clearance 1.17.0 → 2.0.0.beta1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3d2b65ce30d78d380c94d95fc6fa32f1fa4340a145f6e33573ad746f5da4600e
-  data.tar.gz: a8b154b5ccfed1470fcc29155f3f57c676571539f9794c5b9a32ef2b3f4b8a20
+  metadata.gz: 4f79f5aa24e81ddb8b9fc746a557db5bcf7770e17ee52f758c070656afda4434
+  data.tar.gz: c8bfc11a5c5b3e4035aaa4fb118dd24f45a72e148499ed935a15c2a5fb4764dd
 SHA512:
-  metadata.gz: 7ec8917dc40e39108f0ceb7333d8968d31d2cfa5d902ad1fc533a85fcc98b10d0665bd84484256ff9a3e3114f4c8d27c7bdad24c70cf72c63f6dfc3d151bac2f
-  data.tar.gz: 839701911aea43402b13d2d4ea84f13d904ccf1576a7d9bc913eeac2f48a992a08e57c0859aceb04764afc927425852f18084c0638978937db974449a5f25b4b
+  metadata.gz: af3771ef9f0981c1666f01b8dad6271e61cd1ed7a13d8268f9214827682c6ba1da9e6c0fac1c81cfa89f71b44dde927d3f71b829324a6c3794b0c90e66f6c8f1
+  data.tar.gz: 8f69cf0a50f4064a120f8e63a9c80e0ebdf5aa69be0fc68998bbe6e4e73b14ba78789c1bdd28c3f7c3c02623135036189c764d7bd6c93a8125767cebd09cf458

data/.travis.yml

@@ -5,9 +5,9 @@ language:
 
 rvm:
   - 2.3.8
-  - 2.4.5
-  - 2.5.3
-  - 2.6.1
+  - 2.4.6
+  - 2.5.5
+  - 2.6.2
 
 gemfile:
   - gemfiles/rails_4.2.gemfile
@@ -29,6 +29,6 @@ branches:
 matrix:
   allow_failures:
     - gemfile: gemfiles/rails_4.2.gemfile
-      rvm: 2.6.1
+      rvm: 2.6.2
 
 sudo: false

data/Gemfile

@@ -3,15 +3,14 @@ source 'https://rubygems.org'
 gemspec
 
 gem 'addressable', '~> 2.6.0'
-gem 'appraisal'
 gem 'ammeter'
-gem 'bundler', '~> 1.3'
+gem 'appraisal'
 gem 'capybara', '>= 2.6.2'
 gem 'database_cleaner', '~> 1.0'
 gem 'factory_bot_rails', '~> 5.0'
 gem 'nokogiri', '~> 1.10.0'
-gem 'rspec-rails', '~> 3.1'
+gem 'pry', require: false
+gem 'rspec-rails', '~> 3.5'
 gem 'shoulda-matchers', '~> 4.0'
 gem 'sqlite3', '~> 1.3.13'
 gem 'timecop', '~> 0.6'
-gem 'pry', require: false

data/Gemfile.lock

@@ -1,13 +1,13 @@
 PATH
   remote: .
   specs:
-    clearance (1.17.0)
-      actionmailer (>= 3.1)
-      activemodel (>= 3.1)
-      activerecord (>= 3.1)
+    clearance (2.0.0.beta1)
+      actionmailer (>= 4.2)
+      activemodel (>= 4.2)
+      activerecord (>= 4.2)
       bcrypt
       email_validator (~> 1.4)
-      railties (>= 3.1)
+      railties (>= 4.2)
 
 GEM
   remote: https://rubygems.org/
@@ -58,7 +58,7 @@ GEM
     arel (9.0.0)
     bcrypt (3.1.12)
     builder (3.2.3)
-    capybara (3.16.1)
+    capybara (3.16.2)
       addressable
       mini_mime (>= 0.1.3)
       nokogiri (~> 1.8)
@@ -149,14 +149,13 @@ DEPENDENCIES
   addressable (~> 2.6.0)
   ammeter
   appraisal
-  bundler (~> 1.3)
   capybara (>= 2.6.2)
   clearance!
   database_cleaner (~> 1.0)
   factory_bot_rails (~> 5.0)
   nokogiri (~> 1.10.0)
   pry
-  rspec-rails (~> 3.1)
+  rspec-rails (~> 3.5)
   shoulda-matchers (~> 4.0)
   sqlite3 (~> 1.3.13)
   timecop (~> 0.6)

data/NEWS.md

@@ -3,6 +3,21 @@
 The noteworthy changes for each Clearance version are included here. For a
 complete changelog, see the git history for each version via the version links.
 
