Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Aug 16, 2011
  1. @tenderlove
  2. @tenderlove
  3. @tenderlove
  4. @tenderlove

    2.3.14. yay. :'(

    tenderlove authored
  5. @tenderlove

    bumping to 2.3.13

    tenderlove authored
  6. @tenderlove
  7. @tenderlove
Commits on Aug 4, 2011
  1. @tenderlove
Commits on Jul 27, 2011
  1. @fxn

    contrib app minor tweak

    fxn authored
Commits on Jun 17, 2011
  1. @josevalim

    Merge pull request #1740 from Antiarchitect/2-3-stable

    josevalim authored
    Fix OrderedHash merging with block given.
  2. @Antiarchitect
Commits on Jun 16, 2011
  1. @Antiarchitect
Commits on Jun 9, 2011
  1. @bcardarella @tenderlove

    Remove deprecation warning for ActiveRecord::Errors#generate_message.…

    bcardarella authored tenderlove committed
    … This is the same API that ActiveModel ended up using and that won't be changing.
Commits on Jun 7, 2011
  1. @tenderlove
Commits on May 25, 2011
  1. @zenspider

    + Switched to newer rdoc and gem package tasks (and their requires).

    zenspider authored
    + Fixed deprecated usage in gemspecs.
    Bumped the version to 2.3.12 so I could test locally with actual
    installs. If this is bad form for this project, please beat me up and
    I'll split them out.
Commits on May 12, 2011
  1. @zenspider

    Removed the bulk of the deprecations by simply not calling refresh.

    zenspider authored
    This may cause problems. I dunno.
    The real solution is to get rid of all of this mess and use gem paths properly.
  2. @zenspider

    Fixed buggy gem activation. Don't pass a dependency to gem, pass the

    zenspider authored
    name and requirement. Better, just activate the spec for the
    dependency (1.8 only)
  3. @zenspider

    Removed buggy GemDependency#requirement override. Overrides should NE…

    zenspider authored
    …VER change the semantics of the parent (returning nil if default).
  4. @zenspider
  5. @zenspider
Commits on Apr 28, 2011
  1. @josevalim

    Merged pull request #198 from robdimarco/2-3-stable.

    josevalim authored
    Patch for issue 6440 - Session Reset undefined method `destroy' for {}:Hash
  2. @josevalim

    Merged pull request #331 from daphonz/2-3-stable.

    josevalim authored
    Dynamic find_or_create_by_x_and_y always creates new records in Rails 2.3.11
  3. @daphonz

    Fixing dynamic finders on associations to properly send arguments to …

    daphonz authored
    …the find_by_* method. Closes issue #330.
    Commit fdfc8e3 introduced a bugfix to prevent additional values passed
    to a dynamic find_or_create_by_x methods from confusing the finder.
    This patch also broke the essential behavior of this method on an
    association by incorrectly sending arguments to the find_by_x methods.
    The finder method would always see its inputs as a single array of
    values instead of individual arguments, almost guaranteeing that the
    finder call would be incorrect, and that we'd always create a new
    record instead.
    This patch adds a splat operator to the parameter array we send along to
    the dynamic finder so that it receives its inputs correctly, and
    includes an additional test to ensure that repeated calls to
    find_or_create_by_x only creates one new record.
Commits on Apr 14, 2011
  1. @gmarik @josevalim

    respect :expire_after option

    gmarik authored josevalim committed
    - it was broken after
    - there's also
    - also: maybe it worth making Rack understand :expire_after as we
    duplicate same logic in [cookie_store](
    Signed-off-by: José Valim <>
Commits on Mar 1, 2011
  1. @robdimarco
  2. @robdimarco
Commits on Feb 20, 2011
  1. @vijaydev @spastorino

    fix incorrect version in deprecation message

    vijaydev authored spastorino committed
    Signed-off-by: Santiago Pastorino <>
Commits on Feb 9, 2011
  1. @tenderlove
Commits on Feb 8, 2011
  1. @NZKoz

    Prepare for the 2.3.11 release

    NZKoz authored
  2. @NZKoz

    Change the CSRF whitelisting to only apply to get requests

    NZKoz authored
    Unfortunately the previous method of browser detection and XHR whitelisting is unable to prevent requests issued from some Flash animations and Java applets.  To ease the work required to include the CSRF token in ajax requests rails now supports providing the token in a custom http header:
     X-CSRF-Token: ...
    This fixes CVE-2011-0447
  3. @NZKoz

    Be sure to javascript_escape the email address to prevent apostrophes…

    NZKoz authored
    … inadvertently causing javascript errors.
    This fixes CVE-2011-0446
Commits on Feb 1, 2011
  1. @tenderlove

    fixing invalid yaml [#4418 state:resolved]

    tenderlove authored
    Signed-off-by: Jeremy Kemper <>
Commits on Jan 19, 2011
  1. @jamis

    Revert "make TestCaseTest work for pre-1.9 rubies, too"

    jamis authored
    This reverts commit 8378a44.
  2. @jamis
  3. @jamis

    Revert "rein in GC during tests by making them run (at most) once per…

    jamis authored
    … second"
    This reverts commit a0c761d.
Something went wrong with that request. Please try again.