Fix user creation with stronger minimum password requirements:q

64883faa · Nathan Bush · 26b95777 · 64883faa · 64883faa
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

CHANGELOG CHANGELOG +1 -0

app/models/user.rb app/models/user.rb +1 -1

未找到文件。
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -6,6 +6,7 @@ v 8.10.0 (unreleased)
  - Fix MR-auto-close text added to description. !4836
  - Fix pagination when sorting by columns with lots of ties (like priority)
  - Implement Subresource Integrity for CSS and JavaScript assets. This prevents malicious assets from loading in the case of a CDN compromise.
+  - Fix user creation with stronger minimum password requirements !4054 (nathan-pmt)

 v 8.9.1
  - Fix GitLab project import issues related to notes and builds

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -308,7 +308,7 @@ class User < ActiveRecord::Base

  def generate_password
    if self.force_random_password
-      self.password = self.password_confirmation = Devise.friendly_token.first(8)
+      self.password = self.password_confirmation = Devise.friendly_token.first(Devise.password_length.min)
    end
  end