Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

4.2 stable #78

Merged
merged 11 commits into from Apr 1, 2019

Conversation

Projects
None yet
1 participant
@tvdeyen
Copy link
Member

commented Apr 1, 2019

Updates for Alchemy 4.2

tvdeyen added some commits Apr 1, 2019

Use at least Devise 4.6 for security patch
Devise ruby gem before 4.6.0 when the lockable module is used is vulnerable to a time-of-check time-of-use (TOCTOU) race condition due to increment_failed_attempts within the `Devise::Models::Lockable` class not being concurrency safe.
Update default config for devise 4.6
Nothing changed, just updated to keeop up with the defaults.
Don't require rails test/unit support
We use RSpec to test, no need to require it. Fixes

    invalid option: --pattern

output appearing at end of tests.
Do not use deprecated per_page_value_for_screen_size
Use the screen size independent items_per_page instead.
Do not store screensize at login
This feature has been deprecated in Alchemy 4.2

@tvdeyen tvdeyen force-pushed the tvdeyen:4.2-stable branch from 4d08e77 to bb2a50c Apr 1, 2019

@tvdeyen tvdeyen merged commit 44d5b57 into AlchemyCMS:master Apr 1, 2019

2 checks passed

Hakiri No security warnings were found.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@tvdeyen tvdeyen deleted the tvdeyen:4.2-stable branch Apr 1, 2019

tvdeyen added a commit that referenced this pull request Apr 1, 2019

v4.2.0
- Do not store screen size at login [#78](#78) ([tvdeyen](https://github.com/tvdeyen))
- Security: Use at least Devise 4.6 [#78](#78) ([tvdeyen](https://github.com/tvdeyen))
- Fix dummy app rails version [#76](#76) ([tvdeyen](https://github.com/tvdeyen))
- Fix translation key on user admin page [#75](#75) ([mamhoff](https://github.com/mamhoff))

@tvdeyen tvdeyen referenced this pull request Apr 1, 2019

Merged

v4.2.0 #79

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.