14 files changed, 81 insertions, 107 deletions

diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 3858c211ea..5554d4e6b8 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,3 +1,30 @@
+*   Use request object for context if there's no controller
+
+    There is no controller instance when using a redirect route or a
+    mounted rack application so pass the request object as the context
+    when resolving dynamic CSP sources in this scenario.
+    
+    Fixes #34200.
+    
+    *Andrew White*
+
+*   Apply mapping to symbols returned from dynamic CSP sources
+
+    Previously if a dynamic source returned a symbol such as :self it
+    would be converted to a string implicity, e.g:
+
+        policy.default_src -> { :self }
+  
+    would generate the header:
+
+        Content-Security-Policy: default-src self
+
+    and now it generates:
+
+        Content-Security-Policy: default-src 'self'
+
+    *Andrew White*
+
 *   Add `ActionController::Parameters#each_value`.
 
     *Lukáš Zapletal*
diff --git a/actionpack/lib/action_dispatch/http/content_security_policy.rb b/actionpack/lib/action_dispatch/http/content_security_policy.rb
index 50953e32b5..b1e5a28be5 100644
--- a/actionpack/lib/action_dispatch/http/content_security_policy.rb
+++ b/actionpack/lib/action_dispatch/http/content_security_policy.rb
@@ -22,7 +22,8 @@ module ActionDispatch #:nodoc:
 
         if policy = request.content_security_policy
           nonce = request.content_security_policy_nonce
-          headers[header_name(request)] = policy.build(request.controller_instance, nonce)
+          context = request.controller_instance || request
+          headers[header_name(request)] = policy.build(context, nonce)
         end
 
         response
@@ -257,7 +258,8 @@ module ActionDispatch #:nodoc:
           if context.nil?
             raise RuntimeError, "Missing context for the dynamic content security policy source: #{source.inspect}"
           else
-            context.instance_exec(&source)
+            resolved = context.instance_exec(&source)
+            resolved.is_a?(Symbol) ? apply_mapping(resolved) : resolved
           end
         else
           raise RuntimeError, "Unexpected content security policy source: #{source.inspect}"
diff --git a/actionpack/test/dispatch/content_security_policy_test.rb b/actionpack/test/dispatch/content_security_policy_test.rb
index 13ad22b5c5..c8c885f35c 100644
--- a/actionpack/test/dispatch/content_security_policy_test.rb
+++ b/actionpack/test/dispatch/content_security_policy_test.rb
@@ -260,12 +260,13 @@ class DefaultContentSecurityPolicyIntegrationTest < ActionDispatch::IntegrationT
   ROUTES.draw do
     scope module: "default_content_security_policy_integration_test" do
       get "/", to: "policy#index"
+      get "/redirect", to: redirect("/")
     end
   end
 
   POLICY = ActionDispatch::ContentSecurityPolicy.new do |p|
-    p.default_src :self
-    p.script_src  :https
+    p.default_src -> { :self  }
+    p.script_src  -> { :https }
   end
 
   class PolicyConfigMiddleware
@@ -295,14 +296,19 @@ class DefaultContentSecurityPolicyIntegrationTest < ActionDispatch::IntegrationT
   def test_adds_nonce_to_script_src_content_security_policy_only_once
     get "/"
     get "/"
+    assert_response :success
+    assert_policy "default-src 'self'; script-src https: 'nonce-iyhD0Yc0W+c='"
+  end
+
+  def test_redirect_works_with_dynamic_sources
+    get "/redirect"
+    assert_response :redirect
     assert_policy "default-src 'self'; script-src https: 'nonce-iyhD0Yc0W+c='"
   end
 
   private
 
     def assert_policy(expected, report_only: false)
-      assert_response :success
-
       if report_only
         expected_header = "Content-Security-Policy-Report-Only"
         unexpected_header = "Content-Security-Policy"
diff --git a/activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb b/activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
index cb5eeb64dd..0f73641369 100644
--- a/activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
+++ b/activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
@@ -624,6 +624,8 @@ module ActiveRecord
         # See https://dev.mysql.com/doc/refman/5.7/en/error-messages-server.html
         ER_DUP_ENTRY            = 1062
         ER_NOT_NULL_VIOLATION   = 1048
+        ER_NO_REFERENCED_ROW    = 1216
+        ER_ROW_IS_REFERENCED    = 1217
         ER_DO_NOT_HAVE_DEFAULT  = 1364
         ER_ROW_IS_REFERENCED_2  = 1451
         ER_NO_REFERENCED_ROW_2  = 1452
@@ -640,7 +642,7 @@ module ActiveRecord
           case error_number(exception)
           when ER_DUP_ENTRY
             RecordNotUnique.new(message)
-          when ER_ROW_IS_REFERENCED_2, ER_NO_REFERENCED_ROW_2
+          when ER_NO_REFERENCED_ROW, ER_ROW_IS_REFERENCED, ER_ROW_IS_REFERENCED_2, ER_NO_REFERENCED_ROW_2
             InvalidForeignKey.new(message)
           when ER_CANNOT_ADD_FOREIGN
             mismatched_foreign_key(message)
diff --git a/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb b/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb
index a280ca500a..a11a786ec7 100644
--- a/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb
+++ b/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb
@@ -5,7 +5,7 @@ gem "pg", ">= 0.18", "< 2.0"
 require "pg"
 
