aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Added CSP as major feature [ci skip]Prathamesh Sonpatki2017-11-271-0/+5
|
* Added first draft of Rails 5.2 release notes [ci skip]Prathamesh Sonpatki2017-11-271-0/+205
|
* Add CHANGELOG.md entry for #31162 [ci skip]Andrew White2017-11-271-0/+60
|
* Merge pull request #31162 from rails/add-csp-configAndrew White2017-11-2713-34/+886
|\ | | | | Add DSL for configuring Content-Security-Policy header
| * Add DSL for configuring Content-Security-Policy headerAndrew White2017-11-2713-34/+886
| | | | | | | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* | Enable `Style/DefWithParentheses` rubocop ruleRyuta Kamizono2017-11-275-4/+7
|/ | | | | | | The def with blank `()` was newly added in #31176, but we have not used the blank `()` style in most part of our code base. So I've enabled `Style/DefWithParentheses` to prevent to newly added the code.
* Merge pull request #31236 from y-yagi/use_puma_311_in_new_appsGuillermo Iguaran2017-11-272-2/+2
|\ | | | | Use Puma 3.11 in newly generated applications
| * Use Puma 3.11 in newly generated applicationsyuuji.yaginuma2017-11-272-2/+2
|/ | | | | | | In order to use early hints, need to use Puma 3.11.0 or higher. So, I think that should specify that version in newly generated applications. Ref: https://github.com/puma/puma/commit/f6f3892f4d82638fb7a2a57d993641b1486ee88a
* Merge pull request #31167 from albertoalmagro/clean-db-ambiguityRafael França2017-11-261-2/+2
|\ | | | | Clean database naming ambiguity
| * Remove DB naming ambiguityAlberto Almagro2017-11-261-2/+2
| | | | | | | | In some places this file referred to the database in three different ways: database, DB and db. The last one caused confusion with the db namespace and the db folder. This commit removes this ambiguity by using the whole word 'database' everywhere
* | Add new error class `QueryCanceled` which will be raised when canceling ↵Ryuta Kamizono2017-11-276-3/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | statement due to user request (#31235) This changes `StatementTimeout` to `QueryCanceled` for PostgreSQL. In MySQL, errno 1317 (`ER_QUERY_INTERRUPTED`) is only used when the query is manually cancelled. But in PostgreSQL, `QUERY_CANCELED` error code (57014) which is used `StatementTimeout` is also used when the both case. And, we can not tell which reason happened. So I decided to introduce new error class `QueryCanceled` closer to the error code name.
* | Rename `TransactionTimeout` to more descriptive `LockWaitTimeout` (#31223)Ryuta Kamizono2017-11-276-9/+9
| | | | | | | | | | | | Since #31129, new error class `StatementTimeout` has been added. `TransactionTimeout` is caused by the timeout shorter than `StatementTimeout`, but its name is too generic. I think that it should be a name that understands the difference with `StatementTimeout`.
* | Merge pull request #31229 from y-yagi/remove_field_ids_from_scaffold_formKasper Timm Hansen2017-11-263-11/+7
|\ \ | | | | | | Remove field ids from scaffold form
| * | Remove field ids from scaffold formyuuji.yaginuma2017-11-263-11/+7
| | | | | | | | | | | | | | | | | | This was added with 27f103fc7e3260efe0b8dde66bf5354f2202ee32 for link labels and fields. However, `form_with` changed to generates ids by default with d3893ec38ec61282c2598b01a298124356d6b35a. So I think that adding an explicit ids is unnecessary.
* | | Revert "Merge pull request #31006 from ↵eileencodes2017-11-262-17/+0
| |/ |/| | | | | | | | | | | | | | | | | | | rails/kamipo/ordinal_methods_should_respect_loaded_records" This reverts commit 0f79ab91150b4cdb6c018530978a3395962c7a02, reversing changes made to d575f7f2e737739302a0e8210d01c10f5d4e2c35. This PR philosophically conflicts with #30800 and Matthew thinks we should hold off merging this until we find concensus. Reverting since we're about to cut a release for 5.2.
* | Revert "Remove stopgap_13632 entirely for now: it doesn't support 2.2.8"Matthew Draper2017-11-261-0/+3
| | | | | | | | This reverts commit 536d3068b964d5848ebc47292c21c0fb0450c17b.
