Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Mar 18, 2013
  1. @sikachu @carlosantoniodasilva
  2. @tenderlove

    bumping to 3.1.12

    tenderlove committed
Commits on Mar 16, 2013
  1. @benmmurphy @tenderlove

    JDOM XXE Protection [CVE-2013-1856]

    benmmurphy committed with tenderlove
Commits on Feb 11, 2013
  1. @tenderlove

    bumping to 3.1.11

    tenderlove committed
Commits on Jan 16, 2013
  1. @carlosantoniodasilva

    Update mocha version to 0.13.0 and change requires

    carlosantoniodasilva committed
  2. @floehopper

    Fix 3-1-stable to work with Mocha >= v0.13.0

    floehopper committed
    A) Update code in ActiveSupport which monkey-patches Test::Unit to
    include Mocha bug fix.
    A bug was fixed [1] in Mocha's integration with Test::Unit, but this
    monkey-patching code was copied before the fix. We need to copy the
    fixed version.
    The bug meant that an unexpected invocation against a mock within the
    teardown method caused a test *error* and not a test *failure*.
    B) Fix for Test::Unit/Mocha compatibility.
    Mocha is now using a single AssertionCounter which needs a reference to
    the testcase as opposed to the result.
    This change is an unfortunate consequence of the copying of a chunk of
    Mocha's internal code in order to monkey-patch Test::Unit.
    C) Avoid a Mocha deprecation warning.
Commits on Jan 9, 2013
  1. @jeremy

    Merge pull request #5896 from sferik/revert_5861

    jeremy committed with Alex Riedler
    Revert #5861. Feature-detect which MultiJson API to use.
    This backports multi_json version depedency changes as applied.
    Rationale: #5861
    Patch by sferik
Commits on Jan 8, 2013
  1. @tenderlove

    bumping version

    tenderlove committed
  2. @jeremy @tenderlove
Commits on Dec 23, 2012
  1. @tenderlove

    bumping version to 3.1.9

    tenderlove committed
Commits on Aug 15, 2012
  1. @rafaelfranca
Commits on Aug 9, 2012
  1. @spastorino

    Bump to 3.1.8

    spastorino committed
Commits on Aug 7, 2012
  1. @spastorino
Commits on Jul 26, 2012
  1. @tenderlove

    bumping to 3.1.7

    tenderlove committed
Commits on Jun 11, 2012
  1. @tenderlove

    bumping version numbers

    tenderlove committed
Commits on May 31, 2012
  1. @tenderlove

    Merge branch '3-1-rel' into 3-1-stable

    tenderlove committed
    * 3-1-rel:
      bumping to 3.1.5
      updating the CHANGELOG
      bumping to 3.1.5.rc1
  2. @tenderlove

    bumping to 3.1.5

    tenderlove committed
Commits on May 29, 2012
  1. @floehopper

    Exceptions like Interrupt should not be rescued in tests.

    floehopper committed
    This is a back-port of rails/rails#6525. See the commit notes there for
Commits on May 28, 2012
  1. @tenderlove

    bumping to 3.1.5.rc1

    tenderlove committed
Commits on May 11, 2012
  1. @carlosantoniodasilva
Commits on Apr 30, 2012
  1. @IamNaN @pixeltrix

    Correcting some confusion. Pago Pago is part of American Samoa, not S…

    IamNaN committed with pixeltrix
    Further, Samoa and Tokelau jumped across the IDL from Dec 29 to Dec 31, 2011
    switching from UTC-11 to UTC+13. American Samoa did not make the change and
    remains at UTC-11. Pacific/Fakaofo and Pacific/Apia are in TZInfo and
    documentation about the dateline change is in austalasia at IANA.
    (cherry picked from commit 5fe88b1)
Commits on Mar 7, 2012
  1. @jeremy @kennyj

