Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Jun 16, 2015
  1. @rafaelfranca
  2. @tenderlove @rafaelfranca

    enforce a depth limit on XML documents

    tenderlove authored rafaelfranca committed
    XML documents that are too deep can cause an stack overflow, which in
    turn will cause a potential DoS attack.
    
    CVE-2015-3227
    
    Conflicts:
    	activesupport/lib/active_support/xml_mini.rb
Commits on Jan 29, 2015
  1. @jgeiger

    Fix ruby 2.2 comparable warnings

    jgeiger authored
    Check for correct value type in activerecord/fixtures.rb
    Check that zone can respond to expected values to make the comparison.
Commits on Jan 7, 2015
  1. @rafaelfranca

    Remove hard dependency on test-unit

    rafaelfranca authored
    Instead show a error message asking users to add the gem to their
    Gemfile if test-unit could not be loaded.
Commits on Jan 3, 2015
  1. @tmm1
  2. @vipulnsward @tmm1

    Fix `singleton_class?`

    vipulnsward authored tmm1 committed
    Due to changes from http://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/39628 current `singleton_class?` implementation fails.
    Changed based on reference from http://bugs.ruby-lang.org/issues/7609
    
    Conflicts:
    	activesupport/lib/active_support/core_ext/class/attribute.rb
  3. @tmm1

    fix yaml compat on ruby 2.2

    tmm1 authored
Commits on Dec 23, 2014
  1. @tenderlove @tmm1
  2. @tmm1
Commits on Nov 16, 2014
  1. @tenderlove
Commits on Oct 29, 2014
  1. @tenderlove

    bumping version to 3.2.20

    tenderlove authored
Commits on Jul 2, 2014
  1. @rafaelfranca
Commits on Jun 26, 2014
  1. @rafaelfranca

    Make sure Active Support configurations are applied correctly

    rafaelfranca authored
    Before this patch configuration set using config.active_support
    would not be set.
    
    Closes #15364
Commits on Jun 18, 2014
  1. @guilleiguaran

    Revert "Merge pull request #15794 from vishalzambre/patch-1"

    guilleiguaran authored
    This reverts commit 6d800a9, reversing
    changes made to 6a05129.
    
    We don't apply non-security fixes to 3-2-stable branch!!!
  2. @vishalzambre

    File.exists? is a deprecated name, use File.exist?

    vishalzambre authored
    File.exists? is a deprecated name, use File.exist?
Commits on May 6, 2014
  1. @rafaelfranca
Commits on Feb 18, 2014
  1. @rafaelfranca
Commits on Dec 3, 2013
  1. @tenderlove

    updating the changelog

    tenderlove authored
Commits on Oct 15, 2013
  1. @tenderlove

    bumping to 3.2.15

    tenderlove authored
  2. @tenderlove

    Merge branch '3-2-15' into 3-2-sec

    tenderlove authored
    * 3-2-15:
      bumping to rc3
      Revert "Merge pull request #12413 from arthurnn/inverse_of_on_build"
      Revert "Merge pull request #12443 from arthurnn/add_inverse_of_add_target"
      bumping to rc2
      Merge pull request #12443 from arthurnn/add_inverse_of_add_target
      bumping version to 3.2.15.rc1
      Fix STI scopes using benolee's suggestion. Fixes #11939
Commits on Oct 11, 2013
  1. @tenderlove

    bumping to rc3

    tenderlove authored
Commits on Oct 4, 2013
  1. @tenderlove

    bumping to rc2

    tenderlove authored
Commits on Oct 3, 2013
  1. @tenderlove
Commits on Sep 30, 2013
  1. @NZKoz @tenderlove

    Remove the use of String#% when formatting durations in log messages

    NZKoz authored tenderlove committed
    This avoids potential format string vulnerabilities where user-provided
    data is interpolated into the log message before String#% is called.
Commits on Sep 12, 2013
  1. @rafaelfranca

    Merge pull request #12196 from h-lame/fix-activesupport-cache-filesto…

    rafaelfranca authored
    …re-cleanup
    
    Fix FileStore#cleanup to no longer rely on missing each_key method
    Conflicts:
    	activesupport/CHANGELOG.md
    	activesupport/test/caching_test.rb
Commits on Aug 18, 2013
  1. @guilleiguaran

    Fix 1.8.7 incompatible respond_to_missing

    Eugene Kalenkovich authored guilleiguaran committed
Commits on Jul 22, 2013
  1. @rafaelfranca
  2. @rafaelfranca
Commits on Jul 18, 2013
  1. @wolframarnold

    Add respond_to_missing? for TaggedLogging which is needed if another …

    wolframarnold authored
    …log abstracter wraps a TaggedLogging instance.
    
    It's also best practice when overriding method_missing.
Commits on Jul 16, 2013
  1. @rafaelfranca
Commits on Jul 13, 2013
  1. @rafaelfranca
Commits on Jul 10, 2013
  1. @pixeltrix

    Add missing require so that DateTime has the right superclass

    pixeltrix authored
    If the DateTime core extensions were loaded before the Date core extensions
    then you would get a superclass mismatch as DateTime hasn't been defined
    yet so it gets set to Object by the acts_like core extension.
    
    Fixes #11206
    
    (cherry picked from commit 78f7d5b)
Commits on Jul 9, 2013
  1. @pixeltrix
  2. @pixeltrix

    Retain offset and fraction when using Time.at_with_coercion

    pixeltrix authored
    The standard Ruby behavior for Time.at is to return the same type of
    time when passing an instance of Time as a single argument. Since the
    an ActiveSupport::TimeWithZone instance may be a different timezone than
    the system timezone and DateTime just understands offsets the best we
    can do is to return an instance of Time with the correct offset.
    
    It also maintains the correct fractional second value as well.
    
    Fixes #11350.
    
    Backports:
    4842535
    1b38737
Commits on Jul 6, 2013
  1. @rafaelfranca
Something went wrong with that request. Please try again.