diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2013-02-11 10:19:31 -0800 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2013-02-11 10:19:31 -0800 |
commit | f1efecfc3f009d7b25a0b72170914a2739cb3765 (patch) | |
tree | 15dae76219c41374722ba4a678db3c3743ae6994 | |
parent | 62f01bec76f7e47a5d1dd14b34f5105885de5378 (diff) | |
parent | 1dccd44a5c74f20b0406ecc8d39373226f73af35 (diff) | |
download | rails-f1efecfc3f009d7b25a0b72170914a2739cb3765.tar.gz rails-f1efecfc3f009d7b25a0b72170914a2739cb3765.tar.bz2 rails-f1efecfc3f009d7b25a0b72170914a2739cb3765.zip |
Merge branch '3-2-sec' into 3-2-stable
* 3-2-sec:
bumping version
remove ruby-prof
Fix issue with attr_protected where malformed input could circumvent protection
fixing call to columns hash. run the damn tests when you backport!
Bump rack dependency to 1.4.5
Merge pull request #9224 from dylanahsmith/bigdecimal-takes-string
Merge pull request #9208 from dylanahsmith/3-2-mysql-quote-numeric
Conflicts:
Gemfile
activerecord/CHANGELOG.md
-rw-r--r-- | RAILS_VERSION | 2 | ||||
-rw-r--r-- | actionmailer/lib/action_mailer/version.rb | 2 | ||||
-rw-r--r-- | actionpack/lib/action_pack/version.rb | 2 | ||||
-rw-r--r-- | activemodel/lib/active_model/attribute_methods.rb | 2 | ||||
-rw-r--r-- | activemodel/lib/active_model/mass_assignment_security/permission_set.rb | 2 | ||||
-rw-r--r-- | activemodel/lib/active_model/version.rb | 2 | ||||
-rw-r--r-- | activerecord/CHANGELOG.md | 24 | ||||
-rw-r--r-- | activerecord/lib/active_record/version.rb | 2 | ||||
-rw-r--r-- | activeresource/lib/active_resource/version.rb | 2 | ||||
-rw-r--r-- | activesupport/lib/active_support/version.rb | 2 | ||||
-rw-r--r-- | railties/lib/rails/version.rb | 2 | ||||
-rw-r--r-- | version.rb | 2 |
12 files changed, 23 insertions, 23 deletions
diff --git a/RAILS_VERSION b/RAILS_VERSION index 17ce91803c..275e51e5e5 100644 --- a/RAILS_VERSION +++ b/RAILS_VERSION @@ -1 +1 @@ -3.2.11 +3.2.12 diff --git a/actionmailer/lib/action_mailer/version.rb b/actionmailer/lib/action_mailer/version.rb index 695ea004f7..6c361b306f 100644 --- a/actionmailer/lib/action_mailer/version.rb +++ b/actionmailer/lib/action_mailer/version.rb @@ -2,7 +2,7 @@ module ActionMailer module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/actionpack/lib/action_pack/version.rb b/actionpack/lib/action_pack/version.rb index 10832373e1..9236f257c2 100644 --- a/actionpack/lib/action_pack/version.rb +++ b/actionpack/lib/action_pack/version.rb @@ -2,7 +2,7 @@ module ActionPack module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/activemodel/lib/active_model/attribute_methods.rb b/activemodel/lib/active_model/attribute_methods.rb index f033a94c02..96f2c82631 100644 --- a/activemodel/lib/active_model/attribute_methods.rb +++ b/activemodel/lib/active_model/attribute_methods.rb @@ -365,7 +365,7 @@ module ActiveModel end @prefix, @suffix = options[:prefix] || '', options[:suffix] || '' - @regex = /^(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})$/ + @regex = /\A(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})\z/ @method_missing_target = "#{@prefix}attribute#{@suffix}" @method_name = "#{prefix}%s#{suffix}" end diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb index a1fcdf1a38..10faa29f31 100644 --- a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb +++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb @@ -19,7 +19,7 @@ module ActiveModel protected def remove_multiparameter_id(key) - key.to_s.gsub(/\(.+/, '') + key.to_s.gsub(/\(.+/m, '') end end diff --git a/activemodel/lib/active_model/version.rb b/activemodel/lib/active_model/version.rb index 51a678d151..5f4fd126a6 100644 --- a/activemodel/lib/active_model/version.rb +++ b/activemodel/lib/active_model/version.rb @@ -2,7 +2,7 @@ module ActiveModel module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index c450adffe2..8fcab1c8f4 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -1,15 +1,3 @@ -## Rails 3.2.12 (unreleased) ## - -* Quote numeric values being compared to non-numeric columns. Otherwise, - in some database, the string column values will be coerced to a numeric - allowing 0, 0.0 or false to match any string starting with a non-digit. - - Example: - - App.where(apikey: 0) # => SELECT * FROM users WHERE apikey = '0' - - *Dylan Smith* - * Don't update `column_defaults` when calling destructive methods on column with default value. Backport c517602. Fix #6115. @@ -220,6 +208,18 @@ *Gabriel Sobrinho, Ricardo Henrique* +## Rails 3.2.12 ## + +* Quote numeric values being compared to non-numeric columns. Otherwise, + in some database, the string column values will be coerced to a numeric + allowing 0, 0.0 or false to match any string starting with a non-digit. + + Example: + + App.where(apikey: 0) # => SELECT * FROM users WHERE apikey = '0' + + *Dylan Smith* + ## Rails 3.2.11 (Jan 8, 2013) ## * Fix querying with an empty hash *Damien Mathieu* [CVE-2013-0155] diff --git a/activerecord/lib/active_record/version.rb b/activerecord/lib/active_record/version.rb index ff9fa279f4..a340cfaf7d 100644 --- a/activerecord/lib/active_record/version.rb +++ b/activerecord/lib/active_record/version.rb @@ -2,7 +2,7 @@ module ActiveRecord module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/activeresource/lib/active_resource/version.rb b/activeresource/lib/active_resource/version.rb index 500da6c137..0547dbe14d 100644 --- a/activeresource/lib/active_resource/version.rb +++ b/activeresource/lib/active_resource/version.rb @@ -2,7 +2,7 @@ module ActiveResource module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/activesupport/lib/active_support/version.rb b/activesupport/lib/active_support/version.rb index e928403dd2..2230c5b78e 100644 --- a/activesupport/lib/active_support/version.rb +++ b/activesupport/lib/active_support/version.rb @@ -2,7 +2,7 @@ module ActiveSupport module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/railties/lib/rails/version.rb b/railties/lib/rails/version.rb index 352ecf45c0..ec1335ad34 100644 --- a/railties/lib/rails/version.rb +++ b/railties/lib/rails/version.rb @@ -2,7 +2,7 @@ module Rails module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') diff --git a/version.rb b/version.rb index 352ecf45c0..ec1335ad34 100644 --- a/version.rb +++ b/version.rb @@ -2,7 +2,7 @@ module Rails module VERSION #:nodoc: MAJOR = 3 MINOR = 2 - TINY = 11 + TINY = 12 PRE = nil STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.') |