 # Use async_exec instead of exec_params on pg versions before 1.1
-class ::PG::Connection
+class ::PG::Connection # :nodoc:
   unless self.public_method_defined?(:async_exec_params)
     remove_method :exec_params
     alias exec_params async_exec
diff --git a/activerecord/lib/active_record/database_configurations.rb b/activerecord/lib/active_record/database_configurations.rb
index fa1589511e..30cb0a27e7 100644
--- a/activerecord/lib/active_record/database_configurations.rb
+++ b/activerecord/lib/active_record/database_configurations.rb
@@ -29,7 +29,7 @@ module ActiveRecord
     # configs for all environments.
     # <tt>spec_name:</tt> The specification name (ie primary, animals, etc.). Defaults
     # to +nil+.
-    # <tt>include_replicas:</tt> Determines whether to include replicas in the
+    # <tt>include_replicas:</tt> Determines whether to include replicas in
     # the returned list. Most of the time we're only iterating over the write
     # connection (i.e. migrations don't need to run for the write and read connection).
     # Defaults to +false+.
diff --git a/activesupport/lib/active_support/notifications.rb b/activesupport/lib/active_support/notifications.rb
index 2d8b9c5d86..01cc363e2b 100644
--- a/activesupport/lib/active_support/notifications.rb
+++ b/activesupport/lib/active_support/notifications.rb
@@ -171,6 +171,24 @@ module ActiveSupport
         end
       end
 
+      # Subscribe to a given event name with the passed +block+.
+      #
+      # You can subscribe to events by passing a String to match exact event
+      # names, or by passing a Regexp to match all events that match a pattern.
+      #
+      #   ActiveSupport::Notifications.subscribe(/render/) do |*args|
+      #     ...
+      #   end
+      #
+      # The +block+ will receive five parameters with information about the event:
+      #
+      #   ActiveSupport::Notifications.subscribe('render') do |name, start, finish, id, payload|
+      #     name    # => String, name of the event (such as 'render' from above)
+      #     start   # => Time, when the instrumented block started execution
+      #     finish  # => Time, when the instrumented block ended execution
+      #     id      # => String, unique ID for the instrumenter that fired the event
+      #     payload # => Hash, the payload
+      #   end
       def subscribe(*args, &block)
         notifier.subscribe(*args, &block)
       end
diff --git a/guides/source/5_1_release_notes.md b/guides/source/5_1_release_notes.md
index d26d3d3b95..a5a7eb4b2e 100644
--- a/guides/source/5_1_release_notes.md
+++ b/guides/source/5_1_release_notes.md
@@ -399,7 +399,7 @@ Please refer to the [Changelog][action-view] for detailed changes.
 
 *   Change `datetime_field` and `datetime_field_tag` to generate `datetime-local`
     fields.
-    ([Pull Request](https://github.com/rails/rails/pull/28061))
+    ([Pull Request](https://github.com/rails/rails/pull/25469))
 
 *   New Builder-style syntax for HTML tags (`tag.div`, `tag.br`, etc.)
     ([Pull Request](https://github.com/rails/rails/pull/25543))
diff --git a/guides/source/asset_pipeline.md b/guides/source/asset_pipeline.md
index 66cf9da33b..500e230ff9 100644
--- a/guides/source/asset_pipeline.md
+++ b/guides/source/asset_pipeline.md
@@ -233,11 +233,6 @@ code for JavaScript plugins and CSS frameworks. Keep in mind that third party
 code with references to other files also processed by the asset Pipeline (images,
 stylesheets, etc.), will need to be rewritten to use helpers like `asset_path`.
 
