Merge branch 'master' into adequaterecord

* master: (28 commits)
  move AR length validation tests into separate test-case.
  No need for trailing slash on migration path.
  reset `@arel` when modifying a Relation in place.
  PostgreSQL Timestamps always map to `:datetime`.
  [ci skip] Improve formatting and yml
  Fix a typo in the doc of forty_two AR FinderMethod
  Improve readability of contributing to rails guide. [ci skip]
  Precompile the image we're referencing, too.
  `ActiveRecord::Base.no_touching` no longer triggers callbacks or start empty transactions.
  Fixed an issue with migrating legacy json cookies.
  Correct comment [ci skip]
  Perfer to define methods instead of calling test
  Fix syntax error
  Add CHANGELOG entry for #14757 [ci skip]
  Fix run-on sentences and improve grammar [skip ci]
  Add test for using ActionView::Helpers::FormHelper.label with block and html
  select! renamed to avoid name collision Array#select!
  Rearrange deck chairs on the titanic. Organize connection handling test cases.
  Change favicon_link_tag helper mimetype from image/vnd.microsoft.icon to image/x-icon.
  ActionController::Renderers documentation fix
  ...

actionmailer/lib/action_mailer/base.rb

@@ -154,7 +154,7 @@ module ActionMailer
  # * signup_notification.text.erb
  # * signup_notification.html.erb
  # * signup_notification.xml.builder
  # * signup_notification.yaml.erb
  # * signup_notification.yml.erb
  #
  # Each would be rendered and added as a separate part to the message, with the corresponding content
  # type. The content type for the entire message is automatically set to <tt>multipart/alternative</tt>,
@@ -325,7 +325,7 @@ module ActionMailer
  # directory can be configured using the <tt>preview_path</tt> option which has a default
  # of <tt>test/mailers/previews</tt>:
  #
  #     config.action_mailer.preview_path = "#{Rails.root}/lib/mailer_previews"
  #   config.action_mailer.preview_path = "#{Rails.root}/lib/mailer_previews"
  #
  # An overview of all previews is accessible at <tt>http://localhost:3000/rails/mailers</tt>
  # on a running development server instance.

actionpack/CHANGELOG.md

@@ -1,3 +1,16 @@
*   Fixed an issue with migrating legacy json cookies.

    Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
    cookies are marshal-encoded. This is not the case when `secret_token` is
    used in conjunction with the `:json` or `:hybrid` serializer.

    In those case, when upgrading to use `secret_key_base`, this would cause a
    `TypeError: incompatible marshal file format` and a 500 error for the user.

    Fixes #14774.

    *Godfrey Chan*

*   Make URL escaping more consistent:

    1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers

actionpack/lib/abstract_controller/callbacks.rb

@@ -178,41 +178,35 @@ def _insert_callbacks(callbacks, block = nil)
      # set up before_action, prepend_before_action, skip_before_action, etc.
      # for each of before, after, and around.
      [:before, :after, :around].each do |callback|
        class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1
          # Append a before, after or around callback. See _insert_callbacks
          # for details on the allowed parameters.
          def #{callback}_action(*names, &blk)                                                    # def before_action(*names, &blk)
            _insert_callbacks(names, blk) do |name, options|                                      #   _insert_callbacks(names, blk) do |name, options|
              set_callback(:process_action, :#{callback}, name, options)                          #     set_callback(:process_action, :before, name, options)
            end                                                                                   #   end
          end                                                                                     # end

          alias_method :#{callback}_filter, :#{callback}_action

          # Prepend a before, after or around callback. See _insert_callbacks
          # for details on the allowed parameters.
          def prepend_#{callback}_action(*names, &blk)                                            # def prepend_before_action(*names, &blk)
            _insert_callbacks(names, blk) do |name, options|                                      #   _insert_callbacks(names, blk) do |name, options|
              set_callback(:process_action, :#{callback}, name, options.merge(:prepend => true))  #     set_callback(:process_action, :before, name, options.merge(:prepend => true))
            end                                                                                   #   end
          end                                                                                     # end