+## [2.0.0.beta1] - April 12, 2019
+
+### Removed
+
+- Removed support for Ruby versions older than 2.3
+- Removed support for Rails versions older than 4.2
+- Removed all deprecated code from Clearance 1.x
+
+### Changed
+
+- Flash messages now use `flash[:alert]` rather than `flash[:notice]` as they
+  were used as errors more often than notices.
+
+[2.0.0.beta1]: https://github.com/thoughtbot/clearance/compare/v1.17.0...v2.0.0.beta1
+
 ## [1.17.0] - April 11, 2019
 
 ### Changed
@@ -17,11 +32,13 @@ complete changelog, see the git history for each version via the version links.
 ## [1.16.2] - February 25, 2019
 
 ### Fixed
+
 - Added missing translation keys
 - Fix issue where a cookie value could be set more than once when interacting
   with the `httponly` option
 
 ### Changed
+
 - Remove Rails as a dependency so that clearance does not trigger a cascade of
   requirements as rails pulls in every framework. Instead, depend on just the
   frameworks relevant to Clearance.
@@ -32,6 +49,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.16.1] - November 2, 2017
 
 ### Fixed
+
 - Fixed issue where tokens from abandoned password reset attempts were stored in
   the session, preventing newly generated password reset tokens from working.
 - Improve compatibility with Rails API projects by calling `helper_method` only
@@ -46,6 +64,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.16.0] - January 16, 2017
 
 ### Security
+
 - Clearance users can now help prevent [session fixation attacks] by setting
   `Clearance.configuration.rotate_csrf_on_sign_in` to `true`. This will cause
   the user's CSRF token to be rotated on sign in and is recommended for all
@@ -59,6 +78,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.15.1] - October 6, 2016
 
 ### Fixed
+
 - Password reset form redirect no longer uses a named route helper, which means
   it will work for developers that have customized their routes.
 
@@ -67,15 +87,17 @@ complete changelog, see the git history for each version via the version links.
 ## [1.15.0] - September 26, 2016
 
 ### Security
+
 - Prevent possible password reset token leak to external sites linked to on the
   password reset page. See [PR #707] for more information.
 
-[PR #707]: https://github.com/thoughtbot/clearance/pull/707
+[pr #707]: https://github.com/thoughtbot/clearance/pull/707
 [1.15.0]: https://github.com/thoughtbot/clearance/compare/v1.14.2...v1.15.0
 
 ## [1.14.2] - August 10, 2016
 
 ### Fixed
+
 - Fixed incompatibility with `attr_encrypted` gem by inlining the body of the
   `encrypt` helper method used in the BCrypt password strategy.
 
@@ -84,6 +106,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.14.1] - May 12, 2016
 
 ### Fixed
+
 - Fixed insertion of `include Clearance::User` when running the install
   generator in an app that already has a `User` model.
 - Updated `deny_access` matcher to assert against configured redirect location
@@ -94,11 +117,13 @@ complete changelog, see the git history for each version via the version links.
 ## [1.14.0] - April 29, 2016
 
 ### Added
+
 - `Clearance::BackDoor` now accepts a block, allowing the user for a test to be
   looked up by a parameter other than `id` if you have overridden `to_param` for
   the `User` model.
 
 ### Fixed
+
 - We now correctly track the dirty state of `User#encrypted_password`, which
   fixes custom validations on `User#password` (e.g. validating password length)
   that were conditional on the password actually changing.
@@ -107,6 +132,7 @@ complete changelog, see the git history for each version via the version links.
   have a `User` model.
 
 ### Deprecated
+
 - `User#password_changing` is deprecated in favor of automatic dirty tracking on
   `encrypted_password` and `password`. If you are calling this in your
   application you should be able to remove it.
@@ -116,9 +142,11 @@ complete changelog, see the git history for each version via the version links.
 ## [1.13.0] - March 4, 2016
 
 ### Added
+
 - Clearance now supports Rails 5.0.0.beta3 and newer.
 
 ### Fixed
+
 - Clearance will now infer the parameter name to use when accessing user
   parameters in a request. This previously used `:user`, which was incorrect for
   customized user models.
@@ -129,14 +157,16 @@ complete changelog, see the git history for each version via the version links.
 ## [1.12.1] - January 7, 2016
 
 ### Fixed
-- Fixed the `create_users` migration generated by `rails generate
-  clearance:install` under Rails 3.x.
+
+- Fixed the `create_users` migration generated
+  by `rails generate clearance:install` under Rails 3.x.
 
 [1.12.1]: https://github.com/thoughtbot/clearance/compare/v1.12.0...v1.12.1
 
 ## [1.12.0] - November 17, 2015
 
 ### Added
+
 - Users will now see a flash message when redirected to sign in by
   `require_login`. This I18n key for this message is
   `flashes.failure_when_not_signed_in` and defaults to "Please sign in to
@@ -144,6 +174,7 @@ complete changelog, see the git history for each version via the version links.
 - Added significant API documentation. API documentation effort is ongoing.
 
