| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 3-2-sec:
bumping version
CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
Avoid Rack security warning no secret provided
Conflicts:
actionpack/CHANGELOG.md
activerecord/CHANGELOG.md
activesupport/CHANGELOG.md
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(cherry picked from commit e2e513621d732abb8efff9120bd9a444836720d6)
(cherry picked from commit dcdde7da481e11660634278a8004175a1ce20f39)
Backport of #6183, original issue was #6179
Conflicts:
activesupport/lib/active_support/core_ext/time/calculations.rb
activesupport/test/core_ext/time_ext_test
Signed-off-by: Andrew White <andyw@pixeltrix.co.uk>
|
|\|
| |
| |
| | |
Latest released tag was not fully merged into the stable branch (missed version bumping)
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The encoding scheme (e.g. ☠ -> "\u2620") was broken for characters
not in the Basic Multilingual Plane. It is possible to escape them
for json using the weird encoding scheme of a twelve-character
sequence representing the UTF-16 surrogate pair (e.g. '𠜎' ->
"\u270e\u263a") but this wasn't properly handled in the escaping code.
Since raw UTF-8 is allowed in json, it was decided to simply pass
through the raw bytes rather than attempt to escape them.
Backport of https://github.com/zbskii/rails/commit/9ace3a8820a5270f9b3f37b593f8bbea3e940f73
Conflicts:
activesupport/CHANGELOG.md
activesupport/lib/active_support/json/encoding.rb
activesupport/test/json/encoding_test.rb
|
| |
| |
| |
| |
| |
| | |
Ruby 1.8 does not support this format in Time, so the format will only
be added to the available date formats on Ruby 1.9. Changelog entry was
changed to explain that as well.
|
| |
| |
| |
| |
| |
| | |
Increase numeric-timestamp precision to nanoseconds
Conflicts:
activesupport/lib/active_support/core_ext/time/conversions.rb
|
| |
| |
| |
| |
| |
| |
| | |
See https://github.com/ruby/ruby/commit/9c1b3161f20162dc1682d758c0e4d2fc3a74745e
All Active Support tests pass in 2.0.0preview2 after this change.
Closes #8409
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
This reverts commit c3e186ec8dcb2ec26d5d56f3e89123b1350c4a6f.
Reason: too many incompatibilities make a lot of Rails tests fail in 1.9.
Might need more work to get this done properly in 3-2 if necessary.
|
| | |
|
|\ \
| | |
| | | |
Fix 3-2-stable to work with Mocha v0.13.0
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Mocha is now using a single AssertionCounter which needs a reference to
the testcase as opposed to the result.
This change is an unfortunate consequence of the copying of a chunk of
Mocha's internal code in order to monkey-patch Test::Unit.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
ActiveSupport::TestCase was always inheriting from Test::Unit::TestCase.
This works fine in Ruby 1.9 where Test::Unit::TestCase is a thin wrapper
around MiniTest::Unit::TestCase, but does not work in Ruby 1.8 if the
MiniTest gem is used. What happens is that ActiveSupport inherits from
the Test::Unit::TestCase provided by the standard library, but then
since Minitest is defined, it then seems to proceed on the assumption
that ActiveSupport::TestCase has MiniTest::Unit::TestCase in its
ancestor chain. However, in this case it does not.
The fix is simply to choose which test library TestCase to inherit from
using the same logic used elsewhere to detect MiniTest.
I noticed this bug causing issues when using MiniTest and Mocha
in Ruby 1.8, but there may well be other issues.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A bug was fixed [1] in Mocha's integration with Test::Unit, but this
monkey-patching code was copied before the fix. We need to copy the
fixed version.
The bug meant that an unexpected invocation against a mock within the
teardown method caused a test *error* and not a test *failure*.
[1]
https://github.com/freerange/mocha/commit/f1ff6475ca2871f2977ab84cabbbfe2adadbbee6#diff-5
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Setting options in a custom `#as_json` method had side effects.
Modifications of the `options` hash leaked outside and influenced
the conversion of other objects contained in the hash.
Conflicts:
activesupport/CHANGELOG.md
|
|\| |
|
| | |
|
|\| |
|
| | |
|
|/
|
|
|
|
|
|
| |
Atomic.rb assumes it may chown/chmod a file but doesn't handle the EPERM error.
Conflicts:
activesupport/CHANGELOG.md
guides/source/active_support_core_extensions.md
|
| |
|
| |
|
|\
| |
| | |
Adding a missing parenthesis in the doc of String#parameterize.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Avoid memory leak from unflushed logs on other threads leaving tags behind.
Conflicts:
activesupport/CHANGELOG.md
activesupport/lib/active_support/tagged_logging.rb
activesupport/test/tagged_logging_test.rb
|
| | |
|
|/
|
|
| |
format strings.
|
|
|
|
|
|
|
| |
loaded stores file names without the .rb extension, but search_for_file
returns file names with the extension.
The solution is hackish, but this file needs a revamp.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
Closes #7215
Conflicts:
actionpack/test/template/erb_util_test.rb
actionpack/test/template/form_tag_helper_test.rb
actionpack/test/template/text_helper_test.rb
actionpack/test/template/url_helper_test.rb
activesupport/lib/active_support/core_ext/string/output_safety.rb
|
|
|
|
|
|
| |
Mocha 0.12.2 renames the Integration module to
MonkeyPatching. This breaks the code Rails uses
to retrieve the assertion counter from Mocha.
|
| |
|
|
|
|
| |
This reverts commit bcfa013399fd2c5b5d25c38912cba3560de1cc57.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This file uses Time.zone, which is defined in
active_support/core_ext/time/zones.rb.
|
|
|
|
| |
active_support/core_ext/string/inflections.rb [fixes #6884]
|
|
|
|
| |
Missing require breaks Time.=== when selectively loading ActiveSupport core_exts in 3.2.4+
|
| |
|
| |
|
|\
| |
| |
| |
| | |
c42engineering/buffered_logger_level_while_creation
BufferedLogger level while creation
|
| | |
|