          alias_method :prepend_#{callback}_filter, :prepend_#{callback}_action

          # Skip a before, after or around callback. See _insert_callbacks
          # for details on the allowed parameters.
          def skip_#{callback}_action(*names)                                                     # def skip_before_action(*names)
            _insert_callbacks(names) do |name, options|                                           #   _insert_callbacks(names) do |name, options|
              skip_callback(:process_action, :#{callback}, name, options)                         #     skip_callback(:process_action, :before, name, options)
            end                                                                                   #   end
          end                                                                                     # end

          alias_method :skip_#{callback}_filter, :skip_#{callback}_action

          # *_action is the same as append_*_action
          alias_method :append_#{callback}_action, :#{callback}_action  # alias_method :append_before_action, :before_action
          alias_method :append_#{callback}_filter, :#{callback}_action  # alias_method :append_before_filter, :before_action
        RUBY_EVAL
        define_method "#{callback}_action" do |*names, &blk|
          _insert_callbacks(names, blk) do |name, options|
            set_callback(:process_action, callback, name, options)
          end
        end

        alias_method :"#{callback}_filter", :"#{callback}_action"

        define_method "prepend_#{callback}_action" do |*names, &blk|
          _insert_callbacks(names, blk) do |name, options|
            set_callback(:process_action, callback, name, options.merge(:prepend => true))
          end
        end

        alias_method :"prepend_#{callback}_filter", :"prepend_#{callback}_action"

        # Skip a before, after or around callback. See _insert_callbacks
        # for details on the allowed parameters.
        define_method "skip_#{callback}_action" do |*names|
          _insert_callbacks(names) do |name, options|
            skip_callback(:process_action, callback, name, options)
          end
        end

        alias_method :"skip_#{callback}_filter", :"skip_#{callback}_action"

        # *_action is the same as append_*_action
        alias_method :"append_#{callback}_action", :"#{callback}_action"  # alias_method :append_before_action, :before_action
        alias_method :"append_#{callback}_filter", :"#{callback}_action"  # alias_method :append_before_filter, :before_action
      end
    end
  end

actionpack/lib/action_controller/metal/renderers.rb

@@ -42,8 +42,8 @@ def _handle_render_options(options)
      nil
    end

    # Hash of available renderers, mapping a renderer name to its proc.
    # Default keys are <tt>:json</tt>, <tt>:js</tt>, <tt>:xml</tt>.
    # A Set containing renderer names that correspond to available renderer procs.
    # Default values are <tt>:json</tt>, <tt>:js</tt>, <tt>:xml</tt>.
    RENDERERS = Set.new

    # Adds a new renderer to call within controller actions.

actionpack/lib/action_dispatch/middleware/cookies.rb

@@ -176,11 +176,11 @@ def signed_or_encrypted
    module VerifyAndUpgradeLegacySignedMessage
      def initialize(*args)
        super
        @legacy_verifier = ActiveSupport::MessageVerifier.new(@options[:secret_token])
        @legacy_verifier = ActiveSupport::MessageVerifier.new(@options[:secret_token], serializer: NullSerializer)
      end

      def verify_and_upgrade_legacy_signed_message(name, signed_message)
        @legacy_verifier.verify(signed_message).tap do |value|
        deserialize(name, @legacy_verifier.verify(signed_message)).tap do |value|
          self[name] = { value: value }
        end
      rescue ActiveSupport::MessageVerifier::InvalidSignature

actionpack/test/dispatch/cookies_test.rb

@@ -681,6 +681,123 @@ def test_legacy_signed_cookie_is_read_and_transparently_encrypted_by_encrypted_c
    assert_equal 'bar', encryptor.decrypt_and_verify(@response.cookies["foo"])
  end

  def test_legacy_json_signed_cookie_is_read_and_transparently_upgraded_by_signed_json_cookie_jar_if_both_secret_token_and_secret_key_base_are_set
    @request.env["action_dispatch.cookies_serializer"] = :json
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"

    legacy_value = ActiveSupport::MessageVerifier.new("b3c631c314c0bbca50c1b2843150fe33", serializer: JSON).generate(45)