 ### Fixed
+
 - Fixed expectation in the generated `visitor_resets_password_spec.rb` file.
 - Corrected indentation of routes inserted by the routes generator.
 - Corrected indentation of `include Clearance::User` when the install generator
@@ -154,17 +185,20 @@ complete changelog, see the git history for each version via the version links.
 ## [1.11.0] - August 21, 2015
 
 ### Added
+
 - Add `sign_in` and `sign_in_as` helper methods to view specs. These helpers
   avoid errors from verified partial doubles that come from. See
   [462c009].
 
 ### Fixed
+
 - `clearance:routes` generator now properly disables internal routes in your
   Clearance initializer.
 - Clearance now accesses the cookie jar via ActionDispatch::Request rather than
   `Rack::Request`. This is more consistent with what Rails does internally.
 
 ### Deprecated
+
 - `Clearance::Testing::Helpers` has been deprecated in favor of
   `Clearance::Testing::ControllerHelpers`. Most users are accessing these
   helpers by requiring `clearance/rspec` or `clearance/test_unit` and should be
@@ -176,6 +210,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.10.1] - May 15, 2015
 
 ### Deprecated
+
 - All clearance-provided password strategies other than BCrypt have been
   deprecated. You can continue to use those strategies without a deprecation
   warning by adding `clearance-deprecated_password_strategies` to your Gemfile.
@@ -185,12 +220,14 @@ complete changelog, see the git history for each version via the version links.
 ## [1.9.0] - April 3, 2015
 
 ### Added
+
 - The change password mailer now produces a multipart message which includes a
   text part along with the previously existing HTML part. To override the text
   part, add `change_password.text.erb` alongside your `change_password.html.erb`
   file.
 
 ### Fixed
+
 - Custom `user_model` configured in a Rails initializer will now be reloaded in
   development mode.
 - Change password template now contains "Change my password" link text to
@@ -201,10 +238,12 @@ complete changelog, see the git history for each version via the version links.
 ## [1.8.1] - March 3, 2015
 
 ### Security
+
 - Enable cross-site request forgery protection on `sessions#create`. See
   [7f5d56e](https://github.com/thoughtbot/clearance/commit/7f5d56ed3a51aca14fa60247a90ca0cd11db0e0d).
 
 ### Fixed
+
 - All methods included by `Clearance::Controller` are now excluded from
   `action_methods`.
 
@@ -213,10 +252,12 @@ complete changelog, see the git history for each version via the version links.
 ## [1.8.0] - January 23, 2015
 
 ### Added
+
 - The remember token cookie name is now customizable via
   `Clearance.configuration.cookie_name`.
 
 ### Fixed
+
 - Fixed a redirect loop on the sign in page for applications that are still
   using the deprecated `authorize` filter.
 - Signed in users that attempt to visit the sign in path are now redirected. The
@@ -224,6 +265,7 @@ complete changelog, see the git history for each version via the version links.
   can be customized by overriding `passwords_controller#url_for_signed_in_users`
 
 ### Deprecated
+
 - `users_controller#avoid_sign_in` is now deprecated in favor of
   `redirect_signed_in_users` which is more accurately named.
 
@@ -232,9 +274,11 @@ complete changelog, see the git history for each version via the version links.
 ## [1.7.0] - January, 8, 2015
 
 ### Fixed
+
 - Fix the negation of the `deny_access` matcher in Rails 4.0.x on Ruby 2.2
 
 ### Deprecated
+
 - The `authorize` filter has been deprecated in favor of `require_login`. Update
   all reference to the filter including any calls to `skip_before_filter` or
   `skip_before_action`.
@@ -246,6 +290,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.6.1] - January 6, 2015
 
 ### Fixed
+
 - Secure cookies are no longer overwritten when the user visits a non-HTTPS URL.
 
 [1.6.1]: https://github.com/thoughtbot/clearance/compare/v1.6.0...v1.6.1
@@ -253,6 +298,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.6.0] - December 20, 2014
 
 ### Added
+
 - When using Rails 4.2, password reset emails are sent with the
   ActiveJob-compatible `#deliver_later` method.
 
