Commits

Show all
Author Commit Message Labels Comments Date
tenderlove
bumping to 3.2.4
Tags
v3.2.4
tenderlove
adding security notifications to CHANGELOGs
tenderlove
Merge branch '3-2-stable-sec' into 3-2-rel * 3-2-stable-sec: Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this! predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
tenderlove
updating changelogs
tenderlove
Merge pull request #6558 from parndt/fix_regression Fix regression
tenderlove
Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this! CVE-2012-2660
tenderlove
predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this CVE-2012-2661
tenderlove
bumping to 3.2.4.rc1
Tags
v3.2.4.rc1
Piotr Sarnacki
Fix railties_order when application object is passed railites_order method, introduced in 40b19e0, had a bug that was causing loading application instance twice in initializers if railties_order already included application instance. So for example railties_order = [Foo::Engine, :main_app, Bar::Engine] would result in such railties array: [MyApp::Application, Foo::Engine, MyAppApplication, Bar::Engine] In order to fix it, we need to chec…
José Valim
Merge pull request #6494 from pwim/no-memcache-require memcache require not needed for cache store
Brian Durand
remove unnecessary memcache equire in ActionDispatch::Session::CacheStore
Rafael Mendonça França
Merge pull request #5244 from fotos/myqsl2_wait_timeout Maximum wait_timeout on Windows is 2147483
Carlos Antonio
Merge pull request #5925 from Juanmcuello/pg_structure_dump Quote arguments in db:structure:dump for PostgreSQL.
tenderlove
Merge pull request #6467 from aselder/3-2-stable Synchronize the body of the ConnectionPool#release method to improve thread safety.
Andrew Selder
Synchronize the ConnectionPool#release method to avoid thread safety issues [#6464] Fixes #6464 Synchronize the contents of the release method in ConnectionPool due to errors when running in high concurrency environments. Detected invalid hash contents due to unsynchronized modifications with concurrent users org/jruby/RubyHash.java:1356:in `keys' /usr/local/rvm/gems/jruby-1.6.7@new_import/gems/activerecord-3.2.3/lib/a ctive_record/connection_adapters/abstract/connectio…
Juan Manuel Cuello
Use Shellwords to scape arguments in db:structure:dump for PostgreSQL. fixes #5913
Rafael Mendonça França
Merge pull request #6451 from chancancode/3-2-stable_restore_frozen_state_on_rollback Fixes the build break caused by 9ee8528 in #6445.
Godfrey Chan
Fixes the build break caused by 9ee8528 in #6445. Ruby 1.8 raises a TypeError when trying to modify a frozen Hash, while Ruby 1.9 raises a RuntimeError instead. Also, Ruby < 1.9.3 uses a lowercase 'hash' in the exception message while Ruby >= 1.9.3 uses an uppercase 'Hash' instead. This commit normalizes those issues in the test case.
Rafael Mendonça França
Merge pull request #6445 from chancancode/3-2-stable_restore_frozen_state_on_rollback Restore the frozen state on rollback. (Backports #6420)
Godfrey Chan
Restore the frozen state on rollback. Fixes #6417. This is a 3-2-stable backport for #6420 which was merged into master. Currently, when saving a frozen record, an exception would be thrown which causes a rollback. However, there is a bug in active record that "defrost" the record as a side effect: >> t = Topic.new => #<Topic id: nil, ...> >> t.freeze => #<Topic id: nil, ...> >> t.save RuntimeError: can't modify a frozen …
Piotr Sarnacki
Use require_dependency in generated controllers Using require in development mode will prevent required files from reloading, even if they're changed. In order to keep namespaced application_controller reloadable, we need to use require_dependency instead of require.
tenderlove
Merge pull request #6418 from pwnall/pgsql_bytea_limit3 Postgresql doesn't accept limits on binary (bytea) columns (for 3-2-stable)
Carlos Antonio
Merge pull request #6423 from lest/patch-2 assets: don't add extension if other given and file exists
Just Lest
Assets: don't add extension if other given and file exists We should lookup if asset without appended extension exists. When sprockets are disabled the asset tag helpers incorporate this logic. When sprockets are enabled we should have the same logic. For example, we have style.ext file in app/assets/stylesheets and we use stylesheet_link_tag in the layout. In this case we should have /assets/style.ext instead of /assets/style.ext.css in the output. Clo…
Victor Costan
Postgresql doesn't accept limits on binary (bytea) columns.
Piotr Sarnacki
More info on commit messages in contributing guide Add more info on how to write a good commit messages along with example showing nicely formatted commit message. Rails git history does not look too well when you try to figure out why particular changes were introduced. We can do much better than that and it's never too late to start.
Piotr Sarnacki
Fix generators to help with ambiguous `ApplicationController` issue In development mode, dependencies are loaded dynamically at runtime, using `const_missing`. Because of that, when one of the constants is already loaded and `const_missing` is not triggered, user can end up with unexpected results. Given such file in an Engine: ```ruby module Blog class PostsController < ApplicationController end end ``` If you load it first, before loading any application …
Rafael Mendonça França
Merge pull request #6410 from Bodacious/tag_helper_data_fix_3-2-stable TagHelper creates invalid data attributes when value is a BigDecimal
José Valim
Merge pull request #6407 from pinetops/565c1b0a0772ac6cf91c77e9285806f7b028614c Template concurrency fixes
Gavin Morrice
Fixed tag_helper data-attribute bug with BigDecimals
  1. Prev
  2. Next