schema)

Security

  • Window collision detection prevents accidental data exposure by making overwrites explicit
  • All merge operations happen client-side after server-side interpolation and JSON serialization
  • Request-scoped registry prevents cross-request data leakage

[0.1.0] - 2024-01-XX

Added

  • Initial release of Rhales
  • Ruby Single File Components (.rue files) with server-side rendering
  • Client-side data hydration with secure JSON injection
  • Handlebars-style template syntax
  • Pluggable authentication adapters
  • Framework-agnostic design with Rails and Roda examples
  • Comprehensive test suite