| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | |
| | |
| | |
| | | |
StrongParameters protection
|
| | |
| | |
| | |
| | | |
attributes list isn't given
|
| | |
| | |
| | |
| | | |
reference from abstract_unit
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
permissible params
|
| | |
| | |
| | |
| | | |
mass_assignment_sanitizers
|
|\ \ \
| | | |
| | | | |
week_start option added to rails app config
|
| | | |
| | | |
| | | |
| | | | |
option added (default is Monday)
|
|/ / / |
|
|/ / |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
I found them when I was running
warning mode on with railties
See https://github.com/rails/rails/pull/3782
|
| | |
|
|\ \
| | |
| | | |
Implement :null_session CSRF protection method
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It's further work on CSRF after 245941101b1ea00a9b1af613c20b0ee994a43946.
The :null_session CSRF protection method provide an empty session during
request processing but doesn't reset it completely (as :reset_session
does).
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Users of other SCM's can now generate rails
apps that will add the "empty" directories to source control,
but will not have a useless .gitignore or mis-named .gitkeep
files.
* Change `rails new` and `rails plugin new` generators to name
the `.gitkeep` as `.keep` in a more SCM-agnostic way.
* Change `--skip-git` option to only skip the `.gitignore` file
and still generate the `.keep` files.
* Add `--skip-keeps` option to skip the `.keep` files.
It closes #2800.
|
| | |
| | |
| | |
| | | |
default is the SynchronousQueue.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This allow the users to do:
config.action_mailer.queue = MyQueue.new
and
class UsersMailer < ActionMailer::Base
self.queue = MyQueue.new
end
|
| | |
| | |
| | |
| | |
| | | |
We should not let the users use the ThreadedConsumer without know about
the risks
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- added tests to confirm establish_connection uses DATABASE_URL and
Rails.env correctly even when no arguments are passed in.
- updated rake db tasks to support DATABASE_URL, and added tests to
confirm correct behavior for these rake tasks. (Removed
establish_connection call from some tasks since in those cases
the :environment task already made sure the function would be called)
- updated Resolver so that when it resolves the database url, it
removes hash values with empty strings from the config spec (e.g.
to support connection to postgresql when no username is specified).
|
|/ / |
|
|\ \
| | |
| | | |
Have rails dbconsole pass sslca to the mysql command line client.
|
| | | |
|
|/ /
| |
| |
| | |
We should show to user original issue if rake task will be aborted.
|
|/ |
|
|
|
|
| |
move validation to AR
|
|
|
|
|
|
|
| |
The app generator is not generally run under bundler, but the Bundler
constant is used here.
In particular you cannot create --dev apps without this.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Option to run `bundle install` after generating new appplication was
added recently to rails. Since introduction, it contained a subtle bug
that caused it to use `Gemfile` from current directory (if it exists)
rather than from generated directory. This also accidentaly caused
railties tests to work without any problems - after generating test app
it just used `Gemfile` from the repository, rather than the one in
generated app. After fixing the bug mentioned above, this of course
broke. The easiest way to bypass that is to not generate a `Gemfile` for
test application - with such setup Bundler will just use first available
`Gemfile` in one of the parent directories.
|
| |
|
|
|
|
|
|
|
|
| |
The cause of the previous revert was bug in bundler that made it hard to
make railties test work. Fix for bundler was recently pushed to github,
so now we can safely get back to the original commit.
This reverts commit 0f5cc34ab58cda99d1401ecc82e1ebb873838dd7.
|
|
|
|
|
|
|
|
|
|
| |
Changes in old branches needed to be manually synched in CHANGELOGs of newer ones.
This has proven to be brittle, sometimes one just forgets this manual step.
With this commit we switch to CHANGELOGs per branch. When a new major version is
cut from master, the CHANGELOGs in master start being blank.
A link to the CHANGELOG of the previous branch allows anyone interested to
follow the history.
|
| |
|
| |
|
|
|
|
|
|
|
| |
When running `rails generate controller --help` an example
with creating a (singular) "CreditCard" controller is
shown. The convention is to generate controllers with plural
names though.
|
|
|
|
|
|
| |
Tell people to install `activerecord-session_store` gem when it's not
installed instead ofraising `NameError` on missing
`ActionDispatch::Session::ActiveRecordStore`.
|
| |
|
|
|
|
|
| |
This functionality will be available from gem
`active_record-session_store` instead.
|
|
|
|
|
|
|
| |
The reason the test was failing was because when the test
invokes `app.config`, the app is loaded and, as `eager_load`
is set to true, it disables the dependency loading mechanism,
so controllers that are later defined are not loaded.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
These tests rely on "make_basic_app", which is a faster version that
does not need to create the whole app directory structure.
|
|
|
|
| |
Avoid output with config option not set when running some tests.
|
|\
| |
| | |
Improve eager load on Rails
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
The new option allows any Ruby namespace to be registered and set
up for eager load. We are effectively exposing the structure existing
in Rails since v3.0 for all developers in order to make their applications
thread-safe and CoW friendly.
|