- 30 3月, 2018 1 次提交
-
-
由 Derek Prior 提交于
Today there are two common ways for Rails developers to force their applications to communicate over HTTPS: * `config.force_ssl` is a setting in environment configurations that enables the `ActionDispatch::SSL` middleware. With this middleware enabled, all HTTP communication to your application will be redirected to HTTPS. The middleware also takes care of other best practices by setting HSTS headers, upgrading all cookies to secure only, etc. * The `force_ssl` controller method redirects HTTP requests to certain controllers to HTTPS. As a consultant, I've seen many applications with misconfigured HTTPS setups due to developers adding `force_ssl` to `ApplicationController` and not enabling `config.force_ssl`. With this configuration, many application requests can be served over HTTP such as assets, requests that hit mounted engines, etc. In addition, because cookies are not upgraded to secure only in this configuration and HSTS headers are not set, it's possible for cookies that are meant to be secure to be sent over HTTP. The confusion between these two methods of forcing HTTPS is compounded by the fact that they share an identical name. This makes finding documentation on the "right" method confusing. HTTPS throughout is quickly becomming table stakes for all web sites. Sites are expected to operate over HTTPS for all communication, sensitive or otherwise. Let's encourage use of the broader-reaching `ActionDispatch::SSL` middleware and elminate this source of user confusion. If, for some reason, applications need to expose certain endpoints over HTTP they can do so by properly configuring `config.ssl_options`.
-
- 26 3月, 2018 1 次提交
-
-
由 Isaac Orme 提交于
-
- 22 3月, 2018 1 次提交
-
-
由 David Stosik 提交于
This makes more sense, as the foreign key ignore pattern is only used by the schema dumper.
-
- 21 3月, 2018 1 次提交
-
-
由 David Stosik 提交于
-
- 19 3月, 2018 2 次提交
-
-
由 Brian Knight 提交于
If an explicit AWS key pair and/or region is not provided in config/storage.yml, attempt to use environment variables, shared credentials, or IAM role credentials. Order of precedence is determined by the AWS SDK[1]. [1]: https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html
-
由 bogdanvlviv 提交于
- Add mention about "nonce". Related to https://github.com/rails/rails/pull/32222#issuecomment-372268157
-
- 18 3月, 2018 2 次提交
-
-
由 bogdanvlviv 提交于
- Remove ``` * Namespace error pages' CSS selectors to stop the styles from bleeding into other pages when using Turbolinks. ([Pull Request](https://github.com/rails/rails/pull/28814)) ``` since it was backported to `5-1-stable` by 50d5baf7 and `5-0-stable` by d1c4a39e. - Remove ``` * Allow irb options to be passed from `rails console` command. ([Pull Request](https://github.com/rails/rails/pull/29010)) ``` since it was backported to `5-1-stable` by e91b4834. - Remove ``` * Load environment file in `dbconsole` command. ([Pull Request](https://github.com/rails/rails/pull/29725)) ``` since it was backported to `5-1-stable` by 7f934287. - Remove ``` * Gemfile for new apps: upgrade redis-rb from ~> 3.0 to 4.0. ([Pull Request](https://github.com/rails/rails/pull/30748)) ``` since it was backported to `5-1-stable` by 37895311. - Remove ``` * Fix minitest rails plugin. The custom reporters are added only if needed. This will fix conflicts with others plugins. ([Commit](https://github.com/rails/rails/commit/ac99916fcf7bf27bb1519d4f7387c6b4c5f0463d)) ``` since it was backported to `5-1-stable` by caa76956. - Remove ``` * Add support for compatibility with redis-rb gem for 4.0 version. ([Pull Request](https://github.com/rails/rails/pull/30748)) ``` since it was backported to `5-1-stable` by 37895311. - Remove ``` * Add `action_controller_api` and `action_controller_base` load hooks to be called in `ActiveSupport.on_load`. ([Pull Request](https://github.com/rails/rails/pull/28402)) ``` since it was backported to `5-1-stable` by b9a5fd70. - Remove ``` * `driven_by` now registers poltergeist and capybara-webkit. ([Pull Request](https://github.com/rails/rails/pull/29315)) ``` since it was backported to `5-1-stable` by c5dd4511. - Remove ``` * Fallback `ActionController::Parameters#to_s` to `Hash#to_s`. ([Pull Request](https://github.com/rails/rails/pull/29630)) ``` since it was backported to `5-1-stable` by c1014e43 and `5-0-stable` by 0e71fc30. - Remove ``` * Make `take_failed_screenshot` work within engine. ([Pull Request](https://github.com/rails/rails/pull/30421)) ``` since it was backported to `5-1-stable` by 595a2310. - Remove ``` * Fix optimized url helpers when using relative url root. ([Pull Request](https://github.com/rails/rails/pull/31261)) ``` since it was backported to `5-1-stable` by e9b77953. - Remove ``` * Update `distance_of_time_in_words` helper to display better error messages for bad input. ([Pull Request](https://github.com/rails/rails/pull/20701)) ``` since it was backported to `5-1-stable` by 2c97fbf6. - Remove ``` * Generate field ids in `collection_check_boxes` and `collection_radio_buttons`. ([Pull Request](https://github.com/rails/rails/pull/29412)) ``` since it was backported to `5-1-stable` by 2d8c10a7. - Remove ``` * Fix issues with scopes and engine on `current_page?` method. ([Pull Request](https://github.com/rails/rails/pull/29503)) ``` since it was backported to `5-1-stable` by 2135daf0. - Remove ``` * Bring back proc with arity of 1 in `ActionMailer::Base.default` proc since it was supported in Rails 5.0 but not deprecated. ([Pull Request](https://github.com/rails/rails/pull/30391)) ``` since it was backported to `5-1-stable` by b2bedb14. - Remove ``` * Add type caster to `RuntimeReflection#alias_name`. ([Pull Request](https://github.com/rails/rails/pull/28961)) ``` since it was backported to `5-1-stable` by f644e7a6. - Remove ``` * Loading model schema from database is now thread-safe. ([Pull Request](https://github.com/rails/rails/pull/29216)) ``` since it was backported to `5-1-stable` by 02926cff. and `5-0-stable` by 84bcfe5a - Remove ``` * Fix destroying existing object does not work well when optimistic locking enabled and `locking_column` is null in the database. ([Pull Request](https://github.com/rails/rails/pull/28926)) ``` since it was backported to `5-1-stable` by e498052c. - Remove ``` * `ActiveRecord::Persistence#touch` does not work well when optimistic locking enabled and `locking_column`, without default value, is null in the database. ([Pull Request](https://github.com/rails/rails/pull/28914)) ``` since it was backported to `5-1-stable` by 1e2f63db. - Remove ``` * Previously, when building records using a `has_many :through` association, if the child records were deleted before the parent was saved, they would still be persisted. Now, if child records are deleted before the parent is saved on a `has_many :through` association, the child records will not be persisted. ([Pull Request](https://github.com/rails/rails/pull/29593)) ``` since it was backported to `5-1-stable` by a22c39e9. - Remove ``` * Query cache was unavailable when entering the `ActiveRecord::Base.cache` block without being connected. ([Pull Request](https://github.com/rails/rails/pull/29609)) ``` since it was backported to `5-1-stable` by fd6c8cdf and `5-0-stable` by 9f2532bb. - Remove ``` * `Relation#joins` is no longer affected by the target model's `current_scope`, with the exception of `unscoped`. ([Commit](https://github.com/rails/rails/commit/5c71000d086cc42516934415b79380c2224e1614)) ``` since it was backported to `5-1-stable` by 3630d635. - Remove ``` * Fix `unscoped(where: [columns])` removing the wrong bind values. ([Pull Request](https://github.com/rails/rails/pull/29780)) ``` since it was backported to `5-1-stable` by d378fcb2. - Remove ``` * When a `has_one` association is destroyed by `dependent: destroy`, `destroyed_by_association` will now be set to the reflection, matching the behaviour of `has_many` associations. ([Pull Request](https://github.com/rails/rails/pull/29855)) ``` since it was backported to `5-1-stable` by 8254a8be. - Remove ``` * Fix `COUNT(DISTINCT ...)` with `ORDER BY` and `LIMIT` to keep the existing select list. ([Pull Request](https://github.com/rails/rails/pull/29848)) ``` since it was backported to `5-1-stable` by 0e8d4edd. - Remove ``` * Ensure `sum` honors `distinct` on `has_many :through` associations. ([Commit](https://github.com/rails/rails/commit/566f1fd068711dfe557bef63406f8dd6d41d473d)) ``` since it was backported to `5-1-stable` by c0a1dc25. - Remove ``` * Fix `COUNT(DISTINCT ...)` for `GROUP BY` with `ORDER BY` and `LIMIT`. ([Commit](https://github.com/rails/rails/commit/5668dc6b1863ef43be8f8ef0fb1d5db913085fb3)) ``` since it was backported to `5-1-stable` by 87ca68e7. - Remove ``` * MySQL: Don't lose `auto_increment: true` in the `db/schema.rb`. ([Commit](https://github.com/rails/rails/commit/9493d4553569118b2a85da84fd3a8ba2b5b2de76)) ``` since it was backported to `5-1-stable` by 8b6e694e. - Remove ``` * Fix longer sequence name detection for serial columns. ([Pull Request](https://github.com/rails/rails/pull/28339)) ``` since it was backported to `5-1-stable` by af9c1707 and `5-0-stable` by 7025b1d8. - Remove ``` * Fix `bin/rails db:setup` and `bin/rails db:test:prepare` create wrong ar_internal_metadata's data for a test database. ([Pull Request](https://github.com/rails/rails/pull/30579)) ``` since it was backported to `5-1-stable` by bb67b5f2 and `5-0-stable` by 60437e6d. - Remove ``` * Fix conflicts `counter_cache` with `touch: true` by optimistic locking. ([Pull Request](https://github.com/rails/rails/pull/31405)) ``` since it was backported to `5-1-stable` by 5236ddaf. - Remove ``` * Fix `count(:all)` to correctly work `distinct` with custom SELECT list. ([Commit](https://github.com/rails/rails/commit/c6cd9a59f200863ccfe8ad1d9c5a8876c39b9c5c)) ``` since it was backported to `5-1-stable` by 6beb4de7. - Remove ``` * Fix to invoke callbacks when using `update_attribute`. ([Commit](https://github.com/rails/rails/commit/732aa34b6e6459ad66a3d3ad107cfff75cc45160)) ``` since it was backported to `5-1-stable` by 6346683b. - Remove ``` * Use `count(:all)` in `HasManyAssociation#count_records` to prevent invalid SQL queries for association counting. ([Pull Request](https://github.com/rails/rails/pull/27561)) ``` since it was backported to `5-1-stable` by eef3c89e. - Remove ``` * Fix `count(:all)` with eager loading and having an order other than the driving table. ([Commit](https://github.com/rails/rails/commit/ebc09ed9ad9a04338138739226a1a92c7a2707ee)) ``` since it was backported to `5-1-stable` by 6df9b69b. - Remove ``` * PostgreSQL: Allow pg-1.0 gem to be used with Active Record. ([Pull Request](https://github.com/rails/rails/pull/31671)) ``` since it was backported to `5-1-stable` by a9c06f61. - Remove ``` * Fix that after commit callbacks on update does not triggered when optimistic locking is enabled. ([Commit](https://github.com/rails/rails/commit/7f9bd034c485c2425ae0164ff5d6374834e3aa1d)) ``` since it was backported to `5-1-stable` by aaee10e6. - Remove ``` * Fix regression in numericality validator when comparing Decimal and Float input values with more scale than the schema. ([Pull Request](https://github.com/rails/rails/pull/28584)) ``` since it was backported to `5-1-stable` by 5b1c3e5a. Note that there was incorrect link to PR, original PR is https://github.com/rails/rails/pull/29249. - Remove ``` * Fix to working before/after validation callbacks on multiple contexts. ([Pull Request](https://github.com/rails/rails/pull/31483)) ``` since it was backported to `5-1-stable` by 0f7046a7. - Remove ``` * Fix implicit coercion calculations with scalars and durations. ([Pull Request](https://github.com/rails/rails/pull/29163), [Pull Request](https://github.com/rails/rails/pull/29971)) ``` since it was backported to `5-1-stable` by 51ea27c0, 4d82e2aa. - Remove ``` * Fix modulo operations involving durations. ([Commit](https://github.com/rails/rails/commit/a54e13bd2e8fb4d6aa0aebe59271699a2d62567b)) ``` since it was backported to `5-1-stable` by 233fa7ea. - Remove ``` * Return all mappings for a timezone identifier in `country_zones`. ([Commit](https://github.com/rails/rails/commit/cdce6a709e1cbc98fff009effc3b1b3ce4c7e8db)) ``` since it was backported to `5-1-stable` by 0222ebbe. - Remove ``` * Add support for compatibility with redis-rb gem for 4.0 version. ([Pull Request](https://github.com/rails/rails/pull/30748)) ``` since it was backported to `5-1-stable` by 37895311. Related to #32252. Related to #32222, https://github.com/rails/rails/pull/32222#discussion_r174256536. Follow up a489cc81.
-
由 Stefan Wrobel 提交于
-
- 17 3月, 2018 1 次提交
-
-
由 ef718 提交于
-
- 16 3月, 2018 1 次提交
-
-
由 Jon Evans 提交于
`it's` -> `its`
-
- 14 3月, 2018 2 次提交
-
-
由 bogdanvlviv 提交于
Add section "Expiry in signed or encrypted cookie is now embedded in the cookies values" to `master` since it should always be in the guides, not only for version 5.2. Add info about `config.action_dispatch.use_authenticated_cookie_encryption` to the "Configuring Rails Applications" guide. It was committed straight to `5-2-stable` since we don't need this functionality in 6.0. Related to b25fcbc0.
-
由 Yuji Yaginuma 提交于
-
- 13 3月, 2018 2 次提交
-
-
由 bogdanvlviv 提交于
- Add a description of major features in Rails 5.2. - Add a reference to Pull Request/Commit to every entry in CHANGELOGs, note that some of them combined. - Add section "Ruby on Rails Guides" with notable changes. - Note that - Skipped this since encrypted secrets are already on the way out. ``` * Add `rails secrets:show` command. ([Pull Request](https://github.com/rails/rails/pull/29695)) ``` - Skipped this since it was backported all the way to 5-0-stable. ``` * Make Rails' test runner work better with minitest plugins. ([Pull Request](https://github.com/rails/rails/pull/29572)) ``` Thanks to everyone who has been working on Rails 5.2! <3
-
由 Andrew White 提交于
The Active Storage service for Azure Storage has an option called `path` that is ambiguous in meaning. It needs to be set to the primary blob storage endpoint but that can be determined from the blobs client anyway. To simplify the configuration this commit removes the `path` option and gets the endpoint from the blobs client instead. Closes #32225.
-
- 12 3月, 2018 3 次提交
-
-
由 Kasper Timm Hansen 提交于
-
由 Andrew White 提交于
Closes #32219.
-
由 Yauheni Dakuka 提交于
-
- 09 3月, 2018 2 次提交
-
-
由 Chris Salzberg 提交于
* Remove reference to Globalize::Backend::Static as this class no longer exists. * Remove reference to google group * Remove confusing reference to Globalize3 * Add section on translating stored content
-
由 Dharam Gollapudi 提交于
Fixes a typo
-
- 06 3月, 2018 1 次提交
-
-
由 George Claghorn 提交于
Fixes #32129.
-
- 04 3月, 2018 1 次提交
-
-
由 Yauheni Dakuka 提交于
-
- 03 3月, 2018 1 次提交
-
-
由 yuuji.yaginuma 提交于
Ruby 2.4+ provides `Hash#compact` and `Hash#compact!` natively, so `active_support/core_ext/hash/compact` is no longer necessary.
-
- 01 3月, 2018 1 次提交
-
-
由 Benoit Tigeot 提交于
When using rails routes with small terminal or complicated routes it can be very difficult to understand where is the element listed in header. psql had the same issue, that's why they created "expanded mode" you can switch using `\x` or by starting psql with ``` -x --expanded Turn on the expanded table formatting mode. This is equivalent to the \x command. ``` The output is similar to one implemented here for rails routes: db_user-# \du List of roles -[ RECORD 1 ]---------------------------------------------- Role name | super Attributes | Superuser, Create role, Create DB Member of | {} -[ RECORD 2 ]---------------------------------------------- Role name | role Attributes | Superuser, Create role, Create DB, Replication Member of | {}
-
- 27 2月, 2018 2 次提交
-
-
由 Andrew White 提交于
With the disabling of TLS 1.0 by most major websites, continuing to run IE8 or lower becomes increasingly difficult so default to not enforcing UTF-8 encoding as it's not relevant to other browsers.
-
- 26 2月, 2018 1 次提交
-
-
由 Avneet Singh Malhotra 提交于
-
- 21 2月, 2018 1 次提交
-
-
由 Andrew White 提交于
-
- 18 2月, 2018 5 次提交
-
-
由 fatkodima 提交于
-
由 Brian Kephart 提交于
-
由 Jeremy Daer 提交于
Skipping over 2.4.0 to sidestep the `"symbol_from_string".to_sym.dup` bug. References #32028
-
由 Eddie Lebow 提交于
Closes #31998
-
由 Jeremy Daer 提交于
-
- 17 2月, 2018 2 次提交
-
-
由 bogdanvlviv 提交于
Add `:nodoc:` to `ActiveJob::Serializers` Add `:doc:` to `ActiveJob::Serializers::ObjectSerializer#klass` Express `ActiveJob::Serializers::ObjectSerializer#klass` as private method
-
由 yuuji.yaginuma 提交于
-
- 16 2月, 2018 2 次提交
-
-
由 eileencodes 提交于
Provides both a forked process and threaded parallelization options. To use add `parallelize` to your test suite. Takes a `workers` argument that controls how many times the process is forked. For each process a new database will be created suffixed with the worker number; test-database-0 and test-database-1 respectively. If `ENV["PARALLEL_WORKERS"]` is set the workers argument will be ignored and the environment variable will be used instead. This is useful for CI environments, or other environments where you may need more workers than you do for local testing. If the number of workers is set to `1` or fewer, the tests will not be parallelized. The default parallelization method is to fork processes. If you'd like to use threads instead you can pass `with: :threads` to the `parallelize` method. Note the threaded parallelization does not create multiple database and will not work with system tests at this time. parallelize(workers: 2, with: :threads) The threaded parallelization uses Minitest's parallel exector directly. The processes paralleliztion uses a Ruby Drb server. For parallelization via threads a setup hook and cleanup hook are provided. ``` class ActiveSupport::TestCase parallelize_setup do |worker| # setup databases end parallelize_teardown do |worker| # cleanup database end parallelize(workers: 2) end ``` [Eileen M. Uchitelle, Aaron Patterson]
-
由 Jeremy Prevost 提交于
Documents ActiveStorage file cleanup in Integration Tests which is similar but slightly different than the existing docs for System Tests.
-
- 15 2月, 2018 4 次提交
-
-
由 Yauheni Dakuka 提交于
-
由 Rafael Mendonça França 提交于
We can speed up things for the supported types by keeping the code in the way it was. We can also avoid to loop trough all serializers in the deserialization by trying to access the class already in the Hash. We could also speed up the custom serialization if we define the class that is going to be serialized when registering the serializers, but that will remove the possibility of defining a serialzer for a superclass and have the subclass serialized using it.
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
-