@@ -261,6 +307,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.5.1] - December 19, 2014
 
 ### Fixed
+
 - Blowfish password strategy fixed
 - Specs generated with `rails generate clearance:specs` now work properly in
   RSpec 3 projects.
@@ -270,6 +317,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.5.0] - October 17, 2014
 
 ### Added
+
 - Disable clearance routes by setting `config.routes = false`.
 - Running `rails generate clearance:routes` will dump the default set of
   routes to your application's routes file for modification.
@@ -279,6 +327,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.4.3] - October 3, 2014
 
 ### Fixed
+
 - Routing constraints act appropriately when session data is missing.
 
 [1.4.3]: https://github.com/thoughtbot/clearance/compare/v1.4.2...v1.4.3
@@ -286,6 +335,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.4.2] - September 13, 2014
 
 ### Fixed
+
 - Eliminate deprecation message when using DenyAccess matcher with RSpec 3.
 
 [1.4.2]: https://github.com/thoughtbot/clearance/compare/v1.4.1...v1.4.2
@@ -293,6 +343,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.4.1] - September 5, 2014
 
 ### Fixed
+
 - Prevent BCrypt strategy from raising an exception when `encypted_password`
   is nil.
 
@@ -301,17 +352,20 @@ complete changelog, see the git history for each version via the version links.
 ## [1.4.0] - July 18, 2014
 
 ### Added
+
 - `user_params` method was added to `Clearance::UsersController` which provides
   a convenient place to override the parameters used when creating users.
 - Controllers now inherit from `Clearance::BaseController` to allow for easily
   adding behavior to all of them.
 
 ### Changed
+
 - The sign out link in the default application layout has been replaced with a
   semantically correct sign out button. This also removes an unnecessary
   JavaScript dependency.
 
 ### Fixed
+
 - Clearance now uses `original_fullpath` when redirecting to a saved URL after
   login. This should improve the behavior in mounted engines.
 
@@ -320,6 +374,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.3.0] - March 14, 2014
 
 ### Added
+
 - Installing Clearance with an existing User model will now create a migration
   that includes adding remember tokens to all existing user records.
 
@@ -328,6 +383,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.2.1] - March 6, 2014
 
 ### Fixed
+
 - Query string is now included in the redirect URL when Clearance redirects to a
   previously stored URL.
 
@@ -336,10 +392,12 @@ complete changelog, see the git history for each version via the version links.
 ## [1.2.0] - February 28, 2014
 
 ### Added
+
 - Support for Rails 4.1.0.rc1
 - Sign in can now be disabled with `config.allow_sign_in = false`
 
 ### Changed
+
 - Sign in failure message is now customized exclusively via I18n.
   `SessionsController#flash_failure_after_create` is no longer called. To
   customize the message, change the
@@ -347,6 +405,7 @@ complete changelog, see the git history for each version via the version links.
   `flashes.failure_after_create` key.
 
 ### Deprecated
+
 - `clearance/testing` is now deprecated. Require `clearance/rspec` or
   `clearance/test_unit` as appropriate.
 
@@ -355,8 +414,9 @@ complete changelog, see the git history for each version via the version links.
 ## [1.1.0] - November 21, 2013
 
 ### Added
+
 - Validate email with `EmailValidator` [strict mode][strict].
-- The `cookie_expiration` configuration lambda can now be called with  a
+- The `cookie_expiration` configuration lambda can now be called with a
   `cookies` parameter. Allows the Clearance cookie expiration to be set
   according to the value of another cookie (such as `remember_me`).
 - Allow cookie domain and path configuration.
@@ -365,9 +425,11 @@ complete changelog, see the git history for each version via the version links.
 [strict]: https://github.com/balexand/email_validator#strict-mode
 
 ### Fixed
+
 - Don't allow logins with blank `remember_token`.
 
 ### Deprecated
+
 - A `cookie_expiration` lambda that does not accept this `cookies`
   parameter has been deprecated.
 
@@ -376,6 +438,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.0.1] - August 9, 2013
 
 ### Fixed
+
 - Fix an issue when trying to sign in with `nil`
 
 [1.0.1]: https://github.com/thoughtbot/clearance/compare/v1.0.0...v1.1.1
@@ -383,6 +446,7 @@ complete changelog, see the git history for each version via the version links.
 ## [1.0.0] - August 1, 2013
 
 ### Added
+
 - Support Rails 4.
 - Speed up test suites using `::BCrypt::Engine::MIN_COST`.
 - Speed up integration suites with `Clearance::BackDoor`.
@@ -396,6 +460,7 @@ complete changelog, see the git history for each version via the version links.
 - Add `secure_cookie` configuration option.
 
 ### Changed
+
 - Change default password strategy to BCrypt.
 - Replace email regular expression with `EmailValidator` gem.
 - Require > Ruby 1.9.
@@ -407,12 +472,14 @@ complete changelog, see the git history for each version via the version links.
   to avoid locale conflicts.
 
 ### Fixed
+
 - Improve security when changing password.
 - Reduce extra user lookups when adding cookie to headers.
 - Unauthorized API requests return HTTP status 401 rather than a redirect
   to the sign in page.
 
