aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Fix javascript_include_tag when no js runtime is availableNoah Silas2013-01-073-9/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In a production environment where the assets have been precompiled, we don't want an assets compile step to happen on the application server at all. To ensure this, a js runtime may not be available on the app servers. In this environment, pages using javascript_include_tag for assets with non-standard or chained extensions were throwing 500 errors. For instance, `javascript_include_tag('jquery.min')` would blow up. Sprockets was attempting to build the assets being included during the rewrite_extension step (responsible for appending a '.js' extension to assets being included by the basename rather than a fully qualified name). This was happening as a step to resolve #6310, which required checking for the presence of an asset with a non-standard extension before appending the extension. We can check for the presence of an asset without invoking the asset build step by using Sprockets' resolve method, which will search for the base file without building it (and is the method that find_asset uses internally to get the path to the asset before attempting to build it). When rewriting the extension on an asset, these are the steps: - If the source does not have an extension, assume that the default extension is desired and append it. - If there is an extension and it doesn't match the default extension, check to see if a file with the precise name specified exists amongst the assets; if it is present, do not append the default extension. (This is the step that resolves #6310).
* | Merge pull request #8735 from jejacks0n/duplicate_asset_fixGuillermo Iguaran2013-01-105-2/+16
|\ \ | | | | | | Ensure assets aren't duplicated when using sprockets require.
| * | Fixes issue where duplicate assets can be required with sprockets.jejacks0n2013-01-105-2/+16
|/ / | | | | | | | | - addresses the problem by calling flatten on asset array before calling uniq. - adds note to CHANGELOG.
* | Update changelogs with release date [ci skip]Carlos Antonio da Silva2013-01-097-9/+35
| |
* | Merge pull request #8838 from yahonda/8806_3-2-stableRafael Mendonça França2013-01-092-13/+27
|\ \ | | | | | | | | | Ignore binds payload with nil column in AR log subscriber
| * | Ignore binds payload with nil column in AR log subscriberYasuo Honda2013-01-092-13/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some tests were raising the following error: Could not log "sql.active_record" event. NoMethodError: undefined method `type' for nil:NilClass` Due to the way binds were being logged, the column info was considered always present, but that is not true for some of the tests listed in the issue. Closes #8806. Conflicts: activerecord/lib/active_record/log_subscriber.rb activerecord/test/cases/log_subscriber_test.rb Conflict resolution: - Revert ruby 1.9 style hash to support ruby 1.8 - Do not include 8f59ffce into 3-2-stable
* | | Merge pull request #8834 from sikachu/3-2-stable-fix-arsCarlos Antonio da Silva2013-01-082-27/+0
|\ \ \ | |/ / |/| | Remove test for XML YAML parsing
| * | Remove test for XML YAML parsingPrem Sichanugrist2013-01-082-27/+0
|/ / | | | | | | | | The support for YAML parsing in XML has been removed from Active Support since it introduced an security risk. See 43109ec for more detail.
* | Merge branch '3-2-sec' into 3-2-secmergeAaron Patterson2013-01-0821-37/+147
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3-2-sec: bumping version CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu Avoid Rack security warning no secret provided Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md activesupport/CHANGELOG.md
| * | bumping versionAaron Patterson2013-01-089-9/+9
| | |
| * | CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-084-13/+69
| | |
| * | * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-088-10/+67
| | | | | | | | | | | | dealing with empty hashes. Thanks Damien Mathieu
| * | Avoid Rack security warning no secret providedSantiago Pastorino2013-01-081-0/+2
| | | | | | | | | | | | This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
* | | Changelog improvements [ci skip]Carlos Antonio da Silva2013-01-081-6/+5
| | |
* | | Bump rack dependency to 1.4.3Carlos Antonio da Silva2013-01-082-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It includes security bug fixes and changes the initialization of Rack::File to accept a hash, otherwise generating warnings. See 295806e for the warnings fix. Conflicts: actionpack/actionpack.gemspec
* | | Merge pull request #8812 from rubys/masterCarlos Antonio da Silva2013-01-081-1/+1
| | | | | | | | | | | | Eliminate Rack::File headers deprecation warning
* | | Wrap time ranges with timezones, closes #8807Vasiliy Ermolovich2013-01-085-43/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (cherry picked from commit e2e513621d732abb8efff9120bd9a444836720d6) (cherry picked from commit dcdde7da481e11660634278a8004175a1ce20f39) Backport of #6183, original issue was #6179 Conflicts: activesupport/lib/active_support/core_ext/time/calculations.rb activesupport/test/core_ext/time_ext_test Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
* | | Avoid Rack security warning no secret providedSantiago Pastorino2013-01-081-0/+2
| | | | | | | | | | | | This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
* | | Refactor write attribute logic to convert number column valueCarlos Antonio da Silva2013-01-071-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an improvement for issue #8673: "Comparing a BigDecimal to true/false on write_attribute is slow" It seems to be an issue with Ruby itself, related to the "coerce" method being called in TrueClass/FalseClass due to the == condition, triggering method_missing, then raising a NameError that's later catched. This issue was also opened in Ruby tracker: https://bugs.ruby-lang.org/issues/7645. This refactoring avoid the coerce call by using a case statement, which gives us better readability as well. A simple benchmark: ---------- require 'benchmark/ips' require 'bigdecimal' Benchmark.ips do |x| x.report("== true") { BigDecimal('3') == true } x.report("TrueClass") { TrueClass === BigDecimal('3') } x.report("== 0") { BigDecimal('3') == 0 } x.report("Numeric") { Numeric === BigDecimal('3') } end Calculating ------------------------------------- == true 6427 i/100ms TrueClass 47297 i/100ms == 0 35923 i/100ms Numeric 55530 i/100ms ------------------------------------------------- == true 75878.5 (±21.6%) i/s - 359912 in 5.004392s TrueClass 1249547.0 (±13.1%) i/s - 6148610 in 5.035964s == 0 666856.3 (±13.3%) i/s - 3268993 in 5.013789s Numeric 1269300.9 (±11.3%) i/s - 6274890 in 5.028458s ---------- Master has a very different implementation, and there are apparently no similar conversions at this point, it's mainly delegated to the column type cast, but I'll check if something needs to be changed there as well. Closes #8673.
