| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| | |
Added documentation about passing custom disallowed types to Hash#from_xml [ci skip]
|
| |
| |
| |
| | |
[ci skip]
|
| |
| |
| |
| |
| |
| |
| | |
XML documents that are too deep can cause an stack overflow, which in
turn will cause a potential DoS attack.
CVE-2015-3227
|
| |
| |
| |
| | |
Fixes CVE-2015-3226
|
|\ \
| | |
| | | |
Fix the message verifier encoding issue
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
```ruby
verifier = ActiveSupport::MessageVerifier.new('secret')
verifier.verify("\xff") # => ArgumentError: invalid byte sequence in UTF-8
```
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is not something that is failing at the moment, but can do it
eventually. I had the issue with db62081 as the HEAD and with the
following change:
```
--- a/activesupport/test/inflector_test.rb
+++ b/activesupport/test/inflector_test.rb
@@ -101,6 +101,7 @@ class InflectorTest < ActiveSupport::TestCase
def test_acronyms
ActiveSupport::Inflector.inflections do |inflect|
inflect.acronym("API")
+ inflect.acronym("HTM")
inflect.acronym("HTML")
inflect.acronym("HTTP")
inflect.acronym("RESTful")
```
I was expecting only `test_acronyms` to fail, but with a specific `seed`
others were also failing: `ruby -w -I"lib:test" test/inflector_test.rb
--seed 4313`.
Now, `inflections` instance is duplicated on `setup` and restored on
`teardown`.
I decided to benchmark and check the impact of the patch and it seems
to me to be fine.
```
Calculating -------------------------------------
without changes 1.000 i/100ms
with setup dup 1.000 i/100ms
with block dup 1.000 i/100ms
-------------------------------------------------
without changes 0.817 (± 0.0%) i/s - 5.000 in
6.119916s
with setup dup 0.784 (± 0.0%) i/s - 4.000
with block dup 0.797 (± 0.0%) i/s - 4.000
```
Where `with setup dup` duplicates on setup for each test and `with block`
duplicates for just for tests that actually modify `inflections`.
|
|\ \
| | |
| | | |
DateTime#<=> return nil when compare to the invalid String as Time.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
before:
p Time.now == 'a' # => false
p Time.now <=> 'a' # => nil
require 'active_support'
require 'active_support/core_ext'
p Time.now == 'a' # => false
p Time.now <=> 'a' # => invalid date (ArgumentError)
and on ruby 2.2, Time.now == 'a' warning.
warning: Comparable#== will no more rescue exceptions of #<=> in the next release.
warning: Return nil in #<=> if the comparison is inappropriate or avoid such comparison.
after:
- Error handling.
- Quiet warnings.
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
knovoselic/active_support_concern_class_methods_fix
[ActiveSupport] Fix for #20489 - ActiveSupport::Concern#class_methods affects parent classes
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This adds a script `bin/test` to most Rails framework components. The
script uses the rails minitest plugin to augment the runner.
See https://github.com/rails/rails/pull/19571 for details about the
plugin.
I did not yet add `bin/test` for activerecord, activejob and railties.
These components rely on specific setup performed in the rake-tasks.
|
| |_|/
|/| |
| | |
| | |
| | | |
This makes it possible to easily get the runner working with existing
setups that rely on `active_support/testing/autorun.rb`.
|
|/ / |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
```ruby
Benchmark.ips do |x|
x.report("$&") {
"foo".gsub(/f/) { $&.hex }
}
x.report("block var") {
"foo".gsub(/f/) { |match| match.hex }
}
end
```
```
Calculating -------------------------------------
$& 23.271k i/100ms
block var 24.804k i/100ms
-------------------------------------------------
$& 321.981k (± 7.4%) i/s - 1.606M
block var 324.949k (± 9.2%) i/s - 1.612M
```
|
|\ \
| | |
| | |
| | | |
Improve Test Runner's Minitest integration.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This also adds free mix and matching of directories, files and lines filters.
Like so:
bin/rails test models/post_test.rb test/integration models/person_test.rb:26
You can also mix in a traditional Minitest filter:
bin/rails test test/integration -n /check_it_out/
|
| | |
| | |
| | | |
:nail: remove extraneous bracket
|
|\ \ \
| | | |
| | | | |
Removed mocha stubbing in active_support
|
| | | | |
|
|/ / /
| | |
| | |
| | | |
[Robin Dupret & Shunsuke Aida]
|
|\ \ \
| | | |
| | | | |
[ci skip] Fix `thoughtbot` capitalization
|
| | | |
| | | |
| | | |
| | | |
| | | | |
The company name is spelled `thoughtbot` per
https://github.com/thoughtbot/presskit/blob/master/README.md#name
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
ActiveSupport::TimeWithZone references `ActiveSupport::Duration` but
does not require it, which can result in a `LoadError` when required
directly without requiring a component less granular like
`active_support/time`, where the autoload for `ActiveSupport::Duration`
is set up.
|
|\ \ \
| | | |
| | | | |
Use block variable instead of global
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
```ruby
require 'benchmark/ips'
Benchmark.ips do |x|
x.report("$&") {
"foo".sub(/f/) { $&.upcase }
}
x.report("block var") {
"foo".sub(/f/) {|match| match.upcase }
}
end
```
```
Calculating -------------------------------------
$& 48.658k i/100ms
block var 49.666k i/100ms
-------------------------------------------------
$& 873.156k (± 9.3%) i/s - 4.331M
block var 969.744k (± 9.2%) i/s - 4.818M
```
It's faster, and gets rid of a few "magic" global variables
|
|\ \ \ \
| | | | |
| | | | | |
Allow Enumerable#pluck to take a splat.
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
This allows easier integration with ActiveRecord, such that
AR#pluck will now use Enumerable#pluck if the relation is loaded,
without needing to hit the database.
|
|\ \ \ \
| | | | |
| | | | | |
Deprecate `assert_template` and `assigns()`.
|
| | |/ /
| |/| | |
|
|/ / /
| | |
| | |
| | |
| | | |
Passing 999999000 < `:nsec` < 999999999 and 999999 < `:usec` < 1000000
to change a time with utc_offset doesn't throw an `ArgumentError`.
|
|/ /
| |
| |
| | |
core_ext/time"
|
|\ \
| | |
| | | |
Replace use of alias chains with prepend at core_ext/date and core_ext/time
|
| | | |
|
|\ \ \
| | | |
| | | | |
Avoid E constant clashing with Minitest defined version.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Minitest sets an E constant to an empty string to save GC time.
This clashes with autoloading tests which define an E constant.
|
| | | |
| | | |
| | | |
| | | | |
Allows fetching the same values from arrays as from ActiveRecord associations.
|
| | | |
| | | |
| | | |
| | | | |
We are using `all:build` now.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Remove broken and unused release task
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- We do release with release.rb
- There is no `rake/gemcutter`
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Added multibyte slice! example to doc [ci skip]
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | | |
Add bang version to OrderedOptions
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
By:
Aditya Sanghi(@asanghi)
Gaurish Sharma(gaurish)
|
| | | | | | |
|
|\ \ \ \ \ \
| |_|/ / / /
|/| | | | |
| | | | | | |
Remove `.superclass_delegating_accessor`.
|
| |/ / / / |
|