Permalink
Switch branches/tags
Commits on Feb 11, 2013
  1. bumping to 3.1.11

    tenderlove committed Feb 11, 2013
Commits on Feb 10, 2013
  1. Fix issue with attr_protected where malformed input could circumvent

    protection
    
    Fixes: CVE-2013-0276
    joernchen committed with tenderlove Feb 9, 2013
Commits on Feb 8, 2013
  1. Merge pull request #9226 from robertomiranda/fix-bigdecimal-test

    [3.1] Fix test failure for ruby 1.8
    guilleiguaran committed Feb 8, 2013
  2. Merge pull request #9209 from dylanahsmith/3-1-mysql-quote-numeric

    [3.1] active_record: Quote numeric values compared to string columns.
    guilleiguaran committed Feb 8, 2013
Commits on Feb 7, 2013
Commits on Jan 26, 2013
Commits on Jan 16, 2013
  1. Update mocha version to 0.13.0 and change requires

    Conflicts:
    	Gemfile
    	railties/test/application/route_inspect_test.rb
    	railties/test/generators_test.rb
    carlosantoniodasilva committed Nov 12, 2012
  2. Merge pull request #8871 from freerange/3-1-stable-with-mocha-fixes

    Fix 3-1-stable to work with Mocha >= v0.13.0
    rafaelfranca committed Jan 16, 2013
  3. Fix 3-1-stable to work with Mocha >= v0.13.0

    A) Update code in ActiveSupport which monkey-patches Test::Unit to
    include Mocha bug fix.
    
    A bug was fixed [1] in Mocha's integration with Test::Unit, but this
    monkey-patching code was copied before the fix. We need to copy the
    fixed version.
    
    The bug meant that an unexpected invocation against a mock within the
    teardown method caused a test *error* and not a test *failure*.
    
    B) Fix for Test::Unit/Mocha compatibility.
    
    Mocha is now using a single AssertionCounter which needs a reference to
    the testcase as opposed to the result.
    
    This change is an unfortunate consequence of the copying of a chunk of
    Mocha's internal code in order to monkey-patch Test::Unit.
    
    C) Avoid a Mocha deprecation warning.
    
    [1]
    freerange/mocha@f1ff647#diff-5
    floehopper committed Aug 26, 2012
Commits on Jan 12, 2013
Commits on Jan 11, 2013
  1. Merge pull request #8889 from dylanahsmith/3-1-parse-non-object-json-…

    …params
    
    3-1-stable: Fix JSON params parsing regression for non-object JSON content.
    jeremy committed Jan 11, 2013
Commits on Jan 9, 2013
  1. Merge pull request #8846 from AlexRiedler/revert_5861

    Backport multi_json dependency revert of #5861 to 3-1-stable
    rafaelfranca committed Jan 9, 2013
  2. Merge pull request #5896 from sferik/revert_5861

    Revert #5861. Feature-detect which MultiJson API to use.
    Conflicts:
    	activesupport/activesupport.gemspec
    
    This backports multi_json version depedency changes as applied.
    
    Rationale: #5861
    
    Patch by sferik
    jeremy committed with Alex Riedler Apr 21, 2012
  3. Merge pull request #8835 from sikachu/3-1-stable-fix-ars

    Remove test for XML YAML parsing
    carlosantoniodasilva committed Jan 9, 2013
  4. Remove test for XML YAML parsing

    The support for YAML parsing in XML has been removed from Active Support
    since it introduced an security risk. See 8133a81 for more detail.
    sikachu committed Jan 9, 2013
Commits on Jan 8, 2013
  1. bumping version

    tenderlove committed Jan 8, 2013
  2. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] …

    …* dealing with empty hashes. Thanks Damien Mathieu
    
    Conflicts:
    	actionpack/CHANGELOG.md
    	activerecord/CHANGELOG.md
    tenderlove committed Jan 4, 2013
  3. Avoid Rack security warning no secret provided

    This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
    spastorino committed Jan 8, 2013
Commits on Dec 23, 2012
  1. bumping version to 3.1.9

    tenderlove committed Dec 23, 2012
  2. updating changelogs

    tenderlove committed Dec 23, 2012
Commits on Dec 15, 2012
  1. Be a bit less conservative with mysql in adapter

    This will allow the new mysql 2.9.0 to be used, fixing our test issues.
    carlosantoniodasilva committed Nov 19, 2012
  2. Update xml serialization tests to reflect a change in builder

    Due to a change in builder, nil values now generates closed tags,
    so instead of this:
    
        <pseudonyms nil=\"true\"></pseudonyms>
    
    It generates this:
    
        <pseudonyms nil=\"true\"/>
    
    Document this change in Rails so that people can track it down easily if
    necessary.
    
    Changes in Active Model, Active Record and Active Support tests.
    
    Cherry-pick of d65adc7, 77dd3be and 146eaf3. Fix build.
    carlosantoniodasilva committed Sep 7, 2012
Commits on Dec 14, 2012
  1. test for 8018

    tenderlove committed Dec 14, 2012
Commits on Oct 18, 2012
  1. Require ActionController::Railtie in the default middleware stack.

    This will make possible to do a frameworkless initialization since the
    the default middleware stack is self contained.
    rafaelfranca committed Oct 18, 2012
Commits on Aug 28, 2012
  1. Ensure association preloading properly merges default scope and assoc…

    …iation conditions
    lifo committed Aug 28, 2012
  2. CHANGELOGs are now per branch

    Check 810a50d for the rationale.
    fxn committed Aug 28, 2012
Commits on Aug 17, 2012
  1. Increase benchmark time to 20 seconds.

    I think that 5 seconds was a bit low for our purposes.
    
    Also enable it to be configured via env vars.
    
    We also need to scale the number of records up/down depending on how
    long we're running the benchmark for.
    
    Conflicts:
    	activerecord/examples/performance.rb
    jonleighton committed Aug 17, 2012