* | | Remove not used variable in eager testCarlos Antonio da Silva2013-01-071-1/+0
| | |
* | | Fix named scope + class method exampleCarlos Antonio da Silva2013-01-071-3/+1
| | | | | | | | | | | | | | | | | | | | | Closes #8804 [ci skip] Conflicts: activerecord/lib/active_record/scoping/named.rb
* | | connection_parameters is an Array and will never haveRafael Mendonça França2013-01-061-2/+0
| | | | | | | | | | | | prepared_statements as value
* | | Test only with Ruby 1.9+Rafael Mendonça França2013-01-061-4/+6
| | |
* | | Remove warningsRafael Mendonça França2013-01-061-2/+1
| | |
* | | Fix error when assigning NaN to an integer columnTristan Harward2013-01-063-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also covers any non-castable case by returning nil, which is in-line with the intention of the former implementation, but covers the odd cases which respond to to_i but raise an error when it's called, such as NaN, Infinity and -Infinity. Fixes #8757 Backport of #8781 Conflicts: activerecord/CHANGELOG.md activerecord/test/cases/column_test.rb
* | | Do not call fields_for from form_for, to avoid instantiating two buildersCarlos Antonio da Silva2013-01-062-9/+19
| | | | | | | | | | | | | | | | | | Conflicts: actionpack/lib/action_view/helpers/form_helper.rb actionpack/test/template/form_helper_test.rb
* | | Remove suggestion that Procs can be used as session secrets.James Coglan2013-01-051-7/+4
| | | | | | | | | | | | | | | | | | | | | | | | (cherry picked from commit 6500d7994e94af439587ba0b6088b14532940ad2) [ci skip] Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
* | | Merge pull request #8763 from hsbt/backport-to-hide-warningCarlos Antonio da Silva2013-01-041-1/+2
|\ \ \ | |_|/ |/| | | | | | | | Backport 4f0f1b5 into 3-2-stable. When running the test with warnings enabled, it fails without this change.
| * | backport #4f0f1b5 into 3-2-stable. because 1.9.3-p362 warned unused variables.SHIBATA Hiroshi2013-01-051-1/+2
|/ / | | | | | | | | Conflicts: actionpack/test/controller/render_test.rb
* | Change the encrypted campfire notification tokenRafael Mendonça França2013-01-031-1/+1
| | | | | | | | | | Conflicts: .travis.yml
* | Merge pull request #8718 from jstirk/column_writer_to_i_errorsRafael Mendonça França2013-01-034-8/+31
|\ \ | | | | | | Fix undefined method `to_i' introduced since 3.2.8
| * | Fix undefined method `to_i' introduced since 3.2.8Jason Stirk2013-01-044-8/+31
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit fixes a bug introduced in 96a13fc7 which breaks behaviour of integer fields in 3.2.8. In 3.2.8, setting the value of an integer field to a non-integer (eg. Array, Hash, etc.) would default to 1 (true) : # 3.2.8 p = Post.new p.category_id = [ 1, 2 ] p.category_id # => 1 p.category_id = { 3 => 4 } p.category_id # => 1 In 3.2.9 and above, this will raise a NoMethodError : # 3.2.9 p = Post.new p.category_id = [ 1, 2 ] NoMethodError: undefined method `to_i' for [1, 2]:Array Whilst at first blush this appear to be sensible, it combines in bad ways with scoping. For example, it is common to use scopes to control access to data : @collection = Posts.where(:category_id => [ 1, 2 ]) @new_post = @collection.new In 3.2.8, this would work as expected, creating a new Post object (albeit with @new_post.category_id = 1). However, in 3.2.9 this will cause the NoMethodError to be raised as above. It is difficult to avoid triggering this error without descoping before calling .new, breaking any apps running on 3.2.8 that rely on this behaviour. This patch deviates from 3.2.8 in that it does not retain the somewhat spurious behaviour of setting the attribute to 1. Instead, it explicitly sets these invalid values to nil : p = Post.new p.category_id = [ 1, 2 ] p.category_id # => nil This also fixes the situation where a scope using an array will "pollute" any newly instantiated records. @new_post = @collection.new @new_post.category_id # => nil Finally, 3.2.8 exhibited a behaviour where setting an object to an integer field caused it to be coerced to "1". This has not been retained, as it is spurious and surprising in the same way that setting Arrays and Heshes was : c = Category.find(6) p = Post.new # 3.2.8 p.category_id = c p.category_id # => 1 # This patch p.category_id = c p.category_id # => nil This commit includes explicit test cases that expose the original issue with calling new on a scope that uses an Array. As this is a common situation, an explicit test case is the best way to prevent regressions in the future. It also updates and separates existing tests to be explicit about the situation that is being tested (eg. AR objects vs. other objects vs. non-integers)
