| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Use Fiber.current.__id__ in ActiveSupport::Logger#local_level= in order
to make log level local to Ruby Fibers in addition to Threads.
|
|\
| |
| | |
Introduce a new ActiveSupport::SecureCompareRotator class:
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- This class is used to rotate a previously determined value to a new
one before making the comparions.
We use this at Shopify to rotate Basic Auth crendials but I can
imagine other use cases.
The implementation uses the same `Messages::Rotator` module than
the MessageEncryptor/MessageVerifier class so it works exactly the
same way.
You can use it as follow:
```ruby
rotator = ActiveSupport::SecureCompareRotator.new('new_production_value')
rotator.rotate('previous_production_value')
rotator.secure_compare!('previous_production_value')
```
|
|\ \
| | |
| | | |
Add support for Proc based parameter filtering on arrays of values
|
| | |
| | |
| | |
| | |
| | | |
Remove extra newline.
Co-Authored-By: Rafael França <rafael@franca.dev>
|
| | |
| | |
| | |
| | | |
Based on the way parameters are currently processed, a parameter value of type Hash is recursively processed. For a value of type Array however, the current behavior is to simply return the original array, with no filtering. It is not clear what the expected behavior should be. But, doing nothing seems incorrect, since it bypasses custom Proc based parameter filtering all together for arrays of values. This change introduces a failing test in preparation to add logic that proposes one possible option for the expected behavior with Array values.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Exclude missing marshal_dump and _dump methods from being delegated to
an object's delegation target via the delegate_missing_to extension.
This avoids unintentionally adding instance variables to an object
during marshallization, should the delegation target be a method which
would otherwise add them.
In current versions of Ruby, a bug exists in the way objects are
marshalled, allowing for instance variables to be added or removed
during marshallization (see https://bugs.ruby-lang.org/issues/15968).
This results in a corrupted serialized byte stream, causing an object's
instance variables to "leak" into subsequent serialized objects during
demarshallization.
In Rails, this behavior may be triggered when marshalling an object that
uses the delegate_missing_to extension, if the delegation target is a
method which adds or removes instance variables to an object being
marshalled - when calling Marshal.dump(object), Ruby's built in behavior
will check whether the object responds to :marshal_dump or :_dump, which
in turn triggers the delegation target method in the
responds_to_missing? function defined in
activesupport/lib/active_support/core_ext/module/delegation.rb
While future versions of Ruby will resolve this bug by raising a
RuntimeError, the underlying cause of this error may not be readily
apparent when encountered by Rails developers. By excluding marshal_dump
and _dump from being delegated to an object's target, this commit
eliminates a potential cause of unexpected behavior and/or
RuntimeErrors.
Fixes #36522
|
| | |
| | |
| | |
| | | |
`ActiveSupport::Inflector.transliterate`"
|
| | |
| | |
| | |
| | |
| | |
| | | |
It's noted in #34062 that String#parameterize will raise an `Encoding::CompatibilityError` if the string is not UTF-8 encoded. The error is raised as a result of passing the string to `.unicode_normalize`.
This PR raises a higher level `ArgumentError` if the provided string is not UTF-8 and updates documentation to note the encoding requirement.
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
sikachu/fix-source-annotation-extractor-annotation
Fix problem with accessing deprecated constant proxy's subclass
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit fixes #36313.
After #32065 moved `SourceAnnotationExtractor` into `Rails` module, it
broke the ability to access `SourceAnnotationExtractor::Annotate`
directly as user would get this error:
TypeError: Rails::SourceAnnotationExtractor is not a class/module
This commit fixes the issue by making `DeprecatedConstantProxy` to
inherit from `Module` and then defines `method_missing` and
`const_missing` to retain the previous functionality.
Thank you Matthew Draper for the idea of how to fix the issue!