 ### Removed
+
 - Remove deprecated methods on User: `remember_me!`, `generate_random_code`,
   `password_required?`.
 - Remove `unloadable` from controllers (Rails 4 bug fix in development
@@ -424,6 +491,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.16.2] - May 11, 2012
 
 ### Changed
+
 - Change default email sender to `deploy@example.com`.
 
 [0.16.2]: https://github.com/thoughtbot/clearance/compare/v0.16.1...v0.16.2
@@ -431,6 +499,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.16.1] - April 16, 2012
 
 ### Fixed
+
 - Behave correctly when Rails whitelist attributes mass assignment
   protection is turned on.
 - Fix for Rails 3.2.x modifying the HTTP cookie headers in rack requests.
@@ -440,6 +509,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.16.0] - March 16, 2012
 
 ### Added
+
 - Blowfish password encryption strategy.
 
 [0.16.0]: https://github.com/thoughtbot/clearance/compare/v0.15.0...v0.16.0
@@ -447,9 +517,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.15.0] - February 3, 2012
 
 ### Added
+
 - The `User` model can be swapped out using the `Clearance.configure` method.
 
 ### Removed
+
 - Remove `User::InstanceMethods` to silence a Rails 3.2 deprecation warning.
 
 [0.15.0]: https://github.com/thoughtbot/clearance/compare/v0.14.0...v0.15.0
@@ -457,6 +529,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.14.0] - January 13, 2012
 
 ### Added
+
 - Support clearance session management from the Rack environment.
 
 [0.14.0]: https://github.com/thoughtbot/clearance/compare/v0.13.2...v0.14.0
@@ -464,6 +537,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.13.2] - January 13, 2012
 
 ### Fixed
+
 - Fixed the `deny_access` matcher.
 
 [0.13.2]: https://github.com/thoughtbot/clearance/compare/v0.13.0...v0.13.2
@@ -471,6 +545,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.13.0] - October 11, 2011
 
 ### Changed
+
 - In Clearance's optional generated features, use pure Capybara instead of
   depending on Cucumber's removed `web_steps`, paths, and selectors.
 - Extract SHA-1-specific code out of `User` into `PasswordStrategies` module.
@@ -482,6 +557,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.12.0] - June 30, 2011
 
 ### Changed
+
 - Denying access redirects to `root_url` when signed in, `sign_in_url` when
   signed out.
 - Using flash `:notice` key everywhere now instead of `:success` and `:failure`.
@@ -497,10 +573,12 @@ complete changelog, see the git history for each version via the version links.
 ## [0.11.2] - June 29, 2011
 
 ### Added
+
 - Rails 3.1.rc compatible.
 - RSpec and Test::Unit compliant test matcher (`should deny_access`, etc)
 
 ### Removed
+
 - No more Clearance `shoulda_macros`. Instead providing RSpec and
   Test::Unit-compliant test matchers (`should deny_access`, etc).
 
@@ -509,13 +587,16 @@ complete changelog, see the git history for each version via the version links.
 ## [0.11.1] - April 30, 2011
 
 ### Added
+
 - Redirect to home page after sign up.
 
 ### Fixed
+
 - Removing `:case_sensitive` option from `validates_uniqueness_of`. It was
   unnecessary and causes a small performance problem on some apps.
 
 ### Removed
+
 - Remove dependency on `dynamic_form`. Replaced with flashes due to limited number
   of failure cases.
 
@@ -524,14 +605,17 @@ complete changelog, see the git history for each version via the version links.
 ## [0.11.0] - April 24, 2011
 
 ### Added
+
 - New `controller#authenticate(params)` method. Redefine username & password or
   other styles of authentication.
 
 ### Changed
-- `before_filter :authenticate` API replaced with more aptly-named `before_filter
-  :authorize`.
+
+- `before_filter :authenticate` API replaced with more
+  aptly-named `before_filter :authorize`.
 
 ### Removed
+
 - Removing password confirmation.
 
 [0.11.0]: https://github.com/thoughtbot/clearance/compare/v0.10.5...v0.11.0
@@ -539,6 +623,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.5] - April 19, 2011
 
 ### Security
+
 - Closing CSRF hole for Rails >= 3.0.4 apps.
 
 [0.10.5]: https://github.com/thoughtbot/clearance/compare/v0.10.4...v0.10.5
@@ -546,15 +631,19 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.4] - April 16, 2011
 
 ### Added
+
 - Use HTML5 email fields.
 
 ### Changed
+
 - Emails forced to be downcased (particularly for iPhone user case).
 
 ### Fixed
+
 - Password reset requires a password.
 
 ### Removed
+
 - Formtastic views generator removed.
 
 [0.10.4]: https://github.com/thoughtbot/clearance/compare/v0.10.3.2...v0.10.4
@@ -562,6 +651,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.3.2] - March 6, 2011
 
