| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instance level writers can have an impact on how the Active Model /
Record objects are saved. Specifically, they can be used to bypass
validations. This is a problem if mass assignment protection is
disabled and specific attributes are passed to the constructor.
CVE-2016-0753
|
| | |
| | |
| | |
| | |
| | |
| | | |
this will avoid timing attacks against applications that use basic auth.
CVE-2015-7576
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
[ci skip]
Fixes #20808
[Vipul A M & Julio Lopez]
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The Time.use_zone method will only affect ActiveSupport::TimeWithZone
instances created inside of the block passed to Time.use_zone. This
could be confusing when fetching a model and then reading the attribute
before the block and it not changing afterwards because Active Record
caches the conversion from the database value.
Since changing the behavior of Active Record to recreate the value on
every attribute read is an expensive operation the best we can do is
to document the issue.
Fixes #23195.
[ci skip]
|
|\ \
| | |
| | | |
Allow to store .keep file in cache directory
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The line filter parsing added to ActiveSupport::TestCase is only half the story
to enable line filtering. The other half, of adding the patterns to the options,
is done in the Minitest plugin that Railties has.
Thus it makes more sense to have the filter in Railties with the other half and
all the line filtering tests.
Move the filter and extend Active Support in an initializer, so that when users
or `rails/all.rb` require `rails/test_unit/railtie` we can still filter by line.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When `rails console` or `rails server` are used along with a logger set to output to `STDOUT` then the contents will show up twice. This happens because the logger is extended with `ActiveSupportLogger.broadcast` with a destination of STDOUT even if it is already outputting to `STDOUT`.
Previously PR #22592 attempted to fix this issue, but it ended up causing NoMethodErrors. A better approach than relying on adding a method and flow control is to inspect the log destination directly. For this `ActiveSupport::Logger.logger_outputs_to?` was introduced
```ruby
logger = Logger.new(STDOUT)
ActiveSupport::Logger.logger_outputs_to?(logger, STDOUT)
# => true
```
To accomplish this we must look inside of an instance variable of standard lib's Logger `@logdev`. There is a related Ruby proposal to expose this method in a standard way: https://bugs.ruby-lang.org/issues/11955
|
| | |
| | |
| | |
| | | |
This reverts related commits due to #22917.
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
rthbound/adds-exception-object-to-instrumenter-payload
Adds exception object to instrumenter's payload
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Adds new key/value pair to payload when an exception is raised
e.g. `:exception_object=> #<RuntimeError: FAIL>`
- Updates relevant test
- Adds CHANGELOG entry
|
| | | | |
|
|\ \ \ \
| |/ / /
|/| | | |
Support extended grapheme clusters and UAX 29
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
http://www.unicode.org/reports/tr29/tr29-21.html is the version of UAX
29 that corresponds to Unicode 6.2.0. Unicode.unpack_graphemes now
implements all the rules listed there, including the ones for extended
grapheme clusters.
I added a new optional test,
test/multibyte_grapheme_break_conformance.rb, that is heavily based on
test/multibyte_normalization_conformance.rb, which runs the Unicode test
suite.
|
| | | |
| | | |
| | | |
| | | | |
This will make it easier to add the rest of the rules listed in UAX 29.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Add a missing require to ActiveSupport::NumericWithFormat
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Document `Logger#broadcast_messages` option
|
| |/ / / / |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add support for Petabyte and Exabyte in number to human size
|
| |/ / / / |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Fixes LoggerSilence#silence threadsafety
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- uses instance defined level if no custom local log level defined
- Keeps track of local log level per [ thread + object-instance ]
- prevents memory leakage by removing local level hash key/value on #silence method exit
- avoids the use of Thread local variables
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I've worked on a few applications that have gone through the
internationalization process and had issues because they were using
`number_to_currency`. The minute a user is allowed to change their
locale, they can change the price displayed on a page from 10 US dollars
to 10 Mexican Pesos, which is far from the same amount of money.
Unlike other helpers that rely on i18n, `number_to_currency` does not
produce equivalent results when the locale is changed.
As I've explained this to a few groups of developers now, I thought it
might make for a good caveat in the docs.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[ci skip]
Change output timming of sample code
|
| | | | |
| | | | |
| | | | |
| | | | | |
- Expect returns "new value 1" but, retuns nil, because output at thread is not finished. Move val_1 output to finished thread.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It is in the code to provides backward compatibility for people that
have this class serialized as YAML in some storage.
Closes #22681
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also, added a test case to make sure that the default deprecation horizon is
always bigger than the current Rails version.
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Fix cache fetch miss notification order
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes https://github.com/rails/rails/issues/22477.
When I improved the caching instrumentation in
edd33c08d98723ae9bb89cf7f019277117ed6414, I inadvertently changed the
order of AS notifications when there is a cache miss.
|
| | | | |
| | | | |
| | | | |
| | | | | |
:tada: :beers:
|
| | | | |
| | | | |
| | | | | |
We went back to `Thread.current[]` in 33e11e59.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
accessors"
This reverts commit 301f43820562c6a70dffe30f4227ff0751f47d4f per @matthewd on https://github.com/rails/rails/pull/22630/files#r47997074
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We call the thread variable accessors on `Thread.current`, which matches Ruby's
documentation:
http://ruby-doc.org/core-2.2.0/Thread.html#method-i-thread_variable_get
Fix these to stay `current` ( ͡° ͜ʖ ͡°)
|
| | | | |
| | | | |
| | | | |
| | | | | |
[ci skip]
|
| | | | |
| | | | |
| | | | |
| | | | | |
[ci skip]
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
class and module variables that live per-thread
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add Logger option to disable message broadcasts
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When setting the Rails logger to log to STDOUT, it would broadcast the
log twice in development. This adds a setting that will prevent messages
from being broadcast to multiple logs, while still allowing calls to
`#close`, `#level=`, `#progname=`, and `#formatter=` to be broadcasted.
Fixes #14769, #11415
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Use Module.prepend instead of alias_method for Range#to_s
|