| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Abstract boolean serialization has been using 't' and 'f', with MySQL
overriding that to use 1 and 0.
This has the advantage that SQLite natively recognizes 1 and 0 as true
and false, but does not natively recognize 't' and 'f'.
This change in serialization requires a migration of stored boolean data
for SQLite databases, so it's implemented behind a configuration flag
whose default false value is deprecated. The flag itself can be
deprecated in a future version of Rails. While loaded models will give
the correct result for boolean columns without migrating old data,
where() clauses will interact incorrectly with old data.
While working in this area, also change the abstract adapter to use
`"TRUE"` and `"FALSE"` as quoted values and `true` and `false` for
unquoted. These are supported by PostreSQL, and MySQL remains
overriden.
|
|\
| |
| | |
Default protect from forgery
|
| |
| |
| |
| |
| |
| |
| |
| | |
Rather than protecting from forgery in the generated
ApplicationController, add it to ActionController::Base by config. This
configuration defaults to false to support older versions which have
removed it from their ApplicationController, but is set to true for
Rails 5.2.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By making the Rails minitest behave like a standard minitest plugin
we're much more likely to not break when people use other minitest
plugins. Like minitest-focus and pride.
To do this, we need to behave like minitest: require files up front
and then perform the plugin behavior via the at_exit hook.
This also saves us a fair bit of wrangling with test file loading.
Finally, since the environment and warnings options have to be applied
as early as possible, and since minitest loads plugins at_exit, they
have to be moved to the test command.
* Don't expect the root method.
It's likely this worked because we eagerly loaded the Rails minitest plugin
and that somehow defined a root method on `Rails`.
* Assign a backtrace to failed exceptions.
Otherwise Minitest pukes when attempting to filter the backtrace (which
Rails' backtrace cleaner then removes).
Means the exception message test has to be revised too.
This is likely caused by the rails minitest plugin now being loaded for
these tests and assigning a default backtrace cleaner.
|
|\
| |
| | |
Treat secrets as binary
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Until Rails 5.1.1 secrets was treated as binary inside Rails.
https://github.com/rails/rails/blob/v5.1.1/railties/lib/rails/secrets.rb#L59
https://github.com/rails/rails/blob/v5.1.1/railties/lib/rails/secrets.rb#L63
However, it is treated as String in Rails 5.1.2(changed by 157db872103429e8782b62d1cb5d1d91337177a7).
https://github.com/rails/rails/blob/v5.1.2/railties/lib/rails/secrets.rb#L104
https://github.com/rails/rails/blob/v5.1.2/railties/lib/rails/secrets.rb#L108
As a result, when upgrading from Rails 5.1.1 to 5.1.2, to write the value
treated as binary using `File.write`, causing an error.
In order to avoid `UndefinedConversionError`, fixed it to treat it as
binary like 5.1.1.
Fixes #29696
|
|/
|
|
|
|
|
|
|
| |
Currently the environment file is not loaded in `dbconsole` command.
Therefore, for example, if use encrypted secrets values in database.yml,
`read_encrypted_secrets` will not be true, so the value can not be
used correctly.
Fixes #29717
|
|\
| |
| | |
Add `rails secrets:show` command
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When secrets confirmed with the `secrets:edit` command, `secrets.yml.enc`
will change without updating the secrets.
Therefore, even if only want to check secrets, the difference will come
out. This is a little inconvenient.
In order to solve this problem, added the `secrets:show` command.
If just want to check secrets, no difference will occur use this command.
|
|\ \
| | |
| | | |
Do not update `secrets.yml.enc` when secretes do not change
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, if open a file with `secrets:edit` command, `secrets.yml.enc`
will be changed even if its contents do not change.
Therefore, even if only want to check secrets, the difference will come
out. This is a little inconvenient.
As a fix to the above problem, when content does not change,
`secrets.yml.ecn` is fixed so that it is not changed.
|
|/ |
|
| |
|
|\
| |
| |
| | |
Fix Parameters configuration integration tests
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These tests relied on `ActionController::Parameters` being configured as
part of the boot process; since that now happens lazily we need to force
`ActionController::Base` to load so that we can test the behaviour.