[Prem Sichanugrist & Matthew Draper]
|
|\ \ \
| | | |
| | | | |
Return a copy of the cache entry when local_cache exists:
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- When the local cache exists (during the request lifecycle), the
entry returned from the LocalStore is passed as a reference which
means mutable object can accidentaly get modified.
This behaviour seems unnecessarily unsafe and is prone to
issues like it happened in our application.
This patch dup the `Entry` returned from the cache and dup it's
internal value.
|
|/ / / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
definition
Tests are also only on the `Time` class
Update doc forgetting to erase when moved
Update guide `Date` class to `Time` class and defined file
Update guide correction omission
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We sometimes say "✂️ newline after `private`" in a code review (e.g.
https://github.com/rails/rails/pull/18546#discussion_r23188776,
https://github.com/rails/rails/pull/34832#discussion_r244847195).
Now `Layout/EmptyLinesAroundAccessModifier` cop have new enforced style
`EnforcedStyle: only_before` (https://github.com/rubocop-hq/rubocop/pull/7059).
That cop and enforced style will reduce the our code review cost.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Use case:
I'm writing a wrapper around MessageEncryptor to make things easier
to rotate a secret in our app.
It works something like
```ruby
crypt = RotatableSecret.new(['old_secret', 'new_secret'])
crypt.decrypt_and_verify(message)
```
I'd like the caller to not have to care about passing the
`on_rotation` option and have the wrapper deal with it when
instantiating the MessageEncryptor object.
Also, almost all of the time the on_rotation should be the same when
rotating a secret (logging something or StatsD event) so I think
it's not worth having to repeat ourselves each time we decrypt a message.
|
|/
|
|
|
|
|
| |
This is a regression for #36184.
And also, add new `monotonic` argument to the last of the method
signature rather than the first.
|
| |
|
|\
| |
| | |
Fix EventedFileUpdateChecker through a symlink
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On MacOS, Dir.tmpdir gives me a folder inside "/var/folders/". However,
/var is a symlink to /private/var.
Previously, the nonexistent directory test would fail because it was
initialized with /var/folders/... but the filenames from listen would be
the realpaths.
This commit normalizes the dirs by calling realpath on them if they
exist. This is done on boot!, so it will work with newly directories
through the symlink.
|
| |
| |
| |
| |
| | |
The common include of this test creates a tmpdir, we should use that for
consistency.
|
|/
|
|
| |
This is no longer used as of caa3cc8868206f8109e0d633efb09d31e94ef635
|
|
|
|
| |
attachment
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'ActiveSupport::Notifications::Fanout::Subscribers::MonotonicTimed' and 'ActiveSupport::Notifications::monotonic_subscribe'
Also, change the signature of ‘ActiveSupport::Notifications::Fanout#subscribe’ to accept optional ‘monotonic’ boolean argument. Then initialize either a ‘Timed’ or ‘MonotonicTimed’ subscriber based on the value of ‘monotonic’ parameter.
Introduce ‘ActiveSupport::Notifications::monotonic_subscribe’ method
Also, provision ‘ActiveSupport::Notifications::subscribed’ to optionally accept ‘monotonic’ boolean argument.
Update documentation for ActiveSupport::Notifications
Add tests
Update guides documentation under the 'Active Support Instrumentation' chapter
Incorporate feedback: use optional keyword argument to specify optional 'monotonic' option to 'subscribed' method
Fix a typo
|
|\
| |
| |
| |
| | |
azimux/improve-hwia-initialize-by-skipping-to_h-if-already-a-hash
HashWithIndifferentAccess#initialize performance improvement
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Rails 4 -> Rails 5 introduced a #to_hash call in
HashWithIndifferentAccess#initialize to guarantee access to
the #default and #default_proc methods. This can be a very
expensive operation for very large HashWithIndifferentAccess
objects. This commit bypasses this #to_hash call if it is
already a Hash.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The change to monotonic times causes failures for applications
where the subscribed block is expecting Time objects as described
in this issue: https://github.com/rails/rails/issues/36145
The original PR (https://github.com/rails/rails/pull/35984) was
concerned with errors on the cpu_time. Test was edited to reflect
changes to initializer using 0 values instead of nil
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add test asserting truncate returns unfrozen string
* Ensure strings returned from truncate are not frozen
This fixes an issue where strings too short to be truncated were
returned unfrozen, where as long-enough strings were returned
frozen. Now retuned strings will not be frozen whether or not
the string returned was shortened.
