I realize it's been pulled into a separate gem, but what's the reason? Is this just a matter of streamlining Rails, or is there some reason I should be weary of auto_link?
(The gem says it's meant to 'bridge the gap for people migrating', which suggests to me that if I'm introducing rails_autolink into a new project, I must be doing something wrong, no?)
thanks,
From the commit where auto_link was removed, Aaron Patterson (tenderlove) explains in the comments:
Unfortunately this method is extremely difficult to secure correctly. Ensuring this method is bullet-proof takes a faster release cycle than we have for rails. That's why we moved it to a gem. Please use the gem if you need the functionality! :-)
https://github.com/rails/rails/commit/81cfbf4146d3c5a58054b64112b8ce196f2fc061
Each security fix only requires updating one gem, instead of the 6 for rails.