 ### Fixed
+
 - Fix gemspec to include all necessary files.
 
 [0.10.3.2]: https://github.com/thoughtbot/clearance/compare/v0.10.3.1...v0.10.3.2
@@ -569,6 +659,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.3.1] - February 20, 2011
 
 ### Fixed
+
 - Ensure everything within features inside any engine directory is included in
   the `gemspec`.
 
@@ -577,6 +668,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.3] - February 19, 2011
 
 ### Fixed
+
 - Include features/engines in `gemspec` file list so generator works as
   expected.
 
@@ -585,11 +677,13 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.2] - February 18, 2011
 
 ### Added
+
 - New generator command: `rails generate clearance:install`.
 - When Clearance installed in an app that already has users, allow old users to
   sign in by resetting their password.
 
 ### Changed
+
 - Step definitions are now prefixed with `visitor_` to use thoughtbot
   convention.
 
@@ -598,6 +692,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.1] - February 9, 2011
 
 ### Fixed
+
 - Replaced `ActionController::Forbidden` with a user-friendly flash message.
 
 [0.10.1]: https://github.com/thoughtbot/clearance/compare/v0.10.0...v0.10.1
@@ -605,9 +700,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.10.0] - June 29, 2010
 
 ### Added
+
 - Better email validation regular expression.
 
 ### Removed
+
 - Removed email confirmation step, was mostly a hassle and can always be added
   back in at the application level (instead of engine level) if necessary.
 - Removed `disable_with` on forms since it does not allow IE users to submit
@@ -618,6 +715,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.9.1] - June 29, 2010
 
 ### Added
+
 - This release supports Rails 3, capybara, and shoulda 2.10+.
 
 [0.9.1]: https://github.com/thoughtbot/clearance/compare/v0.9.0...v0.9.1
@@ -625,9 +723,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.9.0] - June 11, 2010
 
 ### Added
+
 - Allow customization of cookie duration.
 
 ### Changed
+
 - Removed unnecessary db index.
 
 [0.9.0]: https://github.com/thoughtbot/clearance/compare/v0.8.8...v0.9.0
@@ -635,6 +735,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.8] - February 25, 2010
 
 ### Fixed
+
 - Fixed `sign_in` and `sign_out` not setting `current_user`.
 
 [0.8.8]: https://github.com/thoughtbot/clearance/compare/v0.8.7...v0.8.8
@@ -642,6 +743,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.7] - February 21, 2010
 
 ### Fixed
+
 - Fixed global sign out bug.
 - Allow Rails apps to `before_filter :authenticate` the entire app
   in `ApplicationController` and still have password recovery work without
@@ -653,10 +755,12 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.6] - February 17, 2010
 
 ### Added
+
 - Allow overridden user models to skip email/password validations
   conditionally. This makes username/facebook integration easier.
 
 ### Fixed
+
 - Clearance features capitalization should match view text.
 - Skip `:authenticate before_filter` in controllers so apps can easily
   authenticate a whole site without subclassing.
@@ -670,12 +774,14 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.5] - January 20, 2010
 
 ### Changed
+
 - Removed `attr_accessible` from `Clearance::User`.
 - Remove dependency on `root_path`, use `'/'` instead.
 - Use `Clearance.configure` block to set mailer sender instead of `DO_NOT_REPLY`
   constant.
 
 ### Fixed
+
 - Replaced routing hack with `Clearance::Routes.draw(map)` to give more control
   to the application developer.
 - Fixed bug in password reset feature.
@@ -685,6 +791,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.4] - December 08, 2009
 
 ### Fixed
+
 - Remove unnecessary `require 'factory_girl'` in generator.
 
 [0.8.4]: https://github.com/thoughtbot/clearance/compare/v0.8.3...v0.8.4
@@ -692,6 +799,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.3] - September 21, 2009
 
 ### Fixed
+
 - Avoid possible collisions in the remember me token.
 
 [0.8.3]: https://github.com/thoughtbot/clearance/compare/v0.8.2...v0.8.3
@@ -699,6 +807,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.2] - September 01, 2009
 
 ### Added
+
 - `current_user= accessor` method.
 - Set `current_user` in `sign_in`.
 
@@ -707,9 +816,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.1] - August 31, 2009
 
 ### Changed
+
 - Removed unnecessary `remember_token_expires_at` column.
 
 ### Removed
+
 - Removed `remember?` and `forget_me!` user instance methods.
 
 [0.8.1]: https://github.com/thoughtbot/clearance/compare/v0.8.0...v0.8.1
@@ -717,10 +828,12 @@ complete changelog, see the git history for each version via the version links.
 ## [0.8.0] - August 31, 2009
 
 ### Added
+
 - Documented `Clearance::Authentication` with YARD.
 - Documented `Clearance::User` with YARD.
 
 ### Changed
+
 - Always remember me. Replaced session-and-remember-me authentication with
   always using a cookie with a long timeout.
 
