aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | | | | Ensure we don't write virtual attributes on update, tooSean Griffin2018-02-263-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See 948b931925febac3c965ab13470065ced68f7b53 for context
* | | | | | | | Never attempt to write virtual attributes to the databaseSean Griffin2018-02-262-1/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the place where we limit what gets sent to the database is in the implementation for `partial_writes`. We should also be restricting it to column names when partial writes are turned off. Note that we're using `&` instead of just defaulting to `self.class.column_names`, as the instance version of `attribute_names` does not include attributes which are uninitialized (were not included in the select clause)
* | | | | | | | Avoid specifying content types for direct uploads to Google Cloud StorageGeorge Claghorn2018-02-262-6/+5
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | Fix customizing the download Content-Type for a directly-uploaded blob via a signed URL. See e8286ee.
* | / / / / / Fix "NameError: uninitialized constant Categorization::Category"yuuji.yaginuma2018-02-261-0/+1
| |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since #31895, build of 2.5 and AR combination failed. https://travis-ci.org/rails/rails/jobs/346064349#L1638 It seems to be the reason that model is not loading properly, so I added require. But I'm not sure if this is correct
* | | | | | Merge pull request #32106 from bogdanvlviv/fix-rails-6_0_changelogsRyuta Kamizono2018-02-263-36/+0
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove changelogs for Rails 6.0 since they were backported to `5-2-stable` [ci skip]
| * | | | | | Remove changelogs for Rails 6.0 since they were backported to `5-2-stable`bogdanvlviv2018-02-263-36/+0
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove railties' changelog added by 7340596de45dc4c0f62a287b6acc4e71d8ee6c60 since it was backported to `5-2-stable` via ac99916fcf7bf27bb1519d4f7387c6b4c5f0463d Remove activesupport's changelog added by 1077ae96b34b5a1dfbf10ee0c40b1ceb1eb6b30b since it was backported to `5-2-stable` via a2b97e4ffef971607a1be8fc7909f099b6840f36 Remove activesupport's changelog added by 0d41a76d0c693000005d79456dee7f9299f5e8d4 since it was backported to `5-2-stable` via cdce6a709e1cbc98fff009effc3b1b3ce4c7e8db Remove activestorage's changelog added by d57c52a385eb57c6ce8c6d124ab5e186f931d142 since it was backported to `5-2-stable` via 5292cdf59a2052c453d6016c69b90b790cbf2547 Follow up c113bdc9d0c2cffd535ca97aff85c4bdc46b11f6
* | | | | | Active Model: Use private attr_readerRyuta Kamizono2018-02-264-11/+6
| | | | | | | | | | | | | | | | | | | | | | | | Follow up of 6d63b5e49a399fe246afcebad45c3c962de268fa.
* | | | | | Merge pull request #31895 from ↵Ryuta Kamizono2018-02-267-10/+30
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | kamipo/do_not_attempt_to_find_inverse_of_polymorphic Make `reflection.klass` raise if `polymorphic?` not to be misused
| * | | | | | Do not attempt to automatically find the inverse of a polymorphic ↵Ryuta Kamizono2018-02-191-10/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `belongs_to` association We can't automatically find the inverse of a polymorphic `belongs_to` association without context. [Ryuta Kamizono & Eric K Idema]
| * | | | | | Make `reflection.klass` raise if `polymorphic?` not to be misusedRyuta Kamizono2018-02-197-1/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an alternative of #31877 to fix #31876 caused by #28808. This issue was caused by a combination of several loose implementation. * finding automatic inverse association of polymorphic without context (caused by #28808) * returning `klass` even if `polymorphic?` (exists before #28808) * loose verification by `valid_inverse_reflection?` (exists before #28808) This makes `klass` raise if `polymorphic?` not to be misused. This issue will not happen unless polymorphic `klass` is misused. Fixes #31876. Closes #31877.
* | | | | | | Association creation and finding should work consistently (#32048)Ryuta Kamizono2018-02-263-7/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an alternative of #29722, and revert of #29601 and a1fcbd9. Currently, association creation and normal association finding doesn't respect `store_full_sti_class`. But eager loading and preloading respect the setting. This means that if set `store_full_sti_class = false` (`true` by default), eager loading and preloading can not find created polymorphic records. Association creation and finding should work consistently.
* | | | | | | Remove native `Array#sum` and `Enumerable#sum` detection (#32102)Ryuta Kamizono2018-02-261-63/+44
| | | | | | | | | | | | | | | | | | | | | Since #32034, Rails 6 requires Ruby 2.4.1+.