    @request.headers["Cookie"] = "user_id=#{legacy_value}"
    get :get_signed_cookie

    assert_equal 45, @controller.send(:cookies).signed[:user_id]

    key_generator = @request.env["action_dispatch.key_generator"]
    secret = key_generator.generate_key(@request.env["action_dispatch.signed_cookie_salt"])
    verifier = ActiveSupport::MessageVerifier.new(secret, serializer: JSON)
    assert_equal 45, verifier.verify(@response.cookies["user_id"])
  end

  def test_legacy_json_signed_cookie_is_read_and_transparently_encrypted_by_encrypted_json_cookie_jar_if_both_secret_token_and_secret_key_base_are_set
    @request.env["action_dispatch.cookies_serializer"] = :json
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"
    @request.env["action_dispatch.encrypted_cookie_salt"] = "4433796b79d99a7735553e316522acee"
    @request.env["action_dispatch.encrypted_signed_cookie_salt"] = "00646eb40062e1b1deff205a27cd30f9"

    legacy_value = ActiveSupport::MessageVerifier.new("b3c631c314c0bbca50c1b2843150fe33", serializer: JSON).generate('bar')

    @request.headers["Cookie"] = "foo=#{legacy_value}"
    get :get_encrypted_cookie

    assert_equal 'bar', @controller.send(:cookies).encrypted[:foo]

    key_generator = @request.env["action_dispatch.key_generator"]
    secret = key_generator.generate_key(@request.env["action_dispatch.encrypted_cookie_salt"])
    sign_secret = key_generator.generate_key(@request.env["action_dispatch.encrypted_signed_cookie_salt"])
    encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: JSON)
    assert_equal 'bar', encryptor.decrypt_and_verify(@response.cookies["foo"])
  end

  def test_legacy_json_signed_cookie_is_read_and_transparently_upgraded_by_signed_json_hybrid_jar_if_both_secret_token_and_secret_key_base_are_set
    @request.env["action_dispatch.cookies_serializer"] = :hybrid
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"

    legacy_value = ActiveSupport::MessageVerifier.new("b3c631c314c0bbca50c1b2843150fe33", serializer: JSON).generate(45)

    @request.headers["Cookie"] = "user_id=#{legacy_value}"
    get :get_signed_cookie

    assert_equal 45, @controller.send(:cookies).signed[:user_id]

    key_generator = @request.env["action_dispatch.key_generator"]
    secret = key_generator.generate_key(@request.env["action_dispatch.signed_cookie_salt"])
    verifier = ActiveSupport::MessageVerifier.new(secret, serializer: JSON)
    assert_equal 45, verifier.verify(@response.cookies["user_id"])
  end

  def test_legacy_json_signed_cookie_is_read_and_transparently_encrypted_by_encrypted_hybrid_cookie_jar_if_both_secret_token_and_secret_key_base_are_set
    @request.env["action_dispatch.cookies_serializer"] = :hybrid
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"
    @request.env["action_dispatch.encrypted_cookie_salt"] = "4433796b79d99a7735553e316522acee"
    @request.env["action_dispatch.encrypted_signed_cookie_salt"] = "00646eb40062e1b1deff205a27cd30f9"

    legacy_value = ActiveSupport::MessageVerifier.new("b3c631c314c0bbca50c1b2843150fe33", serializer: JSON).generate('bar')

    @request.headers["Cookie"] = "foo=#{legacy_value}"
    get :get_encrypted_cookie

    assert_equal 'bar', @controller.send(:cookies).encrypted[:foo]

    key_generator = @request.env["action_dispatch.key_generator"]
    secret = key_generator.generate_key(@request.env["action_dispatch.encrypted_cookie_salt"])
    sign_secret = key_generator.generate_key(@request.env["action_dispatch.encrypted_signed_cookie_salt"])
    encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: JSON)
    assert_equal 'bar', encryptor.decrypt_and_verify(@response.cookies["foo"])
  end

  def test_legacy_marshal_signed_cookie_is_read_and_transparently_upgraded_by_signed_json_hybrid_jar_if_both_secret_token_and_secret_key_base_are_set
    @request.env["action_dispatch.cookies_serializer"] = :hybrid
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"

    legacy_value = ActiveSupport::MessageVerifier.new("b3c631c314c0bbca50c1b2843150fe33").generate(45)