@@ -729,11 +842,13 @@ complete changelog, see the git history for each version via the version links.
 ## [0.7.0] - August 4, 2009
 
 ### Added
+
 - Added `signed_out?` convenience method for controllers, helpers, views.
 - Added `clearance_views` generator. By default, creates formtastic views which
   pass all tests and features.
 
 ### Fixed
+
 - Redirect signed in user who clicks confirmation link again.
 - Redirect signed out user who clicks confirmation link again.
 
@@ -742,6 +857,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.9] - July 4, 2009
 
 ### Added
+
 - Added timestamps to create users migration.
 - Ready for Ruby 1.9.
 
@@ -750,6 +866,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.8] - June 24, 2009
 
 ### Fixed
+
 - Added `defined?` checks for various Rails constants such as `ActionController`
   for easier unit testing of Clearance extensions... particularly `ActiveRecord`
   extensions... `particularly strong_password`.
@@ -759,6 +876,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.7] - June 13, 2009
 
 ### Added
+
 - Added `sign_up`, `sign_in`, `sign_out` named routes.
 - `flash_success_after_create`, `flash_notice_after_create`,
   `flash_failure_after_create`, `flash_sucess_after_update`,
@@ -766,9 +884,11 @@ complete changelog, see the git history for each version via the version links.
 - Added `#create` to forbidden `before_filters` on confirmations controller.
 
 ### Fixed
+
 - `should_be_signed_in_as` shouldn't look in the session.
 
 ### Deprecated
+
 - Deprecated `sign_user_in`. Told developers to use `sign_in` instead.
 
 [0.6.7]: https://github.com/thoughtbot/clearance/compare/v0.6.6...v0.6.7
@@ -776,6 +896,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.6] - May 18, 2009
 
 ### Fixed
+
 - replaced `class_eval` in `Clearance::User` with modules. This was needed
   so we could write our own validations.
 
@@ -784,6 +905,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.5] - May 17, 2009
 
 ### Added
+
 - Make Clearance i18n aware.
 
 [0.6.5]: https://github.com/thoughtbot/clearance/compare/v0.6.4...v0.6.5
@@ -791,10 +913,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.4] - May 12, 2009
 
 ### Changed
-- Replacing `sign_in_as` & `sign_out` shoulda macros with a stubbing (requires no
-  dependency) approach. This will avoid dealing with the internals of
-  `current_user`, such as session & cookies. Added `sign_in` macro which signs in an
-  email confirmed user from clearance's factories.
+
+- Replacing `sign_in_as` & `sign_out` shoulda macros with a stubbing (requires
+  no dependency) approach. This will avoid dealing with the internals of
+  `current_user`, such as session & cookies. Added `sign_in` macro which signs
+  in an email confirmed user from clearance's factories.
 - Move private methods on sessions controller into `Clearance::Authentication`
   module.
 - Audited flash keys.
@@ -804,6 +927,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.3] - April 23, 2009
 
 ### Fixed
+
 - Scoping `ClearanceMailer` properly within controllers so it works in
   production environments.
 
@@ -812,6 +936,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.2] - April 22, 2009
 
 ### Added
+
 - Insert `Clearance::User` into User model if it exists.
 
 [0.6.2]: https://github.com/thoughtbot/clearance/compare/v0.6.1...v0.6.2
@@ -819,6 +944,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.1] - April 21, 2009
 
 ### Changed
+
 - Scope operators are necessary to keep Rails happy. Reverting the original
   revert so they're back in the library now for constants referenced inside of
   the gem.
@@ -828,22 +954,23 @@ complete changelog, see the git history for each version via the version links.
 ## [0.6.0] - April 21, 2009
 
 ### Changed
+
 - Converted Clearance to a Rails engine.
 - Include `Clearance::User` in User model in app.
 - Include `Clearance::Authentication` in `ApplicationController`.
 - Namespace controllers under `Clearance` module.
 - Routes move to engine, use namespaced controllers but publicly the same.
-- If you want to override a controller, subclass it like `SessionsController <
-  Clearance::SessionsController`. This gives you access to usual hooks such as
-  `url_after_create`.
+- If you want to override a controller, subclass it like
+  `SessionsController < Clearance::SessionsController`. This gives you access to
+  usual hooks such as `url_after_create`.
 - Controllers, mailer, model, routes all unit tested inside engine. Use
   `script/generate clearance_features` to test integration of Clearance with your
   Rails app. No longer including modules in your app's test files.
 - Moved views to engine.
-- Converted generated `test/factories/clearance.rb` to use inheritence for
+- Converted generated `test/factories/clearance.rb` to use inheritance for
   `email_confirmed_user`.
 - Corrected some spelling errors with methods.
-- Loading clearance routes after rails routes via some monkeypatching.
+- Loading clearance routes after rails routes via some monkey patching.
 - Made the clearance controllers `unloadable` to stop constant loading errors in
   development mode.
 
