aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | Merge branch '3-2-sec' into 3-2-secmergeAaron Patterson2013-01-082-8/+26
|\| | | | | | | | | | | | | | | | | | | | | | | | | * 3-2-sec: bumping version CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu Avoid Rack security warning no secret provided Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md activesupport/CHANGELOG.md
| * bumping versionAaron Patterson2013-01-081-1/+1
| |
| * CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.Jeremy Kemper2013-01-081-7/+25
| |
* | Wrap time ranges with timezones, closes #8807Vasiliy Ermolovich2013-01-082-11/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | (cherry picked from commit e2e513621d732abb8efff9120bd9a444836720d6) (cherry picked from commit dcdde7da481e11660634278a8004175a1ce20f39) Backport of #6183, original issue was #6179 Conflicts: activesupport/lib/active_support/core_ext/time/calculations.rb activesupport/test/core_ext/time_ext_test Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
* | Merge tag 'v3.2.10' into 3-2-stableMiguel2013-01-031-1/+1
|\| | | | | | | Latest released tag was not fully merged into the stable branch (missed version bumping)
| * bumping version to 3.2.10Aaron Patterson2012-12-231-1/+1
| |
* | Remove unicode character encoding from ActiveSupport::JSON.encodeBrett Carter2012-12-141-7/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The encoding scheme (e.g. ☠ -> "\u2620") was broken for characters not in the Basic Multilingual Plane. It is possible to escape them for json using the weird encoding scheme of a twelve-character sequence representing the UTF-16 surrogate pair (e.g. '𠜎' -> "\u270e\u263a") but this wasn't properly handled in the escaping code. Since raw UTF-8 is allowed in json, it was decided to simply pass through the raw bytes rather than attempt to escape them. Backport of https://github.com/zbskii/rails/commit/9ace3a8820a5270f9b3f37b593f8bbea3e940f73 Conflicts: activesupport/CHANGELOG.md activesupport/lib/active_support/json/encoding.rb activesupport/test/json/encoding_test.rb
* | Add :nsec format only for Ruby 1.9Carlos Antonio da Silva2012-12-111-1/+2
| | | | | | | | | | | | Ruby 1.8 does not support this format in Time, so the format will only be added to the available date formats on Ruby 1.9. Changelog entry was changed to explain that as well.
* | Merge pull request #6376 from jgaskins/timestamp-microsecondsJeremy Kemper2012-12-101-0/+1
| | | | | | | | | | | | Increase numeric-timestamp precision to nanoseconds Conflicts: activesupport/lib/active_support/core_ext/time/conversions.rb
* | Use send in Time marshal extensions since the methods are now privateCarlos Antonio da Silva2012-12-031-2/+2
| | | | | | | | | | | | | | See https://github.com/ruby/ruby/commit/9c1b3161f20162dc1682d758c0e4d2fc3a74745e All Active Support tests pass in 2.0.0preview2 after this change. Closes #8409
* | Fixed description for ActiveSupport::Concern typical caseDmitry Vorotilin2012-11-301-1/+3
| |
* | Revert "Use MiniTest in Ruby 1.8 if it is available."Carlos Antonio da Silva2012-11-131-3/+1
| | | | | | | | | | | | | | This reverts commit c3e186ec8dcb2ec26d5d56f3e89123b1350c4a6f. Reason: too many incompatibilities make a lot of Rails tests fail in 1.9. Might need more work to get this done properly in 3-2 if necessary.
* | Update mocha version to 0.13.0 and change requiresCarlos Antonio da Silva2012-11-132-2/+1
| |
* | Merge pull request #8200 from freerange/3-2-stable-with-mocha-fixesCarlos Antonio da Silva2012-11-133-5/+11
|\ \ | | | | | | Fix 3-2-stable to work with Mocha v0.13.0
| * | Avoid a Mocha deprecation warning.James Mead2012-11-131-1/+1
| | |
| * | Fix for Test::Unit Mocha compatibility.James Mead2012-11-131-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | Mocha is now using a single AssertionCounter which needs a reference to the testcase as opposed to the result. This change is an unfortunate consequence of the copying of a chunk of Mocha's internal code in order to monkey-patch Test::Unit.
| * | Use MiniTest in Ruby 1.8 if it is available.James Mead2012-11-131-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ActiveSupport::TestCase was always inheriting from Test::Unit::TestCase. This works fine in Ruby 1.9 where Test::Unit::TestCase is a thin wrapper around MiniTest::Unit::TestCase, but does not work in Ruby 1.8 if the MiniTest gem is used. What happens is that ActiveSupport inherits from the Test::Unit::TestCase provided by the standard library, but then since Minitest is defined, it then seems to proceed on the assumption that ActiveSupport::TestCase has MiniTest::Unit::TestCase in its ancestor chain. However, in this case it does not. The fix is simply to choose which test library TestCase to inherit from using the same logic used elsewhere to detect MiniTest. I noticed this bug causing issues when using MiniTest and Mocha in Ruby 1.8, but there may well be other issues.