* Update changelog w/ new truncate behavior description
[Jordan Thomas + Rafael Mendonça França]
|
|\ \
| | |
| | | |
Refactor `ActiveSupport::Deprecation.deprecate_methods` not to expose internal methods
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
internal methods
In #33325, `deprecate_methods` is replaced from `prepend` to completely
emurated `alias_method_chain`, it exposed two internal methods
`xxx_with_deprecation` and `xxx_without_deprecation`.
After that, #34648 restored the `prepend` implementation, which doesn't
expose any internal methods, so we no longer be able to ensure to always
expose that internal methods.
As I said at https://github.com/rails/rails/pull/33325#issuecomment-409016725,
I think that internal methods exposed is not a specification but a
limitation when using `alias_method_chain`, there is no longer a reason
to follow that limitation.
|
| | | |
|
| | | |
|
| | | |
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Actionable errors let's you dispatch actions from Rails' error pages. This
can help you save time if you have a clear action for the resolution of
common development errors.
The de-facto example are pending migrations. Every time pending migrations
are found, a middleware raises an error. With actionable errors, you can
run the migrations right from the error page. Other examples include Rails
plugins that need to run a rake task to setup themselves. They can now
raise actionable errors to run the setup straight from the error pages.
Here is how to define an actionable error:
```ruby
class PendingMigrationError < MigrationError #:nodoc:
include ActiveSupport::ActionableError
action "Run pending migrations" do
ActiveRecord::Tasks::DatabaseTasks.migrate
end
end
```
To make an error actionable, include the `ActiveSupport::ActionableError`
module and invoke the `action` class macro to define the action. An action
needs a name and a procedure to execute. The name is shown as the name of a
button on the error pages. Once clicked, it will invoke the given
procedure.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
When trying to call mget in Redis without any
parameters, a Redis error is thrown. To avoid
this, we circumvent Redis entirely when there
are no key names given.
|
|\ \
| | |
| | |
| | |
| | | |
sushantmittal/add_deattach_from_in_active_support_subscriber
Adds 'detach_from' to 'ActiveSupport::Subscriber' to detach a subscriber from a namespace.
|
| | |
| | |
| | |
| | | |
from a namespace.
|
| | | |
|
|\ \ \
| | | |
| | | | |
sub, sub!, gsub, and gsub! should set back references
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Before:
```ruby
(1..10).cover?(1...11) => false
```
After:
```ruby
(1..10).cover?(1...11) => true
```
See https://git.io/fjTtz for the commit against Ruby core that added
support for Range arguments, with similar handling of this case.
|
| | | |
| | | |
| | | |
| | | | |
It allows anonymous subclasses to be garbage collected.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
* Update #instrument to make passing a block optional. This will let users
leverage #instrument for messaging in addition to instrumentation.
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In #10634 the behavior of Time#advance was changed to maintain a
proleptic gregorian calendar for dates before calendar reform. However
it didn't full address dates a long time before calendar reform and
they gradually drift away from the proleptic calendar the further you
go back in time. Fix this by always converting the date to gregorian
before calling advance which sets the reform date to -infinity.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When FileUpdateChecker is passed a directory and given an empty array of
extensions to match on, it will match any extension.
Previously, EventedFileUpdateChecker would never match any files when
given an empty array. This commit makes it EventedFileUpdateChecker
match FileUpdateChecker, and watch all extensions when given an empty
array.
|
| | | |
|
| | |
| | |
| | |
| | | |
Also add tests for parametrize and transliterate
|