    @request.headers["Cookie"] = "user_id=#{legacy_value}"
    get :get_signed_cookie

    assert_equal 45, @controller.send(:cookies).signed[:user_id]

    key_generator = @request.env["action_dispatch.key_generator"]
    secret = key_generator.generate_key(@request.env["action_dispatch.signed_cookie_salt"])
    verifier = ActiveSupport::MessageVerifier.new(secret, serializer: JSON)
    assert_equal 45, verifier.verify(@response.cookies["user_id"])
  end

  def test_legacy_marshal_signed_cookie_is_read_and_transparently_encrypted_by_encrypted_hybrid_cookie_jar_if_both_secret_token_and_secret_key_base_are_set
    @request.env["action_dispatch.cookies_serializer"] = :hybrid
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"
    @request.env["action_dispatch.encrypted_cookie_salt"] = "4433796b79d99a7735553e316522acee"
    @request.env["action_dispatch.encrypted_signed_cookie_salt"] = "00646eb40062e1b1deff205a27cd30f9"

    legacy_value = ActiveSupport::MessageVerifier.new("b3c631c314c0bbca50c1b2843150fe33").generate('bar')

    @request.headers["Cookie"] = "foo=#{legacy_value}"
    get :get_encrypted_cookie

    assert_equal 'bar', @controller.send(:cookies).encrypted[:foo]

    key_generator = @request.env["action_dispatch.key_generator"]
    secret = key_generator.generate_key(@request.env["action_dispatch.encrypted_cookie_salt"])
    sign_secret = key_generator.generate_key(@request.env["action_dispatch.encrypted_signed_cookie_salt"])
    encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: JSON)
    assert_equal 'bar', encryptor.decrypt_and_verify(@response.cookies["foo"])
  end

  def test_legacy_signed_cookie_is_treated_as_nil_by_signed_cookie_jar_if_tampered
    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
    @request.env["action_dispatch.secret_key_base"] = "c3b95688f35581fad38df788add315ff"

actionview/CHANGELOG.md

@@ -1,3 +1,18 @@
*   Change `favicon_link_tag` default mimetype from `image/vnd.microsoft.icon` to
    `image/x-icon`.

    Before:
    
        #=> favicon_link_tag 'myicon.ico'
        <link href="/assets/myicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />

    After:

        #=> favicon_link_tag 'myicon.ico'
        <link href="/assets/myicon.ico" rel="shortcut icon" type="image/x-icon" />

    *Geoffroy Lorieux*

*   Remove wrapping div with inline styles for hidden form fields.

    We are dropping HTML 4.01 and XHTML strict compliance since input tags directly

actionview/lib/action_view/helpers/asset_tag_helper.rb

@@ -149,12 +149,12 @@ def auto_discovery_link_tag(type = :rss, url_options = {}, tag_options = {})
      # ==== Options
      #
      # * <tt>:rel</tt>   - Specify the relation of this link, defaults to 'shortcut icon'
      # * <tt>:type</tt>  - Override the auto-generated mime type, defaults to 'image/vnd.microsoft.icon'
      # * <tt>:type</tt>  - Override the auto-generated mime type, defaults to 'image/x-icon'
      #
      # ==== Examples
      #
      #   favicon_link_tag 'myicon.ico'
      #   # => <link href="/assets/myicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
      #   # => <link href="/assets/myicon.ico" rel="shortcut icon" type="image/x-icon" />
      #
      # Mobile Safari looks for a different <link> tag, pointing to an image that
      # will be used if you add the page to the home screen of an iPod Touch, iPhone, or iPad.
@@ -165,7 +165,7 @@ def auto_discovery_link_tag(type = :rss, url_options = {}, tag_options = {})
      def favicon_link_tag(source='favicon.ico', options={})
        tag('link', {
          :rel  => 'shortcut icon',
          :type => 'image/vnd.microsoft.icon',
          :type => 'image/x-icon',
          :href => path_to_image(source)
        }.merge!(options.symbolize_keys))
      end

