Skip to content


Subversion checkout URL

You can clone with
Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: rails/rails
head fork: rails/rails
This comparison is big! We're only showing the most recent 250 commits
Commits on Nov 17, 2011
@lest lest _html translation should escape interpolated arguments 1b527d7
@lest lest _html translation should escape interpolated arguments 2d5b105
Commits on Nov 18, 2011
@jonleighton jonleighton Preparing for 3.1.2 release 0e6b118
@sikachu sikachu Update variable's name in the test case to reflect the class we're te…
@tenderlove tenderlove Merge pull request #3683 from christos/schema_introspection_speedup
Only used detailed schema introspection when doing a schema dump.

@parndt parndt Fixed typo: expect -> expected b7fe7c3
capps "denoted" instead of "donated"
"parentheses" instead of "use brackets"
@vijaydev vijaydev Merge pull request #3682 from sikachu/3-1-stable-fix_test_variable
Update variable's name in the test case to reflect the class we're testing
@tenderlove tenderlove allow people to set a local .Gemfile so that things like ruby-debug a…
…re not required for regular development
@tenderlove tenderlove fixing my bad merge. doh! 9848b47
Commits on Nov 19, 2011
@jonleighton jonleighton Merge branch '3-1-2' into 3-1-stable 8f4f8db
@jonleighton jonleighton Verify that #3690 has been closed by previous changes to the mysql

These tests fail on the v3.1.2 tag.

Closes #3690.


@kennyj kennyj Use `show index from`. We could fix `pk_and_sequence_for` method's pe…
…rformance problem (GH #3678)
@jonleighton jonleighton Bump sprockets to 2.1.1

@jonleighton jonleighton Don't html-escape the :count option to translate if it's a Numeric. F…
…ixes #3685.


@jonleighton jonleighton Add missing CHANGELOG entry for #3678. Closes #3678. da327fc
@jonleighton jonleighton Perf fix
If we're deleting all records in an association, don't add a IN(..)
clause to the query.

Fixes #3672.
Commits on Nov 20, 2011
@jonleighton jonleighton Downgrade sprockets to 2.0.3. Closes #3686. 574ed06
@jonleighton jonleighton Fix sass-rails dependency. Closes #3704. 36cefec
@jonleighton jonleighton Preparing for 3.1.3 release e9474c8
Commits on Nov 21, 2011
@guilleiguaran guilleiguaran Added therubyrhino to default Gemfile under JRuby b710cea
@guilleiguaran guilleiguaran Update CHANGELOG with the addition of therubyrhino 8b8ff98
@jsl jsl Make the Rack::SSL middleware configurable dcafc76
@josevalim josevalim Merge pull request #3710 from dmathieu/cherry-pick-ssl-config
Cherry pick ssl config
Commits on Nov 22, 2011
@vijaydev vijaydev caching 'false' properly cd392fd
Commits on Nov 26, 2011
@spraints spraints Add config.active_record.identity_map to the configuration guide. 1506ef0
@avakhov avakhov Small docs fix in Active Model callbacks module 7aae61f
@bobbytables bobbytables Fix missing single quote that was messing up syntax highlighting. c7da693
@ugisozols ugisozols what's -> that's 7f6b1a5
Commits on Nov 28, 2011
@arunagw arunagw Bump Mysql2! c6e513b
Commits on Nov 30, 2011
@pimeys pimeys If the table behind has no primary key, do not ask again and just ret…
…urn nil.


@jonleighton jonleighton don't alter global state in test 6fd9c1d
Commits on Dec 01, 2011
@jdelStrother jdelStrother Leave default_asset_host_protocol unset
When default_asset_host_protocol is left as nil, it will use absolute protocols when a request is present, and relative protocols otherwise (eg in asset generation)

Signed-off-by: José Valim <>
@josevalim josevalim Update CHANGELOG. 7fc91aa
Commits on Dec 02, 2011
@rhulse rhulse [docs] removed last-modifed line from examples 9473f7d
Leandro Santos typo in the performance testing rails guide 2512192
Commits on Dec 03, 2011
@jenseng jenseng Restore performance of ERB::Util.html_escape
Revert html_escape to do a single gsub again, but add the "n" flag (no
language, i.e. not multi-byte) to protect against XSS via invalid utf8