* | Merge pull request #8733 from amatsuda/rails32_readme_dir_treeRafael Mendonça França2013-01-031-8/+8
|\ \ | | | | | | | | | | | | update directory tree in the generated README in Rails 3.2 [ci skip]
| * | update directory tree in the generated READMEAkira Matsuda2013-01-041-8/+8
|/ / | | | | | | [ci skip]
* | Merge pull request #8716 from miguelff/3-2-stableRafael Mendonça França2013-01-039-9/+9
|\ \ | | | | | | Merged latest released tag (v3.2.10) into the stable branch (3-2-stable)
| * | Merge tag 'v3.2.10' into 3-2-stableMiguel2013-01-039-9/+9
| |\| | | | | | | | | | Latest released tag was not fully merged into the stable branch (missed version bumping)
| | * bumping version to 3.2.10Aaron Patterson2012-12-239-9/+9
| | |
* | | Merge pull request #8719 from pcasaretto/fix-actionview-doc-typoCarlos Antonio da Silva2013-01-031-1/+1
|/ / | | | | | | Fix typo on form_tag_helper.rb [ci skip]
* | Use Ruby 1.8 syntaxRafael Mendonça França2013-01-021-2/+2
| |
* | Merge pull request #8703 from senny/backport_8700Rafael Mendonça França2013-01-023-6/+33
|\ \ | | | | | | | | | | | | Backport #8701, do not append a second slash with `trailing_slash: true` Closes #8700
| * | Backport #8701, do not append a second slash with `trailing_slash: true`Yves Senn2013-01-023-6/+33
|/ /
* | Add release date of 3.2.10Rafael Mendonça França2013-01-027-14/+50
| | | | | | | | Fix format and wrong changelog entry
* | Improve CHANGELOG message [ci skip]Rafael Mendonça França2013-01-021-3/+2
| |
* | Merge branch '3-2-stable' into 3-2-secmergeAaron Patterson2013-01-028-272/+56
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3-2-stable: fix block.arity raise nil error when not given a block to "content_tag_for" removes the Ajax on Rails early draft Revert "Merge pull request #8665 from senny/8661_should_not_append_charset_if_already_present" backport #8662, charset should not be appended for `head` responses Revert "Fix `validates_presence_of` with `:allow_nil` or `:allow_blank` options." Fix `validates_presence_of` with `:allow_nil` or `:allow_blank` options. backport #8616, quote column names in generated fixture files
| * \ Merge pull request #8640 from jasl/3-2-stableRafael Mendonça França2013-01-023-1/+16
| |\ \ | | | | | | | | fix block.arity will raise nil error
| | * | fix block.arity raise nil error when not given a block to "content_tag_for"jasl2013-01-023-1/+16
| | | |
| * | | removes the Ajax on Rails early draftXavier Noria2012-12-311-267/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There was a few attempts at writing this guide, but we never passed from the work in progress stage. In spite of not being included in the table of contents, this draft was still indexed by bots and showed up in searches. Steve Klabnik has written "Working with JavaScript in Rails" which is going to be released with Rails 4. So better get rid of this altogether.
| * | | Revert "Merge pull request #8665 from ↵Santiago Pastorino2012-12-314-27/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | senny/8661_should_not_append_charset_if_already_present" This reverts commit e48dc194231830f42f179704596b88215f062c23, reversing changes made to d38c8caa48a732d41c7402a5e71deece4e313559.
| * | | Merge pull request #8665 from ↵Santiago Pastorino2012-12-314-4/+27
| |\ \ \ | | |/ / | |/| | | | | | | | | | senny/8661_should_not_append_charset_if_already_present backport #8662, charset should not be appended for `head` responses
| | * | backport #8662, charset should not be appended for `head` responsesYves Senn2012-12-314-4/+27
| |/ / | | | | | | | | | | | | | | | | | | 1) Failure: test_head_created_with_image_png_content_type(RenderTest) [test/controller/render_test.rb:1238]: Expected: "image/png" Actual: "image/png; charset=utf-8"