| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
[ci-skip]
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 5-0-beta-sec:
bumping version
fix version update task to deal with .beta1.1
Eliminate instance level writers for class accessors
allow :file to be outside rails root, but anything else must be inside the rails view directory
Don't short-circuit reject_if proc
stop caching mime types globally
use secure string comparisons for basic auth username / password
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Instance level writers can have an impact on how the Active Model /
Record objects are saved. Specifically, they can be used to bypass
validations. This is a problem if mass assignment protection is
disabled and specific attributes are passed to the constructor.
CVE-2016-0753
|
| |
| |
| |
| |
| |
| | |
this will avoid timing attacks against applications that use basic auth.
CVE-2015-7576
|
| |
| |
| |
| |
| |
| |
| | |
[ci skip]
Fixes #20808
[Vipul A M & Julio Lopez]
|
| |
| |
| |
| | |
This fixes :warning: previous definition of download was here
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The Time.use_zone method will only affect ActiveSupport::TimeWithZone
instances created inside of the block passed to Time.use_zone. This
could be confusing when fetching a model and then reading the attribute
before the block and it not changing afterwards because Active Record
caches the conversion from the database value.
Since changing the behavior of Active Record to recreate the value on
every attribute read is an expensive operation the best we can do is
to document the issue.
Fixes #23195.
[ci skip]
|
|\ \
| | |
| | | |
Allow to store .keep file in cache directory
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The line filter parsing added to ActiveSupport::TestCase is only half the story
to enable line filtering. The other half, of adding the patterns to the options,
is done in the Minitest plugin that Railties has.
Thus it makes more sense to have the filter in Railties with the other half and
all the line filtering tests.
Move the filter and extend Active Support in an initializer, so that when users
or `rails/all.rb` require `rails/test_unit/railtie` we can still filter by line.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When `rails console` or `rails server` are used along with a logger set to output to `STDOUT` then the contents will show up twice. This happens because the logger is extended with `ActiveSupportLogger.broadcast` with a destination of STDOUT even if it is already outputting to `STDOUT`.
Previously PR #22592 attempted to fix this issue, but it ended up causing NoMethodErrors. A better approach than relying on adding a method and flow control is to inspect the log destination directly. For this `ActiveSupport::Logger.logger_outputs_to?` was introduced
```ruby
logger = Logger.new(STDOUT)
ActiveSupport::Logger.logger_outputs_to?(logger, STDOUT)
# => true
```
To accomplish this we must look inside of an instance variable of standard lib's Logger `@logdev`. There is a related Ruby proposal to expose this method in a standard way: https://bugs.ruby-lang.org/issues/11955
|
| | |
| | |
| | |
| | | |
This reverts related commits due to #22917.
|
| | |
| | |
| | |
| | |
| | | |
petabyte and exabyte numeric conversion has been added after the 5.0.0.beta1 release.
ref: 85048e90ab6ff6963919a9d10493b3910cd67b68
|
| | |
| | |
| | |
| | | |
[ci skip]
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
rthbound/adds-exception-object-to-instrumenter-payload
Adds exception object to instrumenter's payload
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Adds new key/value pair to payload when an exception is raised
e.g. `:exception_object=> #<RuntimeError: FAIL>`
- Updates relevant test
- Adds CHANGELOG entry
|
| | | | |
|
| | | | |
|
|\ \ \ \
| |/ / /
|/| | | |
Support extended grapheme clusters and UAX 29
|
| | | |
| | | |
| | | |
| | | | |
We how have tests for every rule in UAX 29.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
http://www.unicode.org/reports/tr29/tr29-21.html is the version of UAX
29 that corresponds to Unicode 6.2.0. Unicode.unpack_graphemes now
implements all the rules listed there, including the ones for extended
grapheme clusters.
I added a new optional test,
test/multibyte_grapheme_break_conformance.rb, that is heavily based on
test/multibyte_normalization_conformance.rb, which runs the Unicode test
suite.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
This test is only testing normalization behavior, not any other Unicode
behaviors.
|
| | | |
| | | |
| | | |
| | | | |
This will make it easier to add the rest of the rules listed in UAX 29.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Add test coverage for ActiveSupport::NumericWithFormat#to_formatted_s
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add a missing require to ActiveSupport::NumericWithFormat
|
| |/ / / / |
|
| | | | | |
|
| | | | |
| | | | |
| | | | | |
It's numeric and the framework is called Action Controller.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Document `Logger#broadcast_messages` option
|
| |/ / / / |
|
| | | | |
| | | | |
| | | | |
| | | | | |
CHANGELOG entry for petabyte and exabyte
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add support for Petabyte and Exabyte in number to human size
|
| | | | | | |
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Fixes LoggerSilence#silence threadsafety
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- uses instance defined level if no custom local log level defined
- Keeps track of local log level per [ thread + object-instance ]
- prevents memory leakage by removing local level hash key/value on #silence method exit
- avoids the use of Thread local variables
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I've worked on a few applications that have gone through the
internationalization process and had issues because they were using
`number_to_currency`. The minute a user is allowed to change their
locale, they can change the price displayed on a page from 10 US dollars
to 10 Mexican Pesos, which is far from the same amount of money.
Unlike other helpers that rely on i18n, `number_to_currency` does not
produce equivalent results when the locale is changed.
As I've explained this to a few groups of developers now, I thought it
might make for a good caveat in the docs.
|
|/ / / /
| | | |
| | | |
| | | | |
[ci skip]
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
During the `5.0.0.beta1` release, the CHANGELOGs got an entry like the
following:
```
* No changes.
```
It is kinda confusing as there are indeed changes after it. Not a
biggie, just a small pass over the CHANGELOGs.
[ci skip]
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[ci skip]
Change output timming of sample code
|