| * | Copy Mocha bug fix.James Mead2012-11-131-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A bug was fixed [1] in Mocha's integration with Test::Unit, but this monkey-patching code was copied before the fix. We need to copy the fixed version. The bug meant that an unexpected invocation against a mock within the teardown method caused a test *error* and not a test *failure*. [1] https://github.com/freerange/mocha/commit/f1ff6475ca2871f2977ab84cabbbfe2adadbbee6#diff-5
* | | backport #8185, `#as_json` isolates options when encoding a hash.Yves Senn2012-11-131-1/+1
|/ / | | | | | | | | | | | | | | | | | | Setting options in a custom `#as_json` method had side effects. Modifications of the `options` hash leaked outside and influenced the conversion of other objects contained in the hash. Conflicts: activesupport/CHANGELOG.md
* | Merge branch '3-2-9' into 3-2-stableSantiago Pastorino2012-11-121-1/+1
|\|
| * Bump to 3.2.9Santiago Pastorino2012-11-121-1/+1
| |
* | Merge branch '3-2-9' into 3-2-stableSantiago Pastorino2012-11-091-1/+1
|\|
| * Bump up to 3.2.9.rc3Santiago Pastorino2012-11-091-1/+1
| |
* | Merge pull request #8027 from daenney/masterXavier Noria2012-11-081-2/+7
|/ | | | | | | | Atomic.rb assumes it may chown/chmod a file but doesn't handle the EPERM error. Conflicts: activesupport/CHANGELOG.md guides/source/active_support_core_extensions.md
* Bump to 3.2.9.rc2Santiago Pastorino2012-11-011-1/+1
|
* Bump to 3.2.9.rc1Santiago Pastorino2012-10-291-2/+2
|
* Merge pull request #8022 from GRoguelon/3-2-stableRafael Mendonça França2012-10-241-1/+1
|\ | | | | Adding a missing parenthesis in the doc of String#parameterize.
| * Adding a missing parenthesis in the doc of String#parameterize.Geoffrey Roguelon2012-10-241-1/+1
| |
* | Shush syntax warningsJeremy Kemper2012-09-281-3/+3
| |
* | Add logger.push_tags and .pop_tags to complement logger.taggedJeremy Kemper2012-09-271-18/+28
| | | | | | | | | | | | | | | | | | Avoid memory leak from unflushed logs on other threads leaving tags behind. Conflicts: activesupport/CHANGELOG.md activesupport/lib/active_support/tagged_logging.rb activesupport/test/tagged_logging_test.rb
* | Fix invalid ruby 1.8 syntaxRafael Mendonça França2012-09-211-4/+5
| |
* | Fix #6962. AS::TimeWithZone#strftime responds incorrectly to %:z and %::z ↵kennyj2012-09-201-1/+4
|/ | | | format strings.
* fixes a bug in dependencies.rbXavier Noria2012-08-281-1/+1
| | | | | | | loaded stores file names without the .rb extension, but search_for_file returns file names with the extension. The solution is hackish, but this file needs a revamp.
* Bump to 3.2.8Santiago Pastorino2012-08-091-1/+1
|
* Bump to 3.2.8.rc2Santiago Pastorino2012-08-031-1/+1
|
* Fix html_escape with Ruby 1.8Rafael Mendonça França2012-08-021-15/+26
|
* html_escape should escape single quotesSantiago Pastorino2012-08-021-28/+16
| | | | | | | | | | | | https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content Closes #7215 Conflicts: actionpack/test/template/erb_util_test.rb actionpack/test/template/form_tag_helper_test.rb actionpack/test/template/text_helper_test.rb actionpack/test/template/url_helper_test.rb activesupport/lib/active_support/core_ext/string/output_safety.rb
* Fix ActiveSupport integration with Mocha > 0.12.1Mike Gunderloy2012-08-021-1/+3
| | | | | | Mocha 0.12.2 renames the Integration module to MonkeyPatching. This breaks the code Rails uses to retrieve the assertion counter from Mocha.
* Bump to 3.2.8.rc1Santiago Pastorino2012-08-011-2/+2
|
* Revert "Deprecate ActiveSupport::JSON::Variable"Rafael Mendonça França2012-08-011-9/+1
| | | | This reverts commit bcfa013399fd2c5b5d25c38912cba3560de1cc57.
* bumping to 3.2.7Aaron Patterson2012-07-261-1/+1
|
* updating the versionAaron Patterson2012-07-231-2/+2
|
* Hash#fetch(fetch) is not the same as doing hash[key]Xavier Noria2012-07-211-1/+11
|
* adds a missing require [fixes #6896]Xavier Noria2012-07-152-1/+1
| | | | | This file uses Time.zone, which is defined in active_support/core_ext/time/zones.rb.
* make sure the inflection rules are loaded when cherry-picking ↵Xavier Noria2012-06-293-0/+5
| | | | active_support/core_ext/string/inflections.rb [fixes #6884]
* Merge pull request #6857 from rsutphin/as_core_ext_time_missing_requireCarlos Antonio da Silva2012-06-251-0/+1
| | | | Missing require breaks Time.=== when selectively loading ActiveSupport core_exts in 3.2.4+
* bump AS deprecation_horizon to 4.0Francesco Rodríguez2012-06-171-2/+2
|
* bumping version numbersAaron Patterson2012-06-111-1/+1
|
* Merge pull request #6688 from ↵Rafael Mendonça França2012-06-101-2/+2
|\ | | | | | | | | c42engineering/buffered_logger_level_while_creation BufferedLogger level while creation
| * buffered logger is initialized with the log level passed trough the initializerNiranjan Paranjape2012-06-091-2/+2
| |