Signed-off-by: José Valim <>
@jonleighton jonleighton Avoid postgres 9.X syntax c1e2c1a
@jonleighton jonleighton Enable postgres on the CI :heart: :beer: :sparkles: d2ab2b0
Commits on Dec 05, 2011
@sumbach sumbach Test return value of ActiveSupport::Dependencies::Loadable#require
- Add tests to protect from regressions in require's return value behavior
- See a10606c (require needs to return true or false) for the original bug fix
@sumbach sumbach Test return value of ActiveSupport::Dependencies::Loadable#load 31cead7
@sumbach sumbach Test that require and load raise LoadError if file not found 0f81554
@sumbach sumbach Simplify load and require tests
- These tests don't use autoloading so there's no need to add anything to autoload_paths
@tenderlove tenderlove Merge pull request #3860 from sumbach/test-return-value-from-require-…

Test return value from require on 3-1-stable
@kennyj kennyj Use show create table.

Commits on Dec 06, 2011
@spastorino spastorino Merge pull request #3428 from adrianpike/asset_path_conflicts
Issue #3427 - asset_path_conflicts
@spastorino spastorino Add CHANGELOG entry acfa6c7
Commits on Dec 08, 2011
@fxn fxn use our own fork of sdoc while Vijay's fix is not applied to voloko/sdoc 1e001da
@josevalim josevalim Improve cache on route_key lookup.

@josevalim josevalim Remove NilClass whiners feature.
Removing this feature causes boost in performance when using Ruby 1.9.

Ruby 1.9 started to do implicit conversions using `to_ary` and `to_str`
in some STDLIB methods (like Array#join). To do such implicit conversions,
Ruby 1.9 always dispatches the method and rescues the NoMethodError exception
in case one is raised.

Therefore, since the whiners feature defined NilClass#method_missing, such
implicit conversions for nil became much, much slower. In fact, just defining
NilClass#method_missing (even without the whiners feature) already causes a
massive slow down. Here is a snippet that shows such slow down:

    require "benchmark"
    Benchmark.realtime { 1_000.times { [nil,nil,nil].join } }

    class NilClass
      def method_missing(*args)
        raise NoMethodError

    Benchmark.realtime { 1_000.times { [nil,nil,nil].join } }
@vijaydev vijaydev fix a bad url 92d24b7
@jonleighton jonleighton Fix #3890. (Calling proxy_association in scope chain.)

@tenderlove tenderlove load the encoding converter to work around [ruby-core:41556] when swi…
…tching encodings
Commits on Dec 10, 2011
@guilleiguaran guilleiguaran Add test to verify that therubyrhino isn't included when JRuby isn't …
@josevalim josevalim Merge pull request #3705 from guilleiguaran/3-1-stable-therubyrhino
Added therubyrhino to default Gemfile under JRuby
@arunagw arunagw Fix broken encoding test 49bbdf2
@josevalim josevalim Merge pull request #3928 from arunagw/fix_template_test
Fix template test
Commits on Dec 13, 2011
@tenderlove tenderlove use Array#join so that file encoding doesn't impact returned string.
Fixes #3957
@dissolved dissolved Fixing typo in Routing Guide. 50ac4a3
@dissolved dissolved Replacing vague mention of an unspecified section above with a link t…
…o the actual section containing Asset Organization.
@Mik-die Mik-die Typo in list dced6d6
Commits on Dec 14, 2011
@jonleighton jonleighton Fix #3672 again (dependent: delete_all perf)

@fxn fxn let sdoc say which version of rdoc we depend on

Commits on Dec 15, 2011
@jonleighton jonleighton Fix #3987.

Commits on Dec 17, 2011
@spastorino spastorino Add campfire notifications for travis 2f7e701
Commits on Dec 18, 2011
@lest lest backport call scope within unscoped to prevent duplication of where v…
Commits on Dec 19, 2011
@jonleighton jonleighton Don't notify campfire when the build keeps passing b9aabc7
@spastorino spastorino Merge pull request #4025 from arunagw/travis_sync
Travis sync
Commits on Dec 20, 2011
@guilleiguaran guilleiguaran Skip assets options in environments files when --skip-sprockets is used

@drogus drogus Ensure that files that compile to js/css are not compiled by default …
…with `rake assets:precompile`

This case was not tested and documentation was a bit confusing
on that topic, so it was not obvious if current code
works properly or not.
@guilleiguaran guilleiguaran Use ProcessedAsset#pathname in Sprockets helpers when debugging is on…
…. Closes #3333 #3348 #3361.

Is wrong use ProcessedAsset#to_s since it returns the content of the file.
@drogus drogus Clarify the default assets.precompile matcher behavior 169137f
@guilleiguaran guilleiguaran Skip assets groups if --skip-sprockets option is given

@josevalim josevalim Merge pull request #4058 from guilleiguaran/asset-pipeline-fixes
Backport multiple fixes for asset pipeline from master to 3-1-stable
@guilleiguaran guilleiguaran Fix railties tests: I broke development.rb template during last merge d545642
@josevalim josevalim Merge pull request #4065 from guilleiguaran/fix-railties-tests
Fix railties tests: I broke development.rb template during last merge
@arunagw arunagw It should be README.rdoc fixes #4067 41803b2
@spastorino spastorino Merge pull request #4074 from arunagw/doc_fix
doc:rails fixed
Commits on Dec 21, 2011
@tenderlove tenderlove adding tests for #4029 040b794
Commits on Dec 22, 2011
@tenderlove tenderlove refactoring routing tests

@tenderlove tenderlove rack bodies should be a list d538952
Commits on Dec 23, 2011
@arunagw arunagw [docs] Added missing "}" fixes #4126 939183a
Commits on Dec 31, 2011
@hsbt hsbt upgrade rack-1.3.6 16d4bc7
@josevalim josevalim Merge pull request #4244 from hsbt/upgrade-rack-dependency
Upgrade rack dependency
Commits on Jan 03, 2012
@josevalim josevalim Override respond_to? since we are also overriding method_missing. 6d5a27a
@spastorino spastorino Pass extensions to javascript_path and stylesheet_path helpers. Closes b7c7f08
Commits on Jan 10, 2012
@drogus drogus Add ORIGINAL_FULLPATH to env
This behaves similarly to REQUEST_URI, but
we need to implement it on our own because
REQUEST_URI is not reliable.

Note that since PATH_INFO does not contain
information about trailing question mark,
this is not 100% accurate, for example
`/foo?` will result in `/foo` in ORIGINAL_FULLPATH
@drogus drogus Add original_fullpath and original_url methods to Request c2af40b
@drogus drogus Fix http digest authentication with trailing '/' or '?' (fixes #4038
…and #3228)
Commits on Jan 11, 2012
@spastorino spastorino Merge pull request #4412 from kennyj/fix_3743
Fix GH #3743. We must specify an encoding in rdoc_option explicitly.
Commits on Jan 12, 2012
@tomstuart tomstuart Test ActiveRecord::Base#[]= as well as #write_attribute f22c36b
@tomstuart tomstuart Test that #[] and #[]= keep working when #read_attribute and #write_a…
…ttribute are overridden
@tomstuart tomstuart Revert "Base#[] and Base#[]= are aliases so implement them as aliases…
… :)"

This reverts commit 21eadc1.
@spastorino spastorino Merge pull request #4418 from tomstuart/read-and-write-attribute-alia…

#[] and #[]= are no longer interchangeable with #read_attribute and #write_attribute (3-1-stable)
@vijaydev vijaydev First attempt at providing a 'what to update' section for Rails 3.1 18d67f5
Commits on Jan 13, 2012
@guilleiguaran guilleiguaran Update actionpack Changelog in 3-1-stable 28b0050
@vijaydev vijaydev Merge pull request #4442 from guilleiguaran/3-1-changelogs
Update actionpack changelog in 3-1-stable
@josevalim josevalim config.force_ssl should mark the session as secure. d209325
@josevalim josevalim No AS::TestCase here. 98ac00c
Commits on Jan 16, 2012
@guilleiguaran guilleiguaran Mention how use config.assets.prefix to avoid conflicting with an exi…
…sting "/assets" route
Commits on Jan 21, 2012
@guilleiguaran guilleiguaran Add therubyracer gem commented in default Gemfile (3.1.x) bd5392c
@vijaydev vijaydev Merge pull request #4579 from guilleiguaran/add-js-runtime-to-gemfile
Add therubyracer gem commented in default Gemfile (3.1.x)
Commits on Jan 23, 2012
@drogus drogus Add ActiveModel::Errors#delete, which was not available after move to…
… use delegation
@pkondzior pkondzior Fix ActiveModel::Errors#dup
Since ActiveModel::Errors instance keeps all error messages as hash
we should duplicate this object as well.