actionview/lib/action_view/helpers/form_helper.rb

@@ -746,6 +746,7 @@ def fields_for(record_name, record_object = nil, options = {}, &block)
      #   label(:post, :terms) do
      #     'Accept <a href="/terms">Terms</a>.'.html_safe
      #   end
      #   # => <label for="post_terms">Accept <a href="/terms">Terms</a>.</label>
      def label(object_name, method, content_or_options = nil, options = nil, &block)
        Tags::Label.new(object_name, method, self, content_or_options, options).render(&block)
      end

actionview/test/template/asset_tag_helper_test.rb

@@ -195,9 +195,9 @@ def url_for(*args)
  }

  FaviconLinkToTag = {
    %(favicon_link_tag) => %(<link href="/images/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />),
    %(favicon_link_tag 'favicon.ico') => %(<link href="/images/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />),
    %(favicon_link_tag 'favicon.ico', :rel => 'foo') => %(<link href="/images/favicon.ico" rel="foo" type="image/vnd.microsoft.icon" />),
    %(favicon_link_tag) => %(<link href="/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />),
    %(favicon_link_tag 'favicon.ico') => %(<link href="/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />),
    %(favicon_link_tag 'favicon.ico', :rel => 'foo') => %(<link href="/images/favicon.ico" rel="foo" type="image/x-icon" />),
    %(favicon_link_tag 'favicon.ico', :rel => 'foo', :type => 'bar') => %(<link href="/images/favicon.ico" rel="foo" type="bar" />),
    %(favicon_link_tag 'mb-icon.png', :rel => 'apple-touch-icon', :type => 'image/png') => %(<link href="/images/mb-icon.png" rel="apple-touch-icon" type="image/png" />)
  }

actionview/test/template/form_helper_test.rb

@@ -265,6 +265,13 @@ def test_label_with_block
    )
  end

  def test_label_with_block_and_html
    assert_dom_equal(
      '<label for="post_terms">Accept <a href="/terms">Terms</a>.</label>',
      label(:post, :terms) { 'Accept <a href="/terms">Terms</a>.'.html_safe }
    )
  end

  def test_label_with_block_and_options
    assert_dom_equal(
      '<label for="my_for">The title, please:</label>',

activerecord/CHANGELOG.md

@@ -1,3 +1,43 @@
*   Reset the cache when modifying a Relation with cached Arel.
    Additionally display a warning message to make the user aware.

    *Yves Senn*

*   PostgreSQL should internally use `:datetime` consistently for TimeStamp. Assures
    different spellings of timestamps are treated the same.

    Example:

        mytimestamp.simplified_type('timestamp without time zone')
        # => :datetime
        mytimestamp.simplified_type('timestamp(6) without time zone')
        # => also :datetime (previously would be :timestamp)

    See #14513.

    *Jefferson Lai*

*   `ActiveRecord::Base.no_touching` no longer triggers callbacks or start empty transactions.

    Fixes #14841.

    *Lucas Mazza*

*   Fix name collision with `Array#select!` with `Relation#select!`.

    Fixes #14752.

    *Earl St Sauver*

*   Fixed unexpected behavior for `has_many :through` associations going through a scoped `has_many`.

    If a `has_many` association is adjusted using a scope, and another `has_many :through`
    uses this association, then the scope adjustment is unexpectedly neglected.

    Fixes #14537.

    *Jan Habermann*

*   `@destroyed` should always be set to `false` when an object is duped.

    *Kuldeep Aggarwal*

activerecord/lib/active_record/associations/preloader/association.rb

@@ -119,7 +119,7 @@ def build_scope
          scope.references_values = Array(values[:references]) + Array(preload_values[:references])
          scope.bind_values       = (reflection_binds + preload_binds)

          scope.select!   preload_values[:select] || values[:select] || table[Arel.star]
          scope._select!   preload_values[:select] || values[:select] || table[Arel.star]
          scope.includes! preload_values[:includes] || values[:includes]

          if preload_values.key? :order