-WARNING: If you are upgrading from Rails 3, please take into account that assets
-under `lib/assets` or `vendor/assets` are available for inclusion via the
-application manifests but no longer part of the precompile array. See
-[Precompiling Assets](#precompiling-assets) for guidance.
-
 #### Search Paths
 
 When a file is referenced from a manifest or a helper, Sprockets searches the
@@ -1234,60 +1229,3 @@ it as a preprocessor for your mime type.
 Sprockets.register_preprocessor 'text/css', AddComment
 ```
 
-Upgrading from Old Versions of Rails
-------------------------------------
-
-There are a few issues when upgrading from Rails 3.0 or Rails 2.x. The first is
-moving the files from `public/` to the new locations. See [Asset
-Organization](#asset-organization) above for guidance on the correct locations
-for different file types.
-
-Next is updating the various environment files with the correct default
-options.
-
-In `application.rb`:
-
-```ruby
-# Version of your assets, change this if you want to expire all your assets
-config.assets.version = '1.0'
-
-# Change the path that assets are served from config.assets.prefix = "/assets"
-```
-
-In `development.rb`:
-
-```ruby
-# Expands the lines which load the assets
-config.assets.debug = true
-```
-
-And in `production.rb`:
-
-```ruby
-# Choose the compressors to use (if any)
-config.assets.js_compressor = :uglifier
-# config.assets.css_compressor = :yui
-
-# Don't fallback to assets pipeline if a precompiled asset is missed
-config.assets.compile = false
-
-# Generate digests for assets URLs.
-config.assets.digest = true
-
-# Precompile additional assets (application.js, application.css, and all
-# non-JS/CSS are already added)
-# config.assets.precompile += %w( admin.js admin.css )
-```
-
-Rails 4 and above no longer set default config values for Sprockets in `test.rb`, so
-`test.rb` now requires Sprockets configuration. The old defaults in the test
-environment are: `config.assets.compile = true`, `config.assets.compress = false`,
-`config.assets.debug = false` and `config.assets.digest = false`.
-
-The following should also be added to your `Gemfile`:
-
-```ruby
-gem 'sass-rails',   "~> 3.2.3"
-gem 'coffee-rails', "~> 3.2.1"
-gem 'uglifier'
-```
diff --git a/guides/source/association_basics.md b/guides/source/association_basics.md
index b0a905c754..78a1f47407 100644
--- a/guides/source/association_basics.md
+++ b/guides/source/association_basics.md
@@ -868,7 +868,7 @@ While Rails uses intelligent defaults that will work well in most situations, th
 
 ```ruby
 class Book < ApplicationRecord
-  belongs_to :author, dependent: :destroy,
+  belongs_to :author, touch: :books_updated_at,
     counter_cache: true
 end
 ```
@@ -1048,8 +1048,7 @@ There may be times when you wish to customize the query used by `belongs_to`. Su
 
 ```ruby
 class Book < ApplicationRecord
-  belongs_to :author, -> { where active: true },
-                        dependent: :destroy
+  belongs_to :author, -> { where active: true }
 end
 ```
 
diff --git a/guides/source/generators.md b/guides/source/generators.md
index f028d14998..88ce4be8da 100644
--- a/guides/source/generators.md
+++ b/guides/source/generators.md
@@ -219,7 +219,7 @@ If we want to avoid generating the default `app/assets/stylesheets/scaffolds.scs
   end
 ```
 
-The next customization on the workflow will be to stop generating stylesheet, JavaScript, and test fixture files for scaffolds altogether. We can achieve that by changing our configuration to the following:
+The next customization on the workflow will be to stop generating stylesheet and test fixture files for scaffolds altogether. We can achieve that by changing our configuration to the following:
 
 ```ruby
 config.generators do |g|
@@ -227,7 +227,6 @@ config.generators do |g|
   g.template_engine :erb
   g.test_framework  :test_unit, fixture: false
   g.stylesheets     false
-  g.javascripts     false
 end
 ```
 
@@ -285,7 +284,6 @@ config.generators do |g|
   g.template_engine :erb
   g.test_framework  :test_unit, fixture: false
   g.stylesheets     false
-  g.javascripts     false
   g.helper          :my_helper
 end
 ```
@@ -350,7 +348,6 @@ config.generators do |g|
   g.template_engine :erb
   g.test_framework  :test_unit, fixture: false
   g.stylesheets     false
-  g.javascripts     false
 end
 ```
 
@@ -385,7 +382,6 @@ config.generators do |g|
   g.template_engine :erb
   g.test_framework  :shoulda, fixture: false
   g.stylesheets     false
-  g.javascripts     false
 