Previously ActiveModel::Errors was a subclass of ActiveSupport::OrderedHash,
which results in different behavior on dup, this may result in regression for
people relying on it.

Because Rails 3.2 stills supports Ruby 1.8.7 in order to properly fix this
regression we need to backport #initialize_dup.
Commits on Jan 24, 2012
@tenderlove tenderlove Merge pull request #4514 from brainopia/update_timezone_offets
Update time zone offset information
Commits on Jan 31, 2012
@kennyj kennyj Fix GH #4754. Remove double-quote characters around PK when using sql…
@jonleighton jonleighton Merge pull request #4787 from kennyj/fix_4754-2
[Backport][3-1-stable] Fix GH #4754. Remove double-quote characters around PK when using sql_mode=ANSI_QUOTES
Commits on Feb 17, 2012
@arunagw arunagw fixed failing test in ruby-1.8.7-p358 0bf4dc8
@spastorino spastorino Merge pull request #5072 from arunagw/fix_failing_test_ruby187_p358_3…

Fix failing test ruby187 p358 31stable
@pixeltrix pixeltrix Fix ActionDispatch::Static to serve files with unencoded PCHAR
RFC 3986[1] allows sub-delim characters in path segments unencoded,
however Rack::File requires them to be encoded so we use URI's
unescape method to leave them alone and then escape them again.

Also since the path gets passed to Dir[] we need to escape any glob
characters in the path.

@pixeltrix pixeltrix Simplify regexp bea34a7
Commits on Feb 18, 2012
@arunagw arunagw fixed assets test 7782a70
@josevalim josevalim Merge pull request #5079 from arunagw/fix_assets_test
Fix assets test
Commits on Feb 20, 2012
@pixeltrix pixeltrix Remove fixture files with Windows incompatible filenames
Windows doesn't allow `\ / : * ? " < > |` in filenames so create
the fixture files at runtime and ignore the incompatible ones when
running on Windows.
@tenderlove tenderlove search private / protected methods in trunk ruby da7d0a2
@lest lest fix output safety issue with select options 1be2bbe
Commits on Feb 21, 2012
@amatsuda amatsuda add AS::SafeBuffer#clone_empty baf6903
@amatsuda amatsuda use AS::SafeBuffer#clone_empty for flushing the output_buffer 2d4cdb0
@tenderlove tenderlove Merge pull request #5096 from lawso017/master
Restoring ability to derive id/sequence from tables with nonstandard sequences for primary keys

@tenderlove tenderlove ruby 2.0 makes protected methods return false for respond_to, so pass…
… true as the second param
@tenderlove tenderlove more ruby 2.0 respond_to? changes 36c8521
@tenderlove tenderlove tag bind params with a bind param object 79f0a9b
Commits on Feb 22, 2012
@tenderlove tenderlove bumping up arel 995d792
@tenderlove tenderlove prepared statements can be disabled f290d6f
@tenderlove tenderlove fixing bad merge: adding bind substitution visitor 967b300
@tenderlove tenderlove updating RAILS_VERSION 8c677e9
Commits on Feb 25, 2012
@arunagw arunagw fixed build for ruby187-p358 406ece4
@fxn fxn Merge pull request #5165 from arunagw/build_fix_ruby187-p358-3-1-stable
Build fix ruby187 p358 3 1 stable
@arunagw arunagw assert => assert_equal 6e49b3d
@spastorino spastorino Merge pull request #5171 from arunagw/3-1-stable
assert => assert_equal 3-1-stable
@glitterfang glitterfang Fix typo in match :to docs e6fca55
@noahhendrix noahhendrix Fixed typo in composed_of example with Money#<=>, was comparing amoun…
…t itself instead of other_money.amount
Commits on Feb 26, 2012
@pixeltrix pixeltrix Detect optional glob params when adding non-greedy regexp - closes #4817
Commits on Feb 27, 2012
@tenderlove tenderlove Merge pull request #5179 from RalphShnelvar/Binary_mode_Window_bug
Binary mode window bug
Commits on Feb 28, 2012
@kennyj kennyj Fix type_to_sql with text and limit on mysql/mysql2. Fix GH #3931. 42592b4
Commits on Feb 29, 2012
@tenderlove tenderlove Merge pull request #5207 from kennyj/fix_5173-31
[3-1-stable] Fix type_to_sql with text and limit on mysql/mysql2. Fix GH #3931
Commits on Mar 01, 2012
@josevalim josevalim Ensure [] respects the status of the buffer. 3d86727
@arunagw arunagw call binmode on the tempfile for Ruby 1.8 compatibility 63069ec
@josevalim josevalim Merge pull request #5227 from arunagw/build_fix_3-1-stable
Build fix 3 1 stable
@tenderlove tenderlove Merge branch '3-1-stable-security' into 3-1-4
* 3-1-stable-security:
  Ensure [] respects the status of the buffer.
  use AS::SafeBuffer#clone_empty for flushing the output_buffer
  add AS::SafeBuffer#clone_empty
  fix output safety issue with select options
@tenderlove tenderlove bumping to 3.1.4 1aabea6
@tenderlove tenderlove Merge branch '3-1-4' into 3-1-stable
* 3-1-4:
  bumping to 3.1.4
  Ensure [] respects the status of the buffer.
  updating RAILS_VERSION
  use AS::SafeBuffer#clone_empty for flushing the output_buffer
  add AS::SafeBuffer#clone_empty
  fix output safety issue with select options
Commits on Mar 02, 2012
@carlosantoniodasilva carlosantoniodasilva Stop SafeBuffer#clone_empty from issuing warnings
Logic in clone_empty method was dealing with old @dirty variable, which
has changed by @html_safe in this commit:

