Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Oct 16, 2013
  1. @tenderlove

    updating changelogs

    tenderlove committed
Commits on Oct 15, 2013
  1. @tenderlove

    bumping to 3.2.15

    tenderlove committed
  2. @tenderlove

    Merge branch '3-2-15' into 3-2-sec

    tenderlove committed
    * 3-2-15:
      bumping to rc3
      Revert "Merge pull request #12413 from arthurnn/inverse_of_on_build"
      Revert "Merge pull request #12443 from arthurnn/add_inverse_of_add_target"
      bumping to rc2
      Merge pull request #12443 from arthurnn/add_inverse_of_add_target
      bumping version to 3.2.15.rc1
      Fix STI scopes using benolee's suggestion. Fixes #11939
Commits on Oct 11, 2013
  1. @tenderlove

    bumping to rc3

    tenderlove committed
Commits on Oct 4, 2013
  1. @tenderlove

    bumping to rc2

    tenderlove committed
Commits on Oct 3, 2013
  1. @tenderlove
Commits on Sep 30, 2013
  1. @NZKoz @tenderlove

    Remove the use of String#% when formatting durations in log messages

    NZKoz committed with tenderlove
    This avoids potential format string vulnerabilities where user-provided
    data is interpolated into the log message before String#% is called.
Commits on Sep 28, 2013
  1. @rafaelfranca

    Use Ruby 1.8 hash syntax

    rafaelfranca committed
Commits on Sep 12, 2013
  1. @rafaelfranca

    Merge pull request #12196 from h-lame/fix-activesupport-cache-filesto…

    rafaelfranca committed
    Fix FileStore#cleanup to no longer rely on missing each_key method
Commits on Aug 18, 2013
  1. @guilleiguaran

    Fix 1.8.7 incompatible respond_to_missing

    Eugene Kalenkovich committed with guilleiguaran
Commits on Jul 31, 2013
  1. @rafaelfranca
Commits on Jul 22, 2013
  1. @rafaelfranca
  2. @rafaelfranca
  3. @rafaelfranca

    Update CHANGELOG entry

    rafaelfranca committed
Commits on Jul 18, 2013
  1. @wolframarnold

    Add respond_to_missing? for TaggedLogging which is needed if another …

    wolframarnold committed
    …log abstracter wraps a TaggedLogging instance.
    It's also best practice when overriding method_missing.
Commits on Jul 16, 2013
  1. @rafaelfranca
Commits on Jul 13, 2013
  1. @rafaelfranca
Commits on Jul 10, 2013
  1. @pixeltrix

    Add missing require so that DateTime has the right superclass

    pixeltrix committed
    If the DateTime core extensions were loaded before the Date core extensions
    then you would get a superclass mismatch as DateTime hasn't been defined
    yet so it gets set to Object by the acts_like core extension.
    Fixes #11206
    (cherry picked from commit 78f7d5b)
Commits on Jul 9, 2013
  1. @pixeltrix
  2. @pixeltrix

    Retain offset and fraction when using Time.at_with_coercion

    pixeltrix committed
    The standard Ruby behavior for is to return the same type of
    time when passing an instance of Time as a single argument. Since the
    an ActiveSupport::TimeWithZone instance may be a different timezone than
    the system timezone and DateTime just understands offsets the best we
    can do is to return an instance of Time with the correct offset.
    It also maintains the correct fractional second value as well.
    Fixes #11350.
Commits on Jul 8, 2013
  1. @rafaelfranca
Commits on Jul 6, 2013
  1. @rafaelfranca
  2. @rafaelfranca
Commits on Jul 1, 2013
  1. @carsonreinke
Commits on Jun 27, 2013
  1. @senny
Commits on Jun 8, 2013
  1. @pixeltrix

    Override to work with Time-like values

    pixeltrix committed allows passing a single Time argument which is then converted
    to an integer. The conversion code since 1.9.3r429 explicitly checks
    for an instance of Time so we need to override it to allow DateTime
    and ActiveSupport::TimeWithZone values.
Commits on May 11, 2013
  1. @rafaelfranca
Commits on May 10, 2013
  1. @rafaelfranca

    Fix test to ruby 2.0

    rafaelfranca committed
    The default enconding changed on Ruby 2.0
Commits on May 9, 2013
  1. @rafaelfranca

    Revert "Remove unicode character encoding from ActiveSupport::JSON.en…

    rafaelfranca committed
    This reverts commit 815a943.
    Reason: This was causing a regression where the resulting string is always
    returning UTF-8. Also it changes the behavior of this method on a stable release.
    Fixes #9498.
Commits on Mar 18, 2013
  1. @claudiob

    Add release dates to documentation [ci skip]

    claudiob committed
    Set "March 18, 2013" as the release date for 3.2.13
  2. @carlosantoniodasilva
  3. @carlosantoniodasilva
  4. @tenderlove

    Merge branch '3-2-13' into 3-2-stable

    tenderlove committed
    * 3-2-13:
      bumping to 3.2.13
      fix protocol checking in sanitization [CVE-2013-1857]
      JDOM XXE Protection [CVE-2013-1856]
      fix incorrect ^$ usage leading to XSS in sanitize_css [CVE-2013-1855]
      stop calling to_sym when building arel nodes [CVE-2013-1854]
      Merge pull request #9616 from exviva/multiple_select_name_double_square_brackets
      bumping to rc2
      Revert "Merge pull request #8209 from senny/backport_8176"
      Freeze columns only once per Result
      Preparing for 3.2.13.rc1 release
      Update CHANGELOGs for 3.2.13 release.
  5. @tenderlove

    bumping to 3.2.13

    tenderlove committed
Commits on Mar 16, 2013
  1. @benmmurphy @tenderlove

    JDOM XXE Protection [CVE-2013-1856]

    benmmurphy committed with tenderlove
Something went wrong with that request. Please try again.