protection Fixes: CVE-2013-0276
[3.1] Fix test failure for ruby 1.8
[3.1] active_record: Quote numeric values compared to string columns.
Conflicts: Gemfile railties/test/application/route_inspect_test.rb railties/test/generators_test.rb
Fix 3-1-stable to work with Mocha >= v0.13.0
A) Update code in ActiveSupport which monkey-patches Test::Unit to include Mocha bug fix. A bug was fixed  in Mocha's integration with Test::Unit, but this monkey-patching code was copied before the fix. We need to copy the fixed version. The bug meant that an unexpected invocation against a mock within the teardown method caused a test *error* and not a test *failure*. B) Fix for Test::Unit/Mocha compatibility. Mocha is now using a single AssertionCounter which needs a reference to the testcase as opposed to the result. This change is an unfortunate consequence of the copying of a chunk of Mocha's internal code in order to monkey-patch Test::Unit. C) Avoid a Mocha deprecation warning.  freerange/mocha@f1ff647#diff-5
…params 3-1-stable: Fix JSON params parsing regression for non-object JSON content.
Backport multi_json dependency revert of #5861 to 3-1-stable
Remove test for XML YAML parsing
The support for YAML parsing in XML has been removed from Active Support since it introduced an security risk. See 8133a81 for more detail.
…* dealing with empty hashes. Thanks Damien Mathieu Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md
This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
This will allow the new mysql 2.9.0 to be used, fixing our test issues.
Due to a change in builder, nil values now generates closed tags, so instead of this: <pseudonyms nil=\"true\"></pseudonyms> It generates this: <pseudonyms nil=\"true\"/> Document this change in Rails so that people can track it down easily if necessary. Changes in Active Model, Active Record and Active Support tests. Cherry-pick of d65adc7, 77dd3be and 146eaf3. Fix build.
This will make possible to do a frameworkless initialization since the the default middleware stack is self contained.
Check 810a50d for the rationale.
I think that 5 seconds was a bit low for our purposes. Also enable it to be configured via env vars. We also need to scale the number of records up/down depending on how long we're running the benchmark for. Conflicts: activerecord/examples/performance.rb