Skip to content
This repository

Jan 08, 2013

  1. Aaron Patterson

    bumping version

    authored
  2. Jeremy Kemper

    CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.

    authored tenderlove committed

Dec 23, 2012

  1. Aaron Patterson

    bumping version to 3.2.10

    authored

Nov 12, 2012

  1. Santiago Pastorino

    Bump to 3.2.9

    authored

Nov 09, 2012

  1. Santiago Pastorino

    Bump up to 3.2.9.rc3

    authored

Nov 01, 2012

  1. Santiago Pastorino

    Bump to 3.2.9.rc2

    authored

Oct 29, 2012

  1. Santiago Pastorino

    Bump to 3.2.9.rc1

    authored

Oct 24, 2012

  1. Rafael Mendonça França

    Merge pull request #8022 from GRoguelon/3-2-stable

    Adding a missing parenthesis in the doc of String#parameterize.
    authored
  2. Geoffrey Roguelon

    Adding a missing parenthesis in the doc of String#parameterize.

    authored

Sep 28, 2012

  1. Jeremy Kemper

    Shush syntax warnings

    authored

Sep 27, 2012

  1. Jeremy Kemper

    Add logger.push_tags and .pop_tags to complement logger.tagged

    Avoid memory leak from unflushed logs on other threads leaving tags behind.
    
    Conflicts:
    	activesupport/CHANGELOG.md
    	activesupport/lib/active_support/tagged_logging.rb
    	activesupport/test/tagged_logging_test.rb
    authored

Sep 21, 2012

  1. Rafael Mendonça França

    Fix invalid ruby 1.8 syntax

    authored

Sep 20, 2012

  1. Toshinori Kajihara

    Fix #6962. AS::TimeWithZone#strftime responds incorrectly to %:z and …

    …%::z format strings.
    authored

Aug 28, 2012

  1. Xavier Noria

    fixes a bug in dependencies.rb

    loaded stores file names without the .rb extension, but search_for_file
    returns file names with the extension.
    
    The solution is hackish, but this file needs a revamp.
    authored

Aug 09, 2012

  1. Santiago Pastorino

    Bump to 3.2.8

    authored

Aug 03, 2012

  1. Santiago Pastorino

    Bump to 3.2.8.rc2

    authored

Aug 02, 2012

  1. Rafael Mendonça França

    Fix html_escape with Ruby 1.8

    authored spastorino committed
  2. Santiago Pastorino

    html_escape should escape single quotes

    https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
    Closes #7215
    
    Conflicts:
    	actionpack/test/template/erb_util_test.rb
    	actionpack/test/template/form_tag_helper_test.rb
    	actionpack/test/template/text_helper_test.rb
    	actionpack/test/template/url_helper_test.rb
    	activesupport/lib/active_support/core_ext/string/output_safety.rb
    authored
  3. Mike Gunderloy

    Fix ActiveSupport integration with Mocha > 0.12.1

    Mocha 0.12.2 renames the Integration module to
    MonkeyPatching. This breaks the code Rails uses
    to retrieve the assertion counter from Mocha.
    authored spastorino committed

Aug 01, 2012

  1. Santiago Pastorino

    Bump to 3.2.8.rc1

    authored
  2. Rafael Mendonça França

    Revert "Deprecate ActiveSupport::JSON::Variable"

    This reverts commit bcfa013.
    authored

Jul 26, 2012

  1. Aaron Patterson

    bumping to 3.2.7

    authored

Jul 23, 2012

  1. Aaron Patterson

    updating the version

    authored

Jul 21, 2012

  1. Xavier Noria

    Hash#fetch(fetch) is not the same as doing hash[key]

    authored

Jul 14, 2012

  1. Xavier Noria

    adds a missing require [fixes #6896]

    This file uses Time.zone, which is defined in
    active_support/core_ext/time/zones.rb.
    authored

Jun 29, 2012

  1. Xavier Noria

    make sure the inflection rules are loaded when cherry-picking active_…

    …support/core_ext/string/inflections.rb [fixes #6884]
    authored

Jun 25, 2012

  1. Carlos Antonio da Silva

    Merge pull request #6857 from rsutphin/as_core_ext_time_missing_require

    Missing require breaks Time.=== when selectively loading ActiveSupport core_exts in 3.2.4+

Jun 18, 2012

  1. Francesco Rodríguez

    bump AS deprecation_horizon to 4.0

    authored

Jun 11, 2012

  1. Aaron Patterson

    bumping version numbers

    authored

Jun 10, 2012

  1. Rafael Mendonça França

    Merge pull request #6688 from c42engineering/buffered_logger_level_wh…

    …ile_creation
    
    BufferedLogger level while creation
    authored
  2. Jens Krämer

    fix namespace collision with test-unit-activesupport

    authored

Jun 09, 2012

  1. Niranjan

    buffered logger is initialized with the log level passed trough the i…

    …nitializer
    authored

Jun 01, 2012

  1. Aaron Patterson

    bumping to 3.2.5

    authored

May 31, 2012

  1. Aaron Patterson

    Merge branch '3-2-rel' into 3-2-stable

    * 3-2-rel:
      bumping to 3.2.4
      adding security notifications to CHANGELOGs
      updating changelogs
      Merge pull request #6558 from parndt/fix_regression
    authored
  2. Aaron Patterson

    Merge branch '3-2-stable-sec' into 3-2-stable

    * 3-2-stable-sec:
      Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
      predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
      bumping to 3.2.4.rc1
    authored
Something went wrong with that request. Please try again.