   # Add a fallback!
   g.fallbacks[:shoulda] = :test_unit
diff --git a/guides/source/i18n.md b/guides/source/i18n.md
index 78e5f27448..7465726dca 100644
--- a/guides/source/i18n.md
+++ b/guides/source/i18n.md
@@ -116,7 +116,7 @@ NOTE: The backend lazy-loads these translations when a translation is looked up
 You can change the default locale as well as configure the translations load paths in `config/application.rb` as follows:
 
 ```ruby
-  config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+  config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}')]
   config.i18n.default_locale = :de
 ```
 
@@ -135,6 +135,8 @@ I18n.available_locales = [:en, :pt]
 I18n.default_locale = :pt
 ```
 
+Note that appending directly to `I18n.load_paths` instead of to the application's configured i18n will _not_ override translations from external gems.
+
 ### Managing the Locale across Requests
 
 The default locale is used for all translations unless `I18n.locale` is explicitly set.
@@ -1103,7 +1105,7 @@ For several reasons the Simple backend shipped with Active Support only does the
 
 That does not mean you're stuck with these limitations, though. The Ruby I18n gem makes it very easy to exchange the Simple backend implementation with something else that fits better for your needs, by passing a backend instance to the `I18n.backend=` setter.
 
-For example, you can replace the Simple backend with the the Chain backend to chain multiple backends together. This is useful when you want to use standard translations with a Simple backend but store custom application translations in a database or other backends.
+For example, you can replace the Simple backend with the Chain backend to chain multiple backends together. This is useful when you want to use standard translations with a Simple backend but store custom application translations in a database or other backends.
 
 With the Chain backend, you could use the Active Record backend and fall back to the (default) Simple backend:
 
diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md
index eaa2353701..f94b67a0ac 100644
--- a/railties/CHANGELOG.md
+++ b/railties/CHANGELOG.md
@@ -17,34 +17,18 @@
 
     *DHH*, *Lachlan Sylvester*
 
-*   Refactors `migrations_paths` command option in generators
-    to `database` (aliased as `db`). Now, the migrations paths
-    will be read from the specified database configuration in the
-    current environment.
+*   Add `database` (aliased as `db`) option to model generator to allow
+    setting the database. This is useful for applications that use
+    multiple databases and put migrations per database in their own directories.
 
     ```
-    bin/rails g model Chair brand:string --database=kingston
-          invoke  active_record
-          create    db/kingston_migrate/20180830151055_create_chairs.rb
-    ```
-
-    `--database` can be used with the migration, model, and scaffold generators.
-
-    *Gannon McGibbon*
-
-*   Adds an option to the model generator to allow setting the
-    migrations paths for that migration. This is useful for
-    applications that use multiple databases and put migrations
-    per database in their own directories.
-
-    ```
-    bin/rails g model Room capacity:integer --migrations-paths=db/kingston_migrate
+    bin/rails g model Room capacity:integer --database=kingston
           invoke  active_record
           create    db/kingston_migrate/20180830151055_create_rooms.rb
     ```
 
     Because rails scaffolding uses the model generator, you can
-    also specify migrations paths with the scaffold generator.
+    also specify a database with the scaffold generator.
 
     *Gannon McGibbon*
 
@@ -72,15 +56,15 @@
 
     *Yoshiyuki Kinjo*
 
-*   Add `--migrations_paths` option to migration generator.
+*   Add `database` (aliased as `db`) option to migration generator.
 
     If you're using multiple databases and have a folder for each database
     for migrations (ex db/migrate and db/new_db_migrate) you can now pass the
-    `--migrations_paths` option to the generator to make sure the the migration
+    `--database` option to the generator to make sure the the migration
     is inserted into the correct folder.
 
     ```
-    rails g migration CreateHouses --migrations_paths=db/kingston_migrate
+    rails g migration CreateHouses --database=kingston
       invoke  active_record
       create    db/kingston_migrate/20180830151055_create_houses.rb
     ```
diff --git a/railties/lib/rails/generators/rails/app/templates/gitignore.tt b/railties/lib/rails/generators/rails/app/templates/gitignore.tt
index 38c3ab1319..860baa1595 100644
--- a/railties/lib/rails/generators/rails/app/templates/gitignore.tt
+++ b/railties/lib/rails/generators/rails/app/templates/gitignore.tt
@@ -22,7 +22,7 @@
 <% end -%>
 
 <% unless skip_active_storage? -%>
-# Ignore uploaded files in development
+# Ignore uploaded files in development.
 /storage/*
 <% if keeps? -%>
 !/storage/.keep