This was issuing a "not initialized variable" warning - related to:

The logic applied by this method is already handled by the [] override,
so there is no need to reset the variable here.
@tenderlove tenderlove only log an error if there is a logger. fixes #5226



Commits on Mar 04, 2012
@carlosantoniodasilva carlosantoniodasilva Only run binary type cast test with encode! on Ruby 1.9 24e074f
Commits on Mar 06, 2012
@mikel mikel Increasing minimum version of mail due to security vulnerability foun…
…d in Mail 2.3.0 for sendmail or exim
@josevalim josevalim Use latest rack-cache. 54621f7
Commits on Mar 07, 2012
@jeremy jeremy Use 1.9 native XML escaping to speed up html_escape and shush regexp …

        length      user     system      total        real
before  6      0.010000   0.000000   0.010000 (  0.012378)
after   6      0.010000   0.000000   0.010000 (  0.012866)
before  60     0.040000   0.000000   0.040000 (  0.046273)
after   60     0.040000   0.000000   0.040000 (  0.036421)
before  600    0.390000   0.000000   0.390000 (  0.390670)
after   600    0.210000   0.000000   0.210000 (  0.209094)
before  6000   3.750000   0.000000   3.750000 (  3.751008)
after   6000   1.860000   0.000000   1.860000 (  1.857901)
@arunagw arunagw Test fix failing in 1.8.7-p358 d024ce1
@spastorino spastorino Merge pull request #5322 from arunagw/test_fix_1.8.7-3-1-stable
Test fix 1.8.7 3 1 stable
Commits on Mar 12, 2012
@tenderlove tenderlove Merge pull request #5312 from kennyj/fix_3927-31
[3-1-stable] Use 1.9 native XML escaping to speed up html_escape and shush regexp warnings
Commits on Mar 13, 2012
@denisj denisj fix activerecord query_method regression with offset into Fixnum
add test to show offset query_methods on mysql & mysql2

change test to cover public API
@josevalim josevalim Merge pull request #5401 from arunagw/issue_4409_3-1-stable
Issue 4409 3 1 stable
Commits on Mar 15, 2012
@tenderlove tenderlove Merge pull request #5456 from brianmario/redirect-sanitization
Strip null bytes from Location header
@tenderlove tenderlove Merge pull request #5457 from brianmario/typo-fix
Fix typo in redirect test
Commits on Mar 19, 2012
@mikel mikel Increase minimum version of mail.
  Second security vulnerability found in mail file delivery method
  patched in version 2.3.3.
@arunagw arunagw fix test failing in 1.8.7 eeee6f2
@josevalim josevalim Merge pull request #5504 from arunagw/build_fix_1-8-7
Build fix 1 8 7
@arunagw arunagw Build fix for form_options_helper_test.rb ruby-1.8.7 c1c62e8
@josevalim josevalim Merge pull request #5506 from arunagw/build_fix_1.8.7-3-1-stable
Build fix 1.8.7 3 1 stable
Commits on Mar 23, 2012
@carlosantoniodasilva carlosantoniodasilva Add order to tests that rely on db ordering, to fix failing tests on pg
Also skip persistente tests related to UPDATE + ORDER BY for postgresql

