rails.git - Mirror of official rails repo with custom fixes.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Preload digest/sha2 to avoid thread safe error.	Francesco Rodriguez	2017-09-25	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	I got this error in production using Puma in multi-threaded mode: ``` RuntimeError: Digest::Base cannot be directly inherited in Ruby from active_support/security_utils.rb:23:in `variable_size_secure_compare' from active_support/security_utils.rb:23:in `hexdigest' from active_support/security_utils.rb:23:in `digest' ``` Looks like Digest uses const_missing to load Digest::SHA256 (https://github.com/ruby/ruby/blob/trunk/ext/digest/lib/digest.rb#L8) - https://bugs.ruby-lang.org/issues/9494 - https://github.com/ruby/ruby/commit/c02fa39463a0c6bf698b01bc610135604aca2ff4
*	[Active Support] `rubocop -a --only Layout/EmptyLineAfterMagicComment`	Koichi ITO	2017-07-11	1	-0/+1
\|
*	Use frozen-string-literal in ActiveSupport	Kir Shatrov	2017-07-09	1	-0/+1
\|
*	Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"	Matthew Draper	2017-07-02	1	-1/+0
\| \| \| \| \|	This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
*	Enforce frozen string in Rubocop	Kir Shatrov	2017-07-01	1	-0/+1
\|
*	applies new string literal convention in activesupport/lib	Xavier Noria	2016-08-06	1	-1/+1
\| \| \| \| \|	The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
*	use secure string comparisons for basic auth username / password	Aaron Patterson	2016-01-22	1	-0/+7
\| \| \| \| \| \|	this will avoid timing attacks against applications that use basic auth. CVE-2015-7576
*	Add AS::SecurityUtils.secure_compare for constant time string comparison	Guillermo Iguaran	2014-10-23	1	-0/+20