Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deprecate using class level querying methods if the receiver scope regarded as leaked #35280

Merged
merged 2 commits into from Feb 15, 2019

Conversation

Projects
None yet
4 participants
@kamipo
Copy link
Member

commented Feb 15, 2019

This deprecates using class level querying methods if the receiver scope
regarded as leaked, since #32380 and #35186 may cause that silently
leaking information when people upgrade the app.

We need deprecation first before making those.

Revert "Merge pull request #35186 from kamipo/fix_leaking_scope_on_re…
…lation_create"

This reverts commit b67d5c6, reversing
changes made to 2e01836.

Reason: #35186 may cause that silently leaking information when people
upgrade the app.

We need deprecation first before making this.

@rails-bot rails-bot bot added the activerecord label Feb 15, 2019

@jeremy
Copy link
Member

left a comment

Tricky situation. Great fix!

@matthewd

This comment has been minimized.

Copy link
Member

commented Feb 15, 2019

What are the non-"leak" ways a scope can be set after this? Is it only explicit .scoping { .. }?

@kamipo

This comment has been minimized.

Copy link
Member Author

commented Feb 15, 2019

Yes, since .scoping { .. } is public API, I leaved the way as to inject the scope at global.

@kamipo

This comment has been minimized.

Copy link
Member Author

commented Feb 15, 2019

Maybe I don't get the point of "What are the non-"leak" ways a scope can be set after this?".

Can you expand about your concerned situation? @matthewd

@kamipo kamipo force-pushed the kamipo:deprecate_leaking_scope branch from 1f3713a to f86693c Feb 15, 2019

ActiveSupport::Deprecation.warn(<<~MSG.squish)
Class level methods will no longer inherit scoping from the scoped relation in Rails 6.1.
To continue using the scoped relation, pass it into the block directly.
To instead access the full set of models, as Rails 6.1 will, use `#{name}.unscoped`.

This comment has been minimized.

Copy link
@kamipo

kamipo Feb 15, 2019

Author Member

Reworded.

@kamipo kamipo force-pushed the kamipo:deprecate_leaking_scope branch 2 times, most recently from 18f0ca7 to 8a9e02c Feb 15, 2019

Deprecate using class level querying methods if the receiver scope re…
…garded as leaked

This deprecates using class level querying methods if the receiver scope
regarded as leaked, since #32380 and #35186 may cause that silently
leaking information when people upgrade the app.

We need deprecation first before making those.

@kamipo kamipo force-pushed the kamipo:deprecate_leaking_scope branch from 8a9e02c to 4c6171d Feb 15, 2019

@kamipo kamipo merged commit b414ca3 into rails:master Feb 15, 2019

2 checks passed

codeclimate All good!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@kamipo kamipo deleted the kamipo:deprecate_leaking_scope branch Feb 15, 2019

@kamipo kamipo restored the kamipo:deprecate_leaking_scope branch Feb 15, 2019

@kamipo kamipo deleted the kamipo:deprecate_leaking_scope branch Feb 15, 2019

@kamipo kamipo restored the kamipo:deprecate_leaking_scope branch Feb 15, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.