Permalink
Commits on Jun 14, 2012
  1. adding a test for #6459

    tenderlove committed Jun 14, 2012
  2. removes item in the Active Record CHANGELOG

    That change to update_attribute was considered
    to be too subtle and was reverted in 30ea923
    just before Rails 3 shipped. Later we introduced
    update_column (Rails 3.1).
    fxn committed Jun 14, 2012
Commits on Jun 12, 2012
  1. updating changelogs

    tenderlove committed Jun 12, 2012
Commits on Jun 11, 2012
  1. bumping version numbers

    tenderlove committed Jun 11, 2012
  2. Merge branch '3-1-stable-sec' into 3-1-stable-rel

    * 3-1-stable-sec:
      Array parameters should not contain nil values.
      Additional fix for CVE-2012-2661
    tenderlove committed Jun 11, 2012
  3. Change the string to use in test case.

    Conflicts:
    
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    	activerecord/test/cases/adapters/mysql2/schema_test.rb
    kennyj committed with tenderlove Mar 6, 2012
  4. Fix GH #3163. Should quote database on mysql/mysql2.

    Conflicts:
    
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    
    Conflicts:
    
    	activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
    	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
    kennyj committed with tenderlove Mar 3, 2012
Commits on Jun 8, 2012
  1. Additional fix for CVE-2012-2661

    While the patched PredicateBuilder in 3.1.5 prevents a user
    from specifying a table name using the `table.column` format,
    it doesn't protect against the nesting of hashes changing the
    table context in the next call to build_from_hash. This fix
    covers this case as well.
    ernie committed with tenderlove Jun 8, 2012
Commits on May 31, 2012
  1. Merge branch '3-1-rel' into 3-1-stable

    * 3-1-rel:
      bumping to 3.1.5
      updating the CHANGELOG
      bumping to 3.1.5.rc1
    tenderlove committed May 31, 2012
  2. Merge branch '3-1-stable-sec' into 3-1-stable

    * 3-1-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
    tenderlove committed May 31, 2012
  3. bumping to 3.1.5

    tenderlove committed May 31, 2012
  4. updating the CHANGELOG

    tenderlove committed May 31, 2012
  5. Merge branch '3-1-stable-sec' into 3-1-rel

    * 3-1-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
    tenderlove committed May 31, 2012
Commits on May 30, 2012
  1. Strip [nil] from parameters hash.

    Thanks to Ben Murphy for reporting this!
    
    CVE-2012-2660
    tenderlove committed May 30, 2012
  2. predicate builder should not recurse for determining where columns.

    Thanks to Ben Murphy for reporting this
    
    CVE-2012-2661
    tenderlove committed May 30, 2012
Commits on May 29, 2012
  1. Merge pull request #6532 from freerange/3-1-stable-minitest-passthrou…

    …gh-exceptions
    
    Exceptions like Interrupt should not be rescued in tests.
    rafaelfranca committed May 29, 2012
  2. Exceptions like Interrupt should not be rescued in tests.

    This is a back-port of rails/rails#6525. See the commit notes there for
    details.
    floehopper committed May 29, 2012
Commits on May 28, 2012
  1. bumping to 3.1.5.rc1

    tenderlove committed May 28, 2012
Commits on May 13, 2012
  1. Merge pull request #3237 from sakuro/data-url-scheme

    Support data: url scheme
    rafaelfranca committed May 13, 2012
  2. Merge pull request #6300 from guilleiguaran/upgrade-sprockets-3-1-stable

    Upgrade sprockets to 2.0.4
    spastorino committed May 13, 2012
  3. Upgrade sprockets to 2.0.4

    guilleiguaran committed May 13, 2012
Commits on May 11, 2012
  1. Merge pull request #6263 from arunagw/3-1-stable

    3 1 stable
    spastorino committed May 11, 2012
  2. Merge pull request #6261 from carlosantoniodasilva/fix-build-3-1

    Fix build 3-1-stable
    drogus committed May 11, 2012
Commits on May 10, 2012
  1. Refactor the handling of default_url_options in integration tests

    This commit improves the handling of default_url_options in integration
    tests by making behave closer to how a real application operates.
    
    Specifically the following issues have been addressed:
    
    * Options specified in routes.rb are used (fixes #546)
    * Options specified in controllers are used
    * Request parameters are recalled correctly
    * Tests can override default_url_options directly
    pixeltrix committed May 10, 2012
Commits on May 4, 2012
  1. Merge pull request #6152 from route/assets_precompile_task_3_1

    Just cherry-picked fixes for asset precompile for 3-1-stable
    jeremy committed May 4, 2012
Commits on May 2, 2012
  1. Reset the request parameters after a constraints check

    A callable object passed as a constraint for a route may access the request
    parameters as part of its check. This causes the combined parameters hash
    to be cached in the environment hash. If the constraint fails then any subsequent
    access of the request parameters will be against that stale hash.
    
    To fix this we delete the cache after every call to `matches?`. This may have a
    negative performance impact if the contraint wraps a large number of routes as the
    parameters hash is built by merging GET, POST and path parameters.
    
    Fixes #2510.
    (cherry picked from commit 5603050)
    pixeltrix committed May 2, 2012