We are working on the new ransack security updates and wondered if it is possible to amend this piece of logic to look for ransackable_scopes before checking attribute_method?:
https://github.com/activerecord-hackery/ransack/blob/main/lib/ransack/search.rb#L105-L115

The reason is we explicitly allow certain ransack filters through ransackable_scopes method. This is the main way we greenlight ransack queries to our models. The trouble is if these scopes collide with attribute scopes then we enounter the allowlist raised deprecation error here: https://github.com/activerecord-hackery/ransack/blob/main/lib/ransack/adapters/active_record/base.rb#L112-L132

Is it possible to check for explicitly allowed ransackable_scopes before checking for interpolated attribute ransack searches?

Suggested changes:
ransack/lib/ransack/search.rb

    def method_missing(method_id, *args)
      method_name = method_id.to_s
      getter_name = method_name.sub(/=$/, ''.freeze)
      if @context.ransackable_scope?(getter_name, @context.object)
        if method_name =~ /=$/
          add_scope getter_name, args
        else
          @scope_args[method_name]
        end
      elsif base.attribute_method?(getter_name)
        base.send(method_id, *args)
      else
        super
      end
    end