@@ -852,6 +979,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.6] - April 11, 2009
 
 ### Fixed
+
 - Step definition changed for "User should see error messages" so features won't
   fail for certain validations.
 
@@ -860,6 +988,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.5] - March 23, 2009
 
 ### Fixed
+
 - Removing duplicate test to get rid of warning.
 
 [0.5.5]: https://github.com/thoughtbot/clearance/compare/v0.5.4...v0.5.5
@@ -867,6 +996,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.4] - March 21, 2009
 
 ### Changed
+
 - When users fail logging in, redirect them instead of rendering.
 
 [0.5.4]: https://github.com/thoughtbot/clearance/compare/v0.5.3...v0.5.4
@@ -874,6 +1004,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.3] - March 5, 2009
 
 ### Changed
+
 - Clearance now works with (and requires) Shoulda 2.10.0.
 
 [0.5.3]: https://github.com/thoughtbot/clearance/compare/v0.5.2...v0.5.3
@@ -881,6 +1012,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.2] - March 2, 2009
 
 ### Added
+
 - Full compatible with Rails 2.3 (all tests pass)
 
 [0.5.2]: https://github.com/thoughtbot/clearance/compare/v0.5.1...v0.5.2
@@ -888,6 +1020,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.1] - February 27, 2009
 
 ### Changed
+
 - A user with unconfirmed email who resets password now confirms email.
 - Switch order of cookies and sessions to take advantage of Rails 2.3's
   "Rack-based lazy-loaded sessions",
@@ -895,6 +1028,7 @@ complete changelog, see the git history for each version via the version links.
   `application.rb` in Rails 2.3 apps.
 
 ### Fixed
+
 - Rack-based session change altered how to test remember me cookie.
 
 [0.5.1]: https://github.com/thoughtbot/clearance/compare/v0.5.0...v0.5.1
@@ -902,6 +1036,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.5.0] - February 27, 2009
 
 ### Fixed
+
 - Fixed problem with Cucumber features.
 - Fixed missing HTTP fluency use case.
 
@@ -910,10 +1045,12 @@ complete changelog, see the git history for each version via the version links.
 ## [0.4.9] - February 20, 2009
 
 ### Changed
+
 - Protect passwords & confirmations actions with forbidden filters.
 - Return 403 Forbidden status code in those cases.
 
 ### Security
+
 - Fixed bug that allowed anyone to edit another user's password.
 
 [0.4.9]: https://github.com/thoughtbot/clearance/compare/v0.4.8...v0.4.9
@@ -921,11 +1058,13 @@ complete changelog, see the git history for each version via the version links.
 ## [0.4.8] - February 16, 2009
 
 ### Added
+
 - Added documentation for the flash.
 - Generators `require 'test_helper'` instead of `File.join` for RR
   compatibility.
 
 ### Changed
+
 - Removed interpolated email address from flash message to make i18n easier.
 - Standardized flash messages that refer to email delivery.
 
@@ -934,6 +1073,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.4.7] - February 12, 2009
 
 ### Changed
+
 - Removed `Clearance::Test::TestHelper` so there is one less setup step.
 - All test helpers now in `shoulda_macros`.
 
@@ -942,6 +1082,7 @@ complete changelog, see the git history for each version via the version links.
 ## [0.4.6] - February 11, 2009
 
 ### Added
+
 - Created `Actions` and `PrivateMethods` modules on controllers for future RDoc
   reasons.
 
@@ -950,9 +1091,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.4.5] - February 9, 2009
 
 ### Added
+
 - Added password reset feature to `clearance_features` generator.
 
 ### Changed
+
 - Only store location for `session[:return_to]` for GET requests.
 - Audited "sign up" naming convention. "Register" had slipped in a few places.
 - Switched to `SHA1` encryption. Cypher doesn't matter much for email
@@ -960,6 +1103,7 @@ complete changelog, see the git history for each version via the version links.
   clients who line break on 72 chars.
 
 ### Removed
+
 - Removed email downcasing because local-part is case sensitive per
   RFC5321.
 - Removed unnecessary `session[:salt]`.
@@ -969,9 +1113,11 @@ complete changelog, see the git history for each version via the version links.
 ## [0.4.4] - February 2, 2009
 
 ### Added
+
 - Added a generator for Cucumber features.
 
 ### Changed
+