PostgreSQL does not support updates with order by, and these tests are
failing randomly depending on the fixture loading order now.
@carlosantoniodasilva carlosantoniodasilva Fix identity map tests c8d5680
@josevalim josevalim Merge pull request #5564 from carlosantoniodasilva/fix-build-3-1
Fix build for branch 3-1-stable
Commits on Mar 26, 2012
@carlosantoniodasilva carlosantoniodasilva Return the same session data object when setting session id
Make sure to return the same hash object instead of returning a new one.
Returning a new one causes failures on cookie store tests, where it
tests for the 'Set-Cookie' header with the session signature.

This is due to the hash ordering changes on Ruby 1.8.7-p358.
@tenderlove tenderlove Merge pull request #5599 from carlosantoniodasilva/fix-build-3-1
Fix build for branch 3-1-stable - return the same session hash object
Commits on Mar 27, 2012
@tenderlove tenderlove Merge pull request #2621 from icco/master
Issue with schema dump
@josevalim josevalim Avoid inspecting the whole route set, closes #1525 bef0b35
Commits on Mar 28, 2012
@arturopie arturopie Adds a test that breaks IM when using #select 488ea89
@arturopie arturopie Do not add record to identity map if the record doesn't have values f…
…or all the columns, so we don't get 'MissingAttributeError' later when trying to access other fields of the same record.
@arturopie arturopie refactor the checking of the attributes of the record in IdentityMap#…
…add, so it's more readable
Commits on Mar 29, 2012
@arturopie arturopie refactor instantiate method in base, so we remove nesting if's which …
…make the code harder to read. Minor changes to contain_all_columns in IdentityMap.
@yahonda yahonda Address an error for test_has_many_through_polymorphic_has_one
with Oracle for the 3-1-stable branch
@tenderlove tenderlove Merge pull request #5647 from arturopie/fixing_IM_when_using_find_select
Fixing Identity Map when using find select
@spastorino spastorino Merge pull request #5658 from yahonda/address_ora_00918_with_oracle_f…

Address an error for test_has_many_through_polymorphic_has_one with Oracle
Commits on Mar 31, 2012
@arunagw arunagw :subdomain can now be specified with a value of false in url_for,
allowing for subdomain(s) removal from the host during link generation. 

Closes #4083

cherry-picked from 

@arunagw arunagw CHANGELOG entry added c409d06
Commits on Apr 03, 2012
@josevalim josevalim Merge pull request #5686 from arunagw/issue_4083
Issue 4083
Commits on Apr 16, 2012
@arunagw arunagw multi_json is restricted to < 1.3.
Some API changes are there above 1.3.
@jeremy jeremy Merge pull request #5862 from arunagw/multi_json_fix_3-1-stable
Restrict multi_json to >= 1.0, < 1.3 to avoid API changes in 1.3
Commits on Apr 29, 2012
@pixeltrix pixeltrix Don't convert params if the request isn't HTML - fixes #5341
(cherry picked from commit d6bbd33)
@arunagw arunagw mocha can be locked here as new version is failing
nil.stubs is not allowed in new version of mocha
@jeremy jeremy Merge pull request #6046 from arunagw/lock_mocha_to_fix_build
Lock mocha to fix build
@pixeltrix pixeltrix Escape interpolated params when redirecting - fixes #5688 78c181b
Commits on Apr 30, 2012
@willbryant willbryant fix the Flash middleware loading the session on every request (very d…
…angerous especially with Rack::Cache), it should only be loaded when the flash method is called
@drogus drogus Failing test for #6034 e23e684
@IamNaN IamNaN Correcting some confusion. Pago Pago is part of American Samoa, not S…

Further, Samoa and Tokelau jumped across the IDL from Dec 29 to Dec 31, 2011
switching from UTC-11 to UTC+13. American Samoa did not make the change and
remains at UTC-11. Pacific/Fakaofo and Pacific/Apia are in TZInfo and
documentation about the dateline change is in austalasia at IANA.