* | Merge pull request #31221 from matthewd/flush-idle-connectionsMatthew Draper2017-11-266-17/+129
|\ \ | | | | | | Flush idle database connections
| * | Flush idle database connectionsMatthew Draper2017-11-266-17/+129
| | |
* | | Merge pull request #31232 from ↵Matthew Draper2017-11-261-3/+3
|\ \ \ | | | | | | | | | | | | | | | | weedySeaDragon/engines-guide-copyediting--neutral-copyediting-171126 minor Engines guide copyedits: neutral language, verb tense, comma splice [ci skip]
| * | | fix comma splice [ci skip]Ashley Engelund (weedySeaDragon @ github)2017-11-261-1/+1
| | | |
| * | | verb tense correction [ci skip]Ashley Engelund (weedySeaDragon @ github)2017-11-261-1/+1
| | | |
| * | | gendered wording not necessary; changed to neutral [ci skip]Ashley Engelund (weedySeaDragon @ github)2017-11-261-1/+1
|/ / /
* | / Let rubygems handle our objection to mysql2 0.4.3Matthew Draper2017-11-261-2/+1
| |/ |/|
* | Remove duplicated `form_with_generates_remote_forms` settingyuuji.yaginuma2017-11-261-1/+0
| | | | | | | | | | When load `5.1` config, `form_with_generates_remote_forms` is set. https://github.com/rails/rails/blob/89a209f1abba5a2320d31c4898dea150c0abd0c0/railties/lib/rails/application/configuration.rb#L86
* | Merge pull request #31184 from TheSmartnik/fix_record_not_found_on_reloadRafael França2017-11-254-7/+35
|\ \ | | | | | | Provide arguments to RecordNotFound
| * | Provide arguments to RecordNotFoundNikita Misharin2017-11-254-7/+35
| | |
* | | Merge pull request #31181 from tenshilg/fix-api-guidesRafael França2017-11-251-2/+4
|\ \ \ | | | | | | | | Fix names of http authentication modules in api only guides
| * | | Fix names of http authentication modules in api_app guidesRoman Kovtunenko2017-11-191-2/+4
| | | |
* | | | Renove duplicated and wrong testRafael Mendonça França2017-11-251-5/+0
| | | |
* | | | Add test to make sure form_for is not affected byRafael Mendonça França2017-11-251-0/+32
| | | | | | | | | | | | | | | | form_with_generates_ids
* | | | Make sure that form_with_generates_ids only affects form_withRafael Mendonça França2017-11-255-3/+9
| | | |
* | | | Use parentheses for multi-line method callsRafael Mendonça França2017-11-252-5/+10
| | | | | | | | | | | | | | | | | | | | Own style guide says we should be using parentheses for method calls with arguments.
* | | | Merge pull request #29439 from npezza93/set-skip-default-idsRafael Mendonça França2017-11-2512-228/+316
|\ \ \ \ | | | | | | | | | | | | | | | Allow skip_default_ids option to be set in form_with
| * | | | Make form_with_generates_ids default in Rails 5.2Rafael Mendonça França2017-11-252-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | | When the defaults being loaded are the 5.0 or 5.1 we disable generation of ids with form_with.
| * | | | Change `form_with` to generates ids by defaultnpezza932017-11-2512-225/+310
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When `form_with` was introduced we disabled the automatic generation of ids that was enabled in `form_for`. This usually is not an good idea since labels don't work when the input doesn't have an id and it made harder to test with Capybara. You can still disable the automatic generation of ids setting `config.action_view.form_with_generates_ids` to `false.`
* | | | | Merge pull request #30879 from toptal/add_better_logging_to_delayed_jobRafael França2017-11-252-0/+11
|\ \ \ \ \ | |/ / / / |/| | | | Improved logging of AJ's DelayedJob wrapper
| * | | | Improve DelayedJob wrapper loggingJacek Lachowski2017-11-242-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ActiveJob wraps every adapter into its own class, that is later passed into DelayedJob which is responsible for displaying all the logs. This change improves the logging so we can easily trace executed jobs and see meaningful information in the logs.
* | | | | Compare the actual string after comparing the HMAC proccessed stringsRafael Mendonça França2017-11-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Even that collisions are unlikely we need to make sure the two strings are equal. Timing is not important in this case because this only runs after the comparison between the SHA256 digested strings returns true.
* | | | | Merge pull request #24510 from ↵Rafael Mendonça França2017-11-255-19/+37
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | vipulnsward/make-variable_size_secure_compare-public Make variable_size_secure_compare public
| * | | | | Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`,Vipul A M2017-06-075-19/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings.
* | | | | | Merge pull request #30510 from yhirano55/add_nodoc_to_activerecordEileen M. Uchitelle2017-11-253-7/+7
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add :nodoc: to activerecord [ci skip]
| * | | | | | Add :nodoc: to activerecord [ci skip]Yoshiyuki Hirano2017-09-033-7/+7
| | | | | | |
* | | | | | | Merge pull request #31006 from ↵Eileen M. Uchitelle2017-11-252-0/+17
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rails/kamipo/ordinal_methods_should_respect_loaded_records Ordinal methods should respect loaded records
| * | | | | | | Ordinal methods should respect loaded recordsRyuta Kamizono2017-10-282-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We should reset partially loaded `@offsets` cache when latest records has loaded because the cache has been staled and it may not be consistent with latest records.
* | | | | | | | Merge pull request #31226 from fgo/patch-22Eileen M. Uchitelle2017-11-251-3/+3
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Update guide layout [ci skip]
| * | | | | | | | Update guide layout [ci skip]Francis Go2017-11-251-3/+3
|/ / / / / / / /
* | | | | | | | [ci skip] SecureRandom should mentioned Win32 CryptoAPI functions ins… ↵Atul Shimpi2017-11-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#31225) * [ci skip] SecureRandom should mentioned Win32 CryptoAPI functions instead of Win32 * Remove functions word
* | | | | | | | Merge pull request #31173 from matthewd/connection-fork-safetyMatthew Draper2017-11-255-0/+90
|\ \ \ \ \ \ \ \ | |_|_|_|_|_|_|/ |/| | | | | | | Improve AR connection fork safety
| * | | | | | | Improve AR connection fork safetyMatthew Draper2017-11-185-0/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use whatever adapter-provided means we have available to ensure forked children don't send quit/shutdown/goodbye messages to the server on connections that belonged to their parent.
* | | | | | | | Merge pull request #31215 from dixitp012/fix_rubocop_style_in_railtiesRafael França2017-11-241-0/+2
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Rubocop style: Missing magic comment
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-06 12:24:26 +0000