* | | | | | | Merge pull request #32100 from eugeneius/active_storage_lazy_load_hookGeorge Claghorn2018-02-243-1/+15
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Use lazy load hook to configure ActiveStorage::Blob
| * | | | | | | Use lazy load hook to configure ActiveStorage::BlobEugene Kenny2018-02-253-1/+15
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `to_prepare` callbacks are run during initialization; using one here meant that `ActiveStorage::Blob` would be loaded when the app boots, which would in turn load `ActiveRecord::Base`. By using a lazy load hook to configure `ActiveStorage::Blob` instead, we can avoid loading `ActiveRecord::Base` unnecessarily.
* | | | | | | Merge pull request #31720 from grantbdev/update_default_hsts_max_ageGuillermo Iguaran2018-02-242-7/+6
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Update default HSTS max-age value to 1 year
| * \ \ \ \ \ \ Merge branch 'master' into update_default_hsts_max_ageGuillermo Iguaran2018-02-24659-6371/+7493
| |\ \ \ \ \ \ \
| * | | | | | | | Update default HSTS max-age value to 1 yearGrant Bourque2018-01-163-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update the default HSTS max-age value to 31536000 seconds (1 year) to meet the minimum max-age requirement for https://hstspreload.org/.
* | | | | | | | | Support for automatic nonce generation was backported to 5.2Guillermo Iguaran2018-02-241-28/+0
| |/ / / / / / / |/| | | | | | |
* | | | | | | | Support varying ICO filesGeorge Claghorn2018-02-244-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes #32096.
* | | | | | | | [ci skip] Spell out the full variable in generated code.Kasper Timm Hansen2018-02-241-1/+1
| | | | | | | |
* | | | | | | | Correctly set `content_security_policy_nonce_generator`yuuji.yaginuma2018-02-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `content_security_policy_nonce_generator` specifies request as an argument when calling. https://github.com/rails/rails/blob/ddb7da8535b07f51b7a8f5e3062cc8ffbd4ff23b/actionpack/lib/action_dispatch/http/content_security_policy.rb#L100 So without this fix, will raise `ArgumentError` when start server.
* | | | | | | | Merge pull request #32093 from jfragoulis/correct-method-documentationYuji Yaginuma2018-02-241-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Correct method documentation
| * | | | | | | | Correct ActiveSupport::Deprecation::Behavior#behavior= documentationJohn Fragoulis2018-02-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The callback parameters need to reflect changes after https://github.com/rails/rails/pull/28800
* | | | | | | | | Merge pull request #32095 from bogdanvlviv/require_rails-ujs-in-generated-engineRafael França2018-02-232-1/+6
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Improve generated file `app/assets/javascripts/application.js` of plugin
| * | | | | | | | | Improve generated file `app/assets/javascripts/application.js` of pluginbogdanvlviv2018-02-232-1/+6
| |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add `//= require rails-ujs` Closes #32094
* / / / / / / / / Caching: MemCache and Redis stores use local cache for multi-readsGabriel Sobrinho2018-02-233-0/+32
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #31909. Closes #31911.
* | | | | | | | More exercise range predicate builderRyuta Kamizono2018-02-231-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add test case for open-ended range. * Add test case for numeric range for string column.
* | | | | | | | PostgreSQL: Allow BC dates like datetime consistentlyRyuta Kamizono2018-02-233-1/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BC dates are supported by both date and datetime types. https://www.postgresql.org/docs/current/static/datatype-datetime.html Since #1097, new datetime allows year zero as 1 BC, but new date does not. It should be allowed even in new date consistently.
* | | | | | | | PostgreSQL: Treat infinite values in date like datetime consistentlyRyuta Kamizono2018-02-237-4/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The values infinity and -infinity are supported by both date and timestamp types. https://www.postgresql.org/docs/current/static/datatype-datetime.html#DATATYPE-DATETIME-SPECIAL-TABLE And also, it can not be known whether a value is infinity correctly unless cast a value. I've added `QueryAttribute#infinity?` to handle that case. Closes #27585.
* | | | | | | | Use private attr_readerRyuta Kamizono2018-02-2312-26/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since #32028, Rails 6 requires Ruby 2.3+. No longer needed workaround for Ruby 2.2 "private attribute?" warning.
* | | | | | | | Merge pull request #32092 from yahonda/use_rubocop_0_52_at_codeclimateRafael França2018-02-221-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Use `rubocop-0-52` channel
| * | | | | | | | Use `rubocop-0-52` channelYasuo Honda2018-02-231-1/+1
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | Since https://github.com/rails/rails/pull/32091 expects RuboCop 0.52.1
* | | | | | | | Merge pull request #32091 from utilum/update_rubocopRafael França2018-02-221-10/+9
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Update rubocop to the latest version
| * | | | | | | | Update rubocop to the latest versionutilum2018-02-231-10/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes [Switch Layout/SpaceBeforeBlockBraces's empty braces default](https://github.com/bbatsov/rubocop/pull/5263) from [0.52.1](https://github.com/bbatsov/rubocop/blob/master/CHANGELOG.md#0521-2017-12-27). Before: 131 offenses detected. After: no offenses detected
* | | | | | | | | Merge pull request #32089 from bogdanvlviv/fix-plugin-generated-filesRafael França2018-02-223-3/+17
|\ \ \ \ \ \ \ \ \ | |/ / / / / / / / |/| | | | | | | | Fix plugin generated files
| * | | | | | | | Improve generated file `app/views/application.html.erb` of pluginbogdanvlviv2018-02-232-1/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Do not generate `javascript_include_tag` if `--skip-javascript` - Generate `<%= csp_meta_tag %>`. Related to #32018.
