Skip to content
Commits on Jan 25, 2016
  1. @tenderlove

    bumping version

    tenderlove committed
Commits on Jun 16, 2015
  1. @rafaelfranca
Commits on Nov 16, 2014
  1. @tenderlove

    bumping version for relesase

    tenderlove committed
Commits on Oct 29, 2014
  1. @tenderlove

    bumping version to 3.2.20

    tenderlove committed
Commits on Jul 2, 2014
  1. @rafaelfranca
Commits on May 6, 2014
  1. @rafaelfranca
Commits on Feb 18, 2014
  1. @rafaelfranca
Commits on Dec 3, 2013
  1. @tenderlove

    updating the changelog

    tenderlove committed
Commits on Oct 15, 2013
  1. @tenderlove

    bumping to 3.2.15

    tenderlove committed
Commits on Oct 11, 2013
  1. @tenderlove

    bumping to rc3

    tenderlove committed
Commits on Oct 4, 2013
  1. @tenderlove

    bumping to rc2

    tenderlove committed
Commits on Oct 3, 2013
  1. @tenderlove
Commits on Jul 22, 2013
  1. @rafaelfranca
Commits on Jul 16, 2013
  1. @rafaelfranca
Commits on Jul 13, 2013
  1. @rafaelfranca
Commits on Mar 18, 2013
  1. @tenderlove

    bumping to 3.2.13

    tenderlove committed
Commits on Mar 6, 2013
  1. @tenderlove

    bumping to rc2

    tenderlove committed
Commits on Feb 27, 2013
  1. @steveklabnik
Commits on Feb 11, 2013
  1. @tenderlove

    Merge branch '3-2-sec' into 3-2-stable

    tenderlove committed
    * 3-2-sec:
      bumping version
      remove ruby-prof
      Fix issue with attr_protected where malformed input could circumvent protection
      fixing call to columns hash. run the damn tests when you backport!
      Bump rack dependency to 1.4.5
      Merge pull request #9224 from dylanahsmith/bigdecimal-takes-string
      Merge pull request #9208 from dylanahsmith/3-2-mysql-quote-numeric
    
    Conflicts:
    	Gemfile
    	activerecord/CHANGELOG.md
  2. @tenderlove

    bumping version

    tenderlove committed
Commits on Feb 10, 2013
  1. @joernchen @tenderlove

    Fix issue with attr_protected where malformed input could circumvent

    joernchen committed with tenderlove
    protection
    
    Fixes: CVE-2013-0276
Commits on Jan 8, 2013
  1. @tenderlove

    Merge branch '3-2-sec' into 3-2-secmerge

    tenderlove committed
    * 3-2-sec:
      bumping version
      CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
      * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
      Avoid Rack security warning no secret provided
    
    Conflicts:
    	actionpack/CHANGELOG.md
    	activerecord/CHANGELOG.md
    	activesupport/CHANGELOG.md
  2. @tenderlove

    bumping version

    tenderlove committed
Commits on Jan 3, 2013
  1. @miguelff

    Merge tag 'v3.2.10' into 3-2-stable

    miguelff committed
    Latest released tag was not fully merged into the stable branch (missed version bumping)
Commits on Dec 23, 2012
  1. @tenderlove

    bumping version to 3.2.10

    tenderlove committed
Commits on Dec 3, 2012
  1. @hsbt
Commits on Nov 29, 2012
  1. @rafaelfranca

    Merge pull request #8352 from steveklabnik/update_7858

    rafaelfranca committed
    Specify type of singular assication during serialization
    Conflicts:
    	activemodel/CHANGELOG.md
    	activemodel/test/cases/serializers/xml_serialization_test.rb
Commits on Nov 12, 2012
  1. @spastorino

    Bump to 3.2.9

    spastorino committed
Commits on Nov 9, 2012
  1. @spastorino

    Bump up to 3.2.9.rc3

    spastorino committed
Commits on Nov 1, 2012
  1. @spastorino

    Bump to 3.2.9.rc2

    spastorino committed
Commits on Oct 29, 2012
  1. @spastorino

    Bump to 3.2.9.rc1

    spastorino committed
Commits on Oct 27, 2012
  1. @jeremy @rafaelfranca

    Merge pull request #8038 from frodsan/fix_am_serializers_xml_dependency

    jeremy committed with rafaelfranca
    Fix AM::Serializers::Xml dependency
Commits on Oct 18, 2012
  1. @senny
Commits on Aug 9, 2012
  1. @spastorino

    Bump to 3.2.8

    spastorino committed
Commits on Aug 3, 2012
  1. @spastorino

    Bump to 3.2.8.rc2

    spastorino committed
Something went wrong with that request. Please try again.