(cherry picked from commit 5fe88b1)
Commits on May 01, 2012
@vijaydev vijaydev fix grammar in deprecation message [ci skip] ffd3289
Commits on May 02, 2012
@pixeltrix pixeltrix Reset the request parameters after a constraints check
A callable object passed as a constraint for a route may access the request
parameters as part of its check. This causes the combined parameters hash
to be cached in the environment hash. If the constraint fails then any subsequent
access of the request parameters will be against that stale hash.

To fix this we delete the cache after every call to `matches?`. This may have a
negative performance impact if the contraint wraps a large number of routes as the
parameters hash is built by merging GET, POST and path parameters.

Fixes #2510.
(cherry picked from commit 5603050)
Commits on May 04, 2012
@route route Fix #3993 assets:precompile task does not detect index files cf42971
@route route Added test for assets:precompile for index files 29aa03a
@jeremy jeremy Merge pull request #6152 from route/assets_precompile_task_3_1
Just cherry-picked fixes for asset precompile for 3-1-stable
Commits on May 10, 2012
@pixeltrix pixeltrix Refactor the handling of default_url_options in integration tests
This commit improves the handling of default_url_options in integration
tests by making behave closer to how a real application operates.

Specifically the following issues have been addressed:

* Options specified in routes.rb are used (fixes #546)
* Options specified in controllers are used
* Request parameters are recalled correctly
* Tests can override default_url_options directly
@pixeltrix pixeltrix Don't ignore nil positional arguments for url helpers - fixes #6196. e98893b
Commits on May 11, 2012
@carlosantoniodasilva carlosantoniodasilva Update performance profiler to work with latest ruby-prof, fix 3-1-st…
…able build
@drogus drogus Merge pull request #6261 from carlosantoniodasilva/fix-build-3-1
Fix build 3-1-stable
@arunagw arunagw Ruby-Prof works with 1.9.3. Let's run. 200d3da
@spastorino spastorino Merge pull request #6263 from arunagw/3-1-stable
3 1 stable
Commits on May 13, 2012
@guilleiguaran guilleiguaran Upgrade sprockets to 2.0.4 03e2895
@spastorino spastorino Merge pull request #6300 from guilleiguaran/upgrade-sprockets-3-1-stable
Upgrade sprockets to 2.0.4
@rafaelfranca rafaelfranca Merge pull request #3237 from sakuro/data-url-scheme
Support data: url scheme
Commits on May 28, 2012
@tenderlove tenderlove bumping to 3.1.5.rc1 bd8ee8c
Commits on May 29, 2012
@floehopper floehopper Exceptions like Interrupt should not be rescued in tests.
This is a back-port of rails/rails#6525. See the commit notes there for
@rafaelfranca rafaelfranca Merge pull request #6532 from freerange/3-1-stable-minitest-passthrou…

Exceptions like Interrupt should not be rescued in tests.
Commits on May 30, 2012
@tenderlove tenderlove predicate builder should not recurse for determining where columns.
Thanks to Ben Murphy for reporting this

@tenderlove tenderlove Strip [nil] from parameters hash.
Thanks to Ben Murphy for reporting this!

Commits on May 31, 2012
@tenderlove tenderlove Merge branch '3-1-stable-sec' into 3-1-rel
* 3-1-stable-sec:
  Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
  predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
@tenderlove tenderlove updating the CHANGELOG a7ed198
@tenderlove tenderlove bumping to 3.1.5 aa18c0c
@tenderlove tenderlove Merge branch '3-1-stable-sec' into 3-1-stable
* 3-1-stable-sec:
  Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
  predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
@tenderlove tenderlove Merge branch '3-1-rel' into 3-1-stable
* 3-1-rel:
  bumping to 3.1.5
  updating the CHANGELOG
  bumping to 3.1.5.rc1
Commits on Jun 08, 2012
@ernie ernie Additional fix for CVE-2012-2661
While the patched PredicateBuilder in 3.1.5 prevents a user
from specifying a table name using the `table.column` format,
it doesn't protect against the nesting of hashes changing the
table context in the next call to build_from_hash. This fix
covers this case as well.
Commits on Jun 11, 2012
@tenderlove tenderlove Array parameters should not contain nil values. f4174ad
@kennyj kennyj Fix GH #3163. Should quote database on mysql/mysql2.



@kennyj kennyj Change the string to use in test case.

@rafaelfranca rafaelfranca Mysql and Mysql2 adapters accepts only two arguments in the tables 3e2c00a
@tenderlove tenderlove Merge branch '3-1-stable-sec' into 3-1-stable-rel
* 3-1-stable-sec:
  Array parameters should not contain nil values.
  Additional fix for CVE-2012-2661
@tenderlove tenderlove adding version number to changelogs 75d039f
@tenderlove tenderlove updating changelogs with security fixes bee42f3
@tenderlove tenderlove bumping version numbers 4e7d571
Commits on Jun 12, 2012
@tenderlove tenderlove updating changelogs 63dce16
Commits on Jun 14, 2012
@fxn fxn removes item in the Active Record CHANGELOG
That change to update_attribute was considered
to be too subtle and was reverted in 30ea923
just before Rails 3 shipped. Later we introduced
update_column (Rails 3.1).
@tenderlove tenderlove adding a test for #6459 28e744d
Commits on Jul 23, 2012
@tenderlove tenderlove updating changelog a4b8a7e
Commits on Jul 26, 2012
@tenderlove tenderlove * Do not convert digest auth strings to symbols. CVE-2012-3424 eb69ad2
@tenderlove tenderlove updating changelog with CVE 140a70a
@tenderlove tenderlove updating rails release date 6cf68d7
@tenderlove tenderlove bumping to 3.1.7 d314a48
Commits on Aug 07, 2012
@spastorino spastorino html_escape should escape single quotes d0c9759
Commits on Aug 09, 2012
@spastorino spastorino escape select_tag :prompt values
@spastorino spastorino Do not mark strip_tags result as html_safe
Thanks to Marek Labos & Nethemba

@spastorino spastorino Add CHANGELOG entries e8d78e7
@spastorino spastorino Bump to 3.1.8 38bf9cf
Commits on Aug 15, 2012
@carlosantoniodasilva carlosantoniodasilva Add html_escape note to CHANGELOG
This was added to all other branches, but 3-1 missed the entry.

3-0-stable: 954e262
3-2-stable: ae2383d
master: 5c07be5
@rafaelfranca rafaelfranca Remove warning when using html_escape with Ruby 1.9.
Closes #7323
Commits on Aug 17, 2012
@jonleighton jonleighton Use benchmark/ips to measure AR performance
This means we can more easily compare numbers, and we don't have to
specify a single N for all reports, which previously meant that some
tests were running many more/fewer iterations than necessary.

@jonleighton jonleighton Increase benchmark time to 20 seconds.
I think that 5 seconds was a bit low for our purposes.

Also enable it to be configured via env vars.

We also need to scale the number of records up/down depending on how
long we're running the benchmark for.

Commits on Aug 28, 2012
@fxn fxn CHANGELOGs are now per branch
Check 810a50d for the rationale.
@lifo lifo Ensure association preloading properly merges default scope and assoc…
…iation conditions
Commits on Oct 18, 2012
@rafaelfranca rafaelfranca Require ActionController::Railtie in the default middleware stack.
This will make possible to do a frameworkless initialization since the
the default middleware stack is self contained.
Commits on Dec 14, 2012
@tenderlove tenderlove test for 8018 92118e7
Commits on Dec 15, 2012
@tenderlove tenderlove do not install ruby-prof on Ruby 2.0 61776f5
@carlosantoniodasilva carlosantoniodasilva Update xml serialization tests to reflect a change in builder
Due to a change in builder, nil values now generates closed tags,
so instead of this:

    <pseudonyms nil=\"true\"></pseudonyms>

It generates this:

    <pseudonyms nil=\"true\"/>

Document this change in Rails so that people can track it down easily if

Changes in Active Model, Active Record and Active Support tests.

Cherry-pick of d65adc7, 77dd3be and 146eaf3. Fix build.
@carlosantoniodasilva carlosantoniodasilva Be a bit less conservative with mysql in adapter
This will allow the new mysql 2.9.0 to be used, fixing our test issues.
Commits on Dec 23, 2012
@tenderlove tenderlove updating changelogs fbe436b
@tenderlove tenderlove CVE-2012-5664 options hashes should only be extracted if there are ex…
…tra parameters
@tenderlove tenderlove bumping version to 3.1.9 f1e977c
Commits on Jan 08, 2013
@spastorino spastorino Avoid Rack security warning no secret provided
This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
@tenderlove tenderlove * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] …
…* dealing with empty hashes. Thanks Damien Mathieu

@jeremy jeremy CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. 8133a81
@tenderlove tenderlove bumping version a7dd0bb