| * | | | | | | | Comment `require "active_storage/engine"` in `bin/rails` of plugin if ↵bogdanvlviv2018-02-232-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `--skip-active-storage`
* | | | | | | | | Merge pull request #32090 from ↵Rafael França2018-02-223-4/+4
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bogdanvlviv/remove-passing-extra-arguments-to-active-job-callbacks Remove passing extra arguments to ActiveJob Callbacks
| * | | | | | | | | Remove passing extra arguments to ActiveJob Callbacksbogdanvlviv2018-02-233-4/+4
| |/ / / / / / / /
* | | | | | | | | Revert "Merge pull request #32075 from eileencodes/delete-default-configuration"eileencodes2018-02-223-1/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 16f279ebd474626577ced858e3626ac4535a33df, reversing changes made to 6c6a30a7c357ce1eafa093d77d2b08684fe50887. The config can be named anything, not just default (although all generated apps will be named default). We can't just delete configs that don't have a database because that will break three-tier configs. Oh well.
* | | | | | | | | Revert "Reject empty database yamls"eileencodes2018-02-221-1/+1
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 0979713abe2e22083e1beca01a1d113408c9ab36. I originally wanted to delete the default config but found out it can be called anything which means the code would blow up in unexpected ways. I thought "cool ill just delete the configs without dbs" and realized that totally 100% breaks the three-tier config. So I'm reverting this and the other commit.
* | | | | | | | Merge pull request #32085 from rails/add-timezone-support-to-activejobAndrew White2018-02-2210-1/+103
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Add support for timezones to Active Job
| * | | | | | | | Add support for timezones to Active JobAndrew White2018-02-2210-1/+103
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Record what was the current timezone in effect when the job was enqueued and then restore when the job is executed in same way that the current locale is recorded and restored.
* | | | | | | | | Merge pull request #32018 from rails/add-nonce-support-to-cspAndrew White2018-02-2216-52/+207
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Add support for automatic nonce generation for Rails UJS
| * | | | | | | | | Add support for automatic nonce generation for Rails UJSAndrew White2018-02-1916-52/+207
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because the UJS library creates a script tag to process responses it normally requires the script-src attribute of the content security policy to include 'unsafe-inline'. To work around this we generate a per-request nonce value that is embedded in a meta tag in a similar fashion to how CSRF protection embeds its token in a meta tag. The UJS library can then read the nonce value and set it on the dynamically generated script tag to enable it to execute without needing 'unsafe-inline' enabled. Nonce generation isn't 100% safe - if your script tag is including user generated content in someway then it may be possible to exploit an XSS vulnerability which can take advantage of the nonce. It is however an improvement on a blanket permission for inline scripts. It is also possible to use the nonce within your own script tags by using `nonce: true` to set the nonce value on the tag, e.g <%= javascript_tag nonce: true do %> alert('Hello, World!'); <% end %> Fixes #31689.
* | | | | | | | | | Merge pull request #32084 from buehmann/fix/escape-quoted-column-name-in-regexpRyuta Kamizono2018-02-221-1/+1
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Properly escape column name embedded into regexp
| * | | | | | | | | | Properly escape column name embedded into regexpAndreas Bühmann2018-02-221-1/+1
|/ / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SQLServerAdapter (gem `activerecord-sqlserver-adapter`) uses square brackets for quoting column names (e.g. `[id]`). Those brackets must not be misinterpreted in regular expressions. Failure: Expected /SELECT [developers].[id].* FROM developers/ to match "SELECT [developers].[id], [developers].[name], [developers].[salary], [developers].[firm_id], [developers].[mentor_id], [developers].[created_at], [developers].[updated_at], [developers].[created_on], [developers].[updated_on] FROM developers".
* | / / / / / / / / Reject empty database yamlseileencodes2018-02-221-1/+1
| |/ / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In #32075 I deleted the default configuration since that's what's generated with the Rails app. Since someone could change the default name instead delete any config that doesn't have a database so we can avoid peppering our Rails tasks with conditionals to deal with invalid database configs.
* | | | | | | | | Add cop for preferring 'Foo.method' over 'Foo::method'Andrew White2018-02-224-3/+7
| | | | | | | | |
* | | | | | | | | Merge pull request #32076 from utilum/use_dotAndrew White2018-02-224-8/+9
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Call methods with .method_name not ::method_name
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-21 19:46:08 +0000