The new tests added here ensure that `ActionController::Parameters` can
be configured from an initializer, which was broken until recently.
|
|/
|
|
|
|
|
| |
Now that the parameters configurations are only loaded when
ActionController::Base is we need to foce them to load in our tests. In
an application this is not needed since every request already load the
controllers.
|
|
|
|
| |
It is covered by following assertion.
|
| |
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
|\
| |
| |
| | |
Enforce frozen string in Rubocop
|
| | |
|
|\ \
| | |
| | | |
Clear screenshots files in `tmp:clear` task
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
If system test fails, it creates screenshot under `tmp/screenshots`.
https://github.com/rails/rails/blob/34fe2a4fc778d18b7fe6bdf3629c1481bee789b9/actionpack/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb#L45
But currently, screenshot files is not cleared by `tmp:clear` task.
This patch make clears screenshot files with `tmp:clear` task as well
as other tmp files.
|
|\ \
| |/
|/| |
Add system tests to generate scaffold
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `capify` command has been removed by Capistrano 3 and became to
`cap install`.
Therefore, the `capify!` method has no meaning in Capistrano 3.
I think that should deprecate.
Ref: https://github.com/capistrano/capistrano/commit/492793916acf32ffe1604daec6fd4892c8935018
|
|/ |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Correctly set user_supplied_options when there is no whitespace in option specification
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
specification
Current `user_supplied_options` method can not set the value correctly
if there is no space between option and value (e.g., `-p9000`).
This makes it possible to set the value correctly in the case like the above.
Fixes #29138
|
|\ \
| | |
| | | |
AEAD encrypted cookies and sessions
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit changes encrypted cookies from AES in CBC HMAC mode to
Authenticated Encryption using AES-GCM. It also provides a cookie jar
to transparently upgrade encrypted cookies to this new scheme. Some
other notable changes include:
- There is a new application configuration value:
+use_authenticated_cookie_encryption+. When enabled, AEAD encrypted
cookies will be used.
- +cookies.signed+ does not raise a +TypeError+ now if the name of an
encrypted cookie is used. Encrypted cookies using the same key as
signed cookies would be verified and serialization would then fail
due the message still be encrypted.
|
| |
| |
| |
| |
| | |
The app is booted by then, so there's no need to stash the code away in
some other script.
|
| |
| |
| |
| | |
Fixes #29247
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
singleton (#29180)
* Add ActiveSupport::CurrentAttributes to provide a thread-isolated attributes singleton
* Need to require first
* Move stubs into test namespace.
Thus they won't conflict with other Current and Person stubs.
* End of the line for you, whitespace!
* Support super in attribute methods.
Define instance level accessors in an included module such that
`super` in an overriden accessor works, akin to Active Model.
* Spare users the manual require.
Follow the example of concerns, autoload in the top level Active Support file.
* Add bidelegation support
* Rename #expose to #set. Simpler, clearer
* Automatically reset every instance.
Skips the need for users to actively embed something that resets
their CurrentAttributes instances.
* Fix test name; add tangible name value when blank.
* Try to ensure we run after a request as well.
* Delegate all missing methods to the instance
This allows regular `delegate` to serve, so we don't need bidelegate.
* Properly test resetting after execution cycle.
Also remove the stale puts debugging.
* Update documentation to match new autoreset
|
|\ \
| | |
| | | |
Define path with __dir__
|
| |/
| |
| |
| |
| |
| | |
".. with __dir__ we can restore order in the Universe." - by @fxn
Related to 5b8738c2df003a96f0e490c43559747618d10f5f
|
| | |
|
|/
|
|
|
|
| |
Setup config/secrets.yml.enc with template contents for people to edit.
Then generate encryption key and encrypt the initial secrets.
|
| |
|
|
|
|
| |
Fixes #28988
|
| |
|
| |
|
|
|
|
| |
Fix #28905
|
|\
| |
| | |
Added a shared section to config/database.yml that will be loaded for all envs
|
| |
| |
| |
| | |
environments
|