    Use 1.9 native XML escaping to speed up html_escape and shush regexp …

    jeremy committed with kennyj
            length      user     system      total        real
    before  6      0.010000   0.000000   0.010000 (  0.012378)
    after   6      0.010000   0.000000   0.010000 (  0.012866)
    before  60     0.040000   0.000000   0.040000 (  0.046273)
    after   60     0.040000   0.000000   0.040000 (  0.036421)
    before  600    0.390000   0.000000   0.390000 (  0.390670)
    after   600    0.210000   0.000000   0.210000 (  0.209094)
    before  6000   3.750000   0.000000   3.750000 (  3.751008)
    after   6000   1.860000   0.000000   1.860000 (  1.857901)
Commits on Mar 2, 2012
  1. @carlosantoniodasilva @drogus

    Stop SafeBuffer#clone_empty from issuing warnings

    carlosantoniodasilva committed with drogus
    Logic in clone_empty method was dealing with old @dirty variable, which
    has changed by @html_safe in this commit:
    This was issuing a "not initialized variable" warning - related to:
    The logic applied by this method is already handled by the [] override,
    so there is no need to reset the variable here.
Commits on Mar 1, 2012
  1. @tenderlove

    Merge branch '3-1-4' into 3-1-stable

    tenderlove committed
    * 3-1-4:
      bumping to 3.1.4
      Ensure [] respects the status of the buffer.
      updating RAILS_VERSION
      use AS::SafeBuffer#clone_empty for flushing the output_buffer
      add AS::SafeBuffer#clone_empty
      fix output safety issue with select options
  2. @tenderlove

    bumping to 3.1.4

    tenderlove committed
  3. @tenderlove

    Merge branch '3-1-stable-security' into 3-1-4

    tenderlove committed
    * 3-1-stable-security:
      Ensure [] respects the status of the buffer.
      use AS::SafeBuffer#clone_empty for flushing the output_buffer
      add AS::SafeBuffer#clone_empty
      fix output safety issue with select options
  4. @arunagw
  5. @josevalim @tenderlove
Commits on Feb 27, 2012
  1. @tenderlove

    Merge pull request #5179 from RalphShnelvar/Binary_mode_Window_bug

    tenderlove committed
    Binary mode window bug
Commits on Feb 22, 2012
  1. @tenderlove

    updating RAILS_VERSION

    tenderlove committed
Commits on Feb 21, 2012
  1. @amatsuda @tenderlove

    add AS::SafeBuffer#clone_empty

    amatsuda committed with tenderlove
Commits on Jan 24, 2012
  1. @tenderlove

    Merge pull request #4514 from brainopia/update_timezone_offets

    tenderlove committed
    Update time zone offset information
Commits on Dec 8, 2011
  1. @josevalim

    Remove NilClass whiners feature.

    josevalim committed
    Removing this feature causes boost in performance when using Ruby 1.9.
    Ruby 1.9 started to do implicit conversions using `to_ary` and `to_str`
    in some STDLIB methods (like Array#join). To do such implicit conversions,
    Ruby 1.9 always dispatches the method and rescues the NoMethodError exception
    in case one is raised.
    Therefore, since the whiners feature defined NilClass#method_missing, such
    implicit conversions for nil became much, much slower. In fact, just defining
    NilClass#method_missing (even without the whiners feature) already causes a
    massive slow down. Here is a snippet that shows such slow down:
        require "benchmark"
        Benchmark.realtime { 1_000.times { [nil,nil,nil].join } }
        class NilClass
          def method_missing(*args)
            raise NoMethodError
        Benchmark.realtime { 1_000.times { [nil,nil,nil].join } }
Commits on Dec 3, 2011
  1. @jenseng @josevalim

    Restore performance of ERB::Util.html_escape

    jenseng committed with josevalim
    Revert html_escape to do a single gsub again, but add the "n" flag (no
    language, i.e. not multi-byte) to protect against XSS via invalid utf8
    Signed-off-by: José Valim <>
Commits on Nov 22, 2011
  1. @vijaydev

    caching 'false' properly

    vijaydev committed
Something went wrong with that request. Please try again.