Skip to content
This repository

Nov 18, 2011

  1. Jon Leighton

    Preparing for 3.0.11 release

    authored November 18, 2011

Nov 01, 2011

  1. Josh Kalderimis

    Remove a circular require in AS deprecations. This is safe as AS depr…

    …ecations is autoloaded as needed.
    authored May 12, 2011 tenderlove committed November 01, 2011

Oct 05, 2011

  1. Akira Matsuda

    ruby193: String#prepend is also unsafe

    authored October 02, 2011 spastorino committed October 05, 2011
  2. Akira Matsuda

    override unsafe methods only if defined on String

    authored October 02, 2011 spastorino committed October 05, 2011

Oct 03, 2011

  1. Jeremy Kemper

    Merge pull request #2801 from jeremyevans/patch-1

    Fix obviously breakage of Time.=== for Time subclasses
    authored October 03, 2011

Aug 16, 2011

  1. Aaron Patterson

    Merge branch '3-0-10' into 3-0-stable

    * 3-0-10:
      bumping rails to 3.0.10
      properly subsituting bad utf8 characters
      Tags with invalid names should also be stripped in order to prevent XSS attacks.  Thanks Sascha Depold for the report.
      prevent sql injection attacks by escaping quotes in column names
      Properly escape glob characters.
      bumping to 3.0.10.rc1
      more changelog updates
      updating CHANGELOGs
    authored August 16, 2011
  2. Aaron Patterson

    bumping rails to 3.0.10

    authored August 16, 2011
  3. Aaron Patterson

    properly subsituting bad utf8 characters

    authored August 16, 2011

Aug 08, 2011

  1. Jason Weathered

    Fix marshal round-tripping of fractional seconds (Time#subsec).

    authored April 17, 2011 tenderlove committed August 07, 2011

Aug 06, 2011

  1. Santiago Pastorino

    Merge pull request #2450 from guilleiguaran/activesupport-gzip-1.8

    Fix ActiveSupport::Gzip under Ruby 1.8.7. Closes #2416
    authored August 06, 2011

Aug 05, 2011

  1. Aaron Patterson

    bumping to 3.0.10.rc1

    authored August 04, 2011

Aug 01, 2011

  1. Santiago Pastorino

    Merge pull request #2393 from bdurand/fix_cache_read_multi

    Fix ArgumentError in ActiveSupport::Cache::CacheStore.read_multi
    authored August 01, 2011

Jul 29, 2011

  1. Aaron Patterson

    delay backtrace scrubbing until we actually raise an exception. fixes #…

    authored July 29, 2011

Jun 28, 2011

  1. Fix JSON decoding of newline character with Yaml backend [#3479 state…

    …:resolved]
    
    Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
    authored June 14, 2010 tenderlove committed June 28, 2011

Jun 20, 2011

  1. José Valim

    Fix SafeBuffers by adding a dirty flag.

    authored June 16, 2011

Jun 19, 2011

  1. James Miller

    Add option to omit creating an instance reader method on class_attribute

    authored June 18, 2011

Jun 16, 2011

  1. Aaron Patterson

    Merge branch '3-0-9' into 3-0-stable

    * 3-0-9:
      Preparing for 3.0.9 release
      avoid false positives caused by release candidates
      Preparing for 3.0.9.rc5 release
      bumping to rc4
      Make sure that we don't perform in-place mutation on SafeBuffer string
      Update CHANGELOG to mention the json_escape change
      Ensure number helpers can handle HTML safe strings - closes #1597.
      bumping to rc3 since syck is not playing nicely
      bumping to 3.0.9.rc2
      ensuring that json_escape returns html safe strings when passed an html safe string
      Make sure `escape_javascript` return `SafeBuffer` if the incoming argument is already html_safe
      Fix issue #1598 by adding a dependency to the RDoc gem.
      bumping to 3.0.9.rc1
    authored June 16, 2011
  2. Aaron Patterson

    Preparing for 3.0.9 release

    authored June 16, 2011

Jun 13, 2011

  1. Andrew White

    Remove obsolete compatibility module

    authored June 13, 2011

Jun 12, 2011

  1. Aaron Patterson

    Preparing for 3.0.9.rc5 release

    authored June 12, 2011
  2. Aaron Patterson

    bumping to rc4

    authored June 12, 2011
  3. Aaron Patterson

    Merge branch '3-0-stable' into 3-0-9

    * 3-0-stable:
      Add support for using an ARCONFIG environment variable to specify the location of the config.yml file for running the tests
      Define ActiveSupport#to_param as to_str - closes #1663
      Revert "Make sure that we don't perform in-place mutation on SafeBuffer string"
      Make sure that we don't perform in-place mutation on SafeBuffer string
      Update CHANGELOG to mention the json_escape change
      Ensure number helpers can handle HTML safe strings - closes #1597.
      ensuring that json_escape returns html safe strings when passed an html safe string
      Fix issue #1598 by adding a dependency to the RDoc gem.
      Make sure `escape_javascript` return `SafeBuffer` if the incoming argument is already html_safe
    
    Conflicts:
    	actionpack/CHANGELOG
    authored June 12, 2011
  4. Andrew White

    Define ActiveSupport#to_param as to_str - closes #1663

    authored June 12, 2011

Jun 09, 2011

  1. Aaron Patterson

    bumping to rc3 since syck is not playing nicely

    authored June 09, 2011
  2. Aaron Patterson

    bumping to 3.0.9.rc2

    authored June 09, 2011
  3. Aaron Patterson

    ensuring that json_escape returns html safe strings when passed an ht…

    …ml safe string
    authored June 09, 2011
  4. Aaron Patterson

    ensuring that json_escape returns html safe strings when passed an ht…

    …ml safe string
    authored June 09, 2011

Jun 08, 2011

  1. Aaron Patterson

    bumping to 3.0.9.rc1

    authored June 08, 2011

Jun 07, 2011

  1. Aaron Patterson

    Merge branch '3-0-8' into 3-0-stable

    * 3-0-8:
      bumping to 3.0.8
      Do not modify a safe buffer in helpers
      Ensure that the strings returned by SafeBuffer#gsub and friends aren't considered html_safe?
    authored June 07, 2011
  2. Aaron Patterson

    bumping to 3.0.8

    authored June 07, 2011
  3. Michael Koziarski

    Ensure that the strings returned by SafeBuffer#gsub and friends aren'…

    …t considered html_safe?
    
    Also make sure that the versions of those methods which modify a string in place such as gsub! can't be called on safe buffers at all.
    authored May 16, 2011 tenderlove committed June 07, 2011

May 31, 2011

  1. Andrew White

    Make MemCacheStore work with Ruby 1.9 and -Ku

    authored May 31, 2011
  2. Aaron Patterson

    rebuilding rc because of syck. :'(

    authored May 30, 2011

May 30, 2011

  1. Aaron Patterson

    bumping to rc3

  2. Aaron Patterson

    Merge branch '3-0-stable' into 3-0-8

    * 3-0-stable:
      File From Xml is working now. #3-0-stable
      Fixing  XMLMini_JDOM #3-0-stable
      fixing test for mysql2
    authored May 30, 2011
Something went wrong with that request. Please try again.