Hello community,
here is the log from the commit of package rubygem-devise for openSUSE:Factory
checked in at 2020-03-07 21:37:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-devise (Old)
and /work/SRC/openSUSE:Factory/.rubygem-devise.new.26092 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-devise"
Sat Mar 7 21:37:49 2020 rev:7 rq:773753 version:4.7.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-devise/rubygem-devise.changes
2019-04-01 12:37:01.109875526 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-devise.new.26092/rubygem-devise.changes
2020-03-07 21:37:52.244257248 +0100
@@ -1,0 +2,24 @@
+Mon Feb 10 14:27:39 UTC 2020 - Stephan Kulow <co...@suse.com>
+
+- updated to version 4.7.1
+ see installed CHANGELOG.md
+
+ ### 4.7.1 - 2019-09-06
+
+ * bug fixes
+ * Fix an edge case where records with a blank `confirmation_token` could
be confirmed (by @tegon)
+ * Fix typo inside `update_needs_confirmation` i18n key (by @lslm)
+
+ ### 4.7.0 - 2019-08-19
+
+ * enhancements
+ * Support Rails 6.0
+ * Update CI to rails 6.0.0.beta3 (by @tunnes)
+ * refactor method name to be more consistent (by @saiqulhaq)
+ * Fix rails 6.0.rc1 email uniqueness validation deprecation warning (by
@Vasfed)
+
+ * bug fixes
+ * Add `autocomplete="new-password"` to `password_confirmation` fields (by
@ferrl)
+ * Fix rails_51_and_up? method for Rails 6.rc1 (by @igorkasyanchuk)
+
+-------------------------------------------------------------------
Old:
----
devise-4.6.2.gem
New:
----
devise-4.7.1.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-devise.spec ++++++
--- /var/tmp/diff_new_pack.FF9HfR/_old 2020-03-07 21:37:53.648258196 +0100
+++ /var/tmp/diff_new_pack.FF9HfR/_new 2020-03-07 21:37:53.648258196 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-devise
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-devise
-Version: 4.6.2
+Version: 4.7.1
Release: 0
%define mod_name devise
%define mod_full_name %{mod_name}-%{version}
@@ -32,7 +32,7 @@
BuildRequires: %{ruby >= 2.1.0}
BuildRequires: %{rubygem gem2rpm}
BuildRequires: ruby-macros >= 5
-Url: https://github.com/plataformatec/devise
+URL: https://github.com/plataformatec/devise
Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1: gem2rpm.yml
Summary: Flexible authentication solution for Rails with Warden
++++++ devise-4.6.2.gem -> devise-4.7.1.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md 2019-03-26 17:51:02.000000000 +0100
+++ new/CHANGELOG.md 2019-09-06 19:02:57.000000000 +0200
@@ -1,5 +1,23 @@
### Unreleased
+### 4.7.1 - 2019-09-06
+
+* bug fixes
+ * Fix an edge case where records with a blank `confirmation_token` could be
confirmed (by @tegon)
+ * Fix typo inside `update_needs_confirmation` i18n key (by @lslm)
+
+### 4.7.0 - 2019-08-19
+
+* enhancements
+ * Support Rails 6.0
+ * Update CI to rails 6.0.0.beta3 (by @tunnes)
+ * refactor method name to be more consistent (by @saiqulhaq)
+ * Fix rails 6.0.rc1 email uniqueness validation deprecation warning (by
@Vasfed)
+
+* bug fixes
+ * Add `autocomplete="new-password"` to `password_confirmation` fields (by
@ferrl)
+ * Fix rails_51_and_up? method for Rails 6.rc1 (by @igorkasyanchuk)
+
### 4.6.2 - 2019-03-26
* bug fixes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2019-03-26 17:51:02.000000000 +0100
+++ new/README.md 2019-09-06 19:02:57.000000000 +0200
@@ -174,7 +174,7 @@
* Michael Hartl's online book:
https://www.railstutorial.org/book/modeling_users
* Ryan Bates' Railscast:
http://railscasts.com/episodes/250-authentication-from-scratch
-* Codecademy's Ruby on Rails: Authentication and Authorization:
http://www.codecademy.com/en/learn/rails-auth
+* Codecademy's Ruby on Rails: Authentication and Authorization:
https://www.codecademy.com/learn/rails-auth
Once you have solidified your understanding of Rails and authentication
mechanisms, we assure you Devise will be very pleasant to work with. :smiley:
@@ -732,6 +732,6 @@
## License
-MIT License. Copyright 2009-2018 Plataformatec. http://plataformatec.com.br
+MIT License. Copyright 2009-2019 Plataformatec. http://plataformatec.com.br
You are not granted rights or licenses to the trademarks of Plataformatec,
including without limitation the Devise name or logo.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/app/views/devise/passwords/edit.html.erb
new/app/views/devise/passwords/edit.html.erb
--- old/app/views/devise/passwords/edit.html.erb 2019-03-26
17:51:02.000000000 +0100
+++ new/app/views/devise/passwords/edit.html.erb 2019-09-06
19:02:57.000000000 +0200
@@ -14,7 +14,7 @@
<div class="field">
<%= f.label :password_confirmation, "Confirm new password" %><br />
- <%= f.password_field :password_confirmation, autocomplete: "off" %>
+ <%= f.password_field :password_confirmation, autocomplete: "new-password"
%>
</div>
<div class="actions">
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/locales/en.yml new/config/locales/en.yml
--- old/config/locales/en.yml 2019-03-26 17:51:02.000000000 +0100
+++ new/config/locales/en.yml 2019-09-06 19:02:57.000000000 +0200
@@ -42,7 +42,7 @@
signed_up_but_inactive: "You have signed up successfully. However, we
could not sign you in because your account is not yet activated."
signed_up_but_locked: "You have signed up successfully. However, we
could not sign you in because your account is locked."
signed_up_but_unconfirmed: "A message with a confirmation link has been
sent to your email address. Please follow the link to activate your account."
- update_needs_confirmation: "You updated your account successfully, but
we need to verify your new email address. Please check your email and follow
the confirm link to confirm your new email address."
+ update_needs_confirmation: "You updated your account successfully, but
we need to verify your new email address. Please check your email and follow
the confirmation link to confirm your new email address."
updated: "Your account has been updated successfully."
updated_but_not_signed_in: "Your account has been updated successfully,
but since your password was changed, you need to sign in again"
sessions:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/devise/failure_app.rb
new/lib/devise/failure_app.rb
--- old/lib/devise/failure_app.rb 2019-03-26 17:51:02.000000000 +0100
+++ new/lib/devise/failure_app.rb 2019-09-06 19:02:57.000000000 +0200
@@ -153,7 +153,7 @@
# We need to add the rootpath to `script_name` manually for applications
that use a Rails
# version lower than 5.1. Otherwise, it is going to generate a wrong
path for Engines
# that use Devise. Remove it when the support of Rails 5.0 is droped.
- elsif root_path_defined?(context) && rails_5_and_down?
+ elsif root_path_defined?(context) && !rails_51_and_up?
rootpath = context.routes.url_helpers.root_path
opts[:script_name] = rootpath.chomp('/') if rootpath.length > 1
end
@@ -278,14 +278,8 @@
defined?(context.routes) &&
context.routes.url_helpers.respond_to?(:root_path)
end
- def rails_5_and_down?
- return false if rails_5_up?
-
- Rails::VERSION::MAJOR >= 4
- end
-
- def rails_5_up?
- Rails::VERSION::MAJOR >= 5 && Rails::VERSION::MINOR > 0
+ def rails_51_and_up?
+ Rails.gem_version >= Gem::Version.new("5.1")
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/devise/models/authenticatable.rb
new/lib/devise/models/authenticatable.rb
--- old/lib/devise/models/authenticatable.rb 2019-03-26 17:51:02.000000000
+0100
+++ new/lib/devise/models/authenticatable.rb 2019-09-06 19:02:57.000000000
+0200
@@ -1,6 +1,5 @@
# frozen_string_literal: true
-require 'active_model/version'
require 'devise/hooks/activatable'
require 'devise/hooks/csrf_cleaner'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/devise/models/confirmable.rb
new/lib/devise/models/confirmable.rb
--- old/lib/devise/models/confirmable.rb 2019-03-26 17:51:02.000000000
+0100
+++ new/lib/devise/models/confirmable.rb 2019-09-06 19:02:57.000000000
+0200
@@ -348,7 +348,19 @@
# If the user is already confirmed, create an error for the user
# Options must have the confirmation_token
def confirm_by_token(confirmation_token)
+ # When the `confirmation_token` parameter is blank, if there are any
users with a blank
+ # `confirmation_token` in the database, the first one would be
confirmed here.
+ # The error is being manually added here to ensure no users are
confirmed by mistake.
+ # This was done in the model for convenience, since validation
errors are automatically
+ # displayed in the view.
+ if confirmation_token.blank?
+ confirmable = new
+ confirmable.errors.add(:confirmation_token, :blank)
+ return confirmable
+ end
+
confirmable = find_first_by_auth_conditions(confirmation_token:
confirmation_token)
+
unless confirmable
confirmation_digest = Devise.token_generator.digest(self,
:confirmation_token, confirmation_token)
confirmable =
find_or_initialize_with_error_by(:confirmation_token, confirmation_digest)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/devise/models/validatable.rb
new/lib/devise/models/validatable.rb
--- old/lib/devise/models/validatable.rb 2019-03-26 17:51:02.000000000
+0100
+++ new/lib/devise/models/validatable.rb 2019-09-06 19:02:57.000000000
+0200
@@ -30,7 +30,7 @@
base.class_eval do
validates_presence_of :email, if: :email_required?
if Devise.activerecord51?
- validates_uniqueness_of :email, allow_blank: true, if:
:will_save_change_to_email?
+ validates_uniqueness_of :email, allow_blank: true, case_sensitive:
true, if: :will_save_change_to_email?
validates_format_of :email, with: email_regexp, allow_blank:
true, if: :will_save_change_to_email?
else
validates_uniqueness_of :email, allow_blank: true, if:
:email_changed?
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/devise/rails/routes.rb
new/lib/devise/rails/routes.rb
--- old/lib/devise/rails/routes.rb 2019-03-26 17:51:02.000000000 +0100
+++ new/lib/devise/rails/routes.rb 2019-09-06 19:02:57.000000000 +0200
@@ -135,10 +135,10 @@
# * failure_app: a rack app which is invoked whenever there is a failure.
Strings representing a given
# are also allowed as parameter.
#
- # * sign_out_via: the HTTP method(s) accepted for the :sign_out action
(default: :get),
+ # * sign_out_via: the HTTP method(s) accepted for the :sign_out action
(default: :delete),
# if you wish to restrict this to accept only :post or :delete requests
you should do:
#
- # devise_for :users, sign_out_via: [:post, :delete]
+ # devise_for :users, sign_out_via: [:get, :post]
#
# You need to make sure that your sign_out controls trigger a request
with a matching HTTP method.
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/devise/version.rb new/lib/devise/version.rb
--- old/lib/devise/version.rb 2019-03-26 17:51:02.000000000 +0100
+++ new/lib/devise/version.rb 2019-09-06 19:02:57.000000000 +0200
@@ -1,5 +1,5 @@
# frozen_string_literal: true
module Devise
- VERSION = "4.6.2".freeze
+ VERSION = "4.7.1".freeze
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/lib/generators/templates/simple_form_for/passwords/edit.html.erb
new/lib/generators/templates/simple_form_for/passwords/edit.html.erb
--- old/lib/generators/templates/simple_form_for/passwords/edit.html.erb
2019-03-26 17:51:02.000000000 +0100
+++ new/lib/generators/templates/simple_form_for/passwords/edit.html.erb
2019-09-06 19:02:57.000000000 +0200
@@ -13,7 +13,10 @@
autofocus: true,
hint: ("#{@minimum_password_length} characters minimum" if
@minimum_password_length),
input_html: { autocomplete: "new-password" } %>
- <%= f.input :password_confirmation, label: "Confirm your new password",
required: true %>
+ <%= f.input :password_confirmation,
+ label: "Confirm your new password",
+ required: true,
+ input_html: { autocomplete: "new-password" } %>
</div>
<div class="form-actions">
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2019-03-26 17:51:02.000000000 +0100
+++ new/metadata 2019-09-06 19:02:57.000000000 +0200
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: devise
version: !ruby/object:Gem::Version
- version: 4.6.2
+ version: 4.7.1
platform: ruby
authors:
- José Valim
@@ -9,7 +9,7 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2019-03-26 00:00:00.000000000 Z
+date: 2019-09-06 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: warden
@@ -60,9 +60,6 @@
- - ">="
- !ruby/object:Gem::Version
version: 4.1.0
- - - "<"
- - !ruby/object:Gem::Version
- version: '6.0'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
@@ -70,9 +67,6 @@
- - ">="
- !ruby/object:Gem::Version
version: 4.1.0
- - - "<"
- - !ruby/object:Gem::Version
- version: '6.0'
- !ruby/object:Gem::Dependency
name: responders
requirement: !ruby/object:Gem::Requirement
@@ -223,8 +217,7 @@
- !ruby/object:Gem::Version
version: '0'
requirements: []
-rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 3.0.6
signing_key:
specification_version: 4
summary: Flexible authentication solution for Rails with Warden
