-
Notifications
You must be signed in to change notification settings - Fork 646
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependence on rails 3.0.3 is a problem for the new 3.0.4 security release #44
Comments
+1 Gems shouldn't declare a hard dependency like that. Unnecessary and annoying! |
+1 This change would be really helpful. |
+1 This change would be extremely helpful here too. |
+1 here too |
+1 as well. |
+1 I was hoping to try this out, but I can't because I have Rails 3.0.4 |
Fixed this guys, and pushed 2.0.0.rc7 to rubygems.org. I know hard dependencies are an issue, but we need to tread lightly with this gem since we mimic some deep ActiveRecord magic in the code used to rebuild past revisions. The 3.0.4 ActiveRecord release had indeed changed some internals which caused AAA to break. I've updated and ensured the behavior is consistent for 3.0.3 & 3.0.4. Unfortunately we can't make any guarantees for 3.0.5 releases at this point in time. Cheers ! |
Fix for incorrect aliasing
Rails 3.0.4 was released to fix a couple of security issues. acts_as_audited declares 3.0.3 as a dependency can this be changed to >=3.0.3 if 3.0.3 minimum is actually required or ~> 3.0 if just rails 3 is required
The text was updated successfully, but these errors were encountered: