activerecord 3.1.5.rc1 → 3.1.5

data/CHANGELOG.md

@@ -1,3 +1,14 @@
+## Rails 3.1.5 (May 31, 2012) ##
+
+*   Fix type_to_sql with text and limit on mysql/mysql2. Fix GH #3931.
+
+*   only log an error if there is a logger. fixes #5226
+
+*   fix activerecord query_method regression with offset into Fixnum
+
+*   predicate builder should not recurse for determining where columns.
+    Thanks to Ben Murphy for reporting this! CVE-2012-2661
+
 ## Rails 3.1.4 (unreleased) ##
 
 *   Fix a custom primary key regression *GH 3987*

data/lib/active_record/associations/association_scope.rb

@@ -87,7 +87,7 @@ module ActiveRecord
 
             conditions.each do |condition|
               if options[:through] && condition.is_a?(Hash)
-                condition = { table.name => condition }
+                condition = disambiguate_condition(table, condition)
               end
 
               scope = scope.where(interpolate(condition))
@@ -126,6 +126,21 @@ module ActiveRecord
         end
       end
 
+      def disambiguate_condition(table, condition)
+        if condition.is_a?(Hash)
+          Hash[
+            condition.map do |k, v|
+              if v.is_a?(Hash)
+                [k, v]
+              else
+                [table.table_alias || table.name, { k => v }]
+              end
+            end
+          ]
+        else
+          condition
+        end
+      end
     end
   end
 end

data/lib/active_record/relation/predicate_builder.rb

@@ -1,16 +1,16 @@
 module ActiveRecord
   class PredicateBuilder # :nodoc:
-    def self.build_from_hash(engine, attributes, default_table)
+    def self.build_from_hash(engine, attributes, default_table, check_column = true)
       predicates = attributes.map do |column, value|
         table = default_table
 
         if value.is_a?(Hash)
           table = Arel::Table.new(column, engine)
-          build_from_hash(engine, value, table)
+          build_from_hash(engine, value, table, false)
         else
           column = column.to_s
 
-          if column.include?('.')
+          if check_column && column.include?('.')
             table_name, column = column.split('.', 2)
             table = Arel::Table.new(table_name, engine)
           end

data/lib/active_record/version.rb

@@ -3,7 +3,7 @@ module ActiveRecord
     MAJOR = 3
     MINOR = 1
     TINY  = 5
-    PRE   = "rc1"
+    PRE   = nil
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
   end

metadata

@@ -1,15 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: activerecord
 version: !ruby/object:Gem::Version 
-  hash: 1335462739
-  prerelease: 6
+  hash: 9
+  prerelease: 
   segments: 
   - 3
   - 1
   - 5
-  - rc
-  - 1
-  version: 3.1.5.rc1
+  version: 3.1.5
 platform: ruby
 authors: 
 - David Heinemeier Hansson
@@ -17,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-05-28 00:00:00 Z
+date: 2012-05-31 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: activesupport
@@ -27,14 +25,12 @@ dependencies:
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        hash: 1335462739
+        hash: 9
         segments: 
         - 3
         - 1
         - 5
-        - rc
-        - 1
-        version: 3.1.5.rc1
+        version: 3.1.5
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -45,14 +41,12 @@ dependencies:
     requirements: 
     - - "="
       - !ruby/object:Gem::Version 
-        hash: 1335462739
+        hash: 9
         segments: 
         - 3
         - 1
         - 5
-        - rc
-        - 1
-        version: 3.1.5.rc1
+        version: 3.1.5
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
@@ -248,14 +242,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version 
-      hash: 25
+      hash: 3
       segments: 
-      - 1
-      - 3
-      - 1
-      version: 1.3.1
+      - 0
+      version: "0"
 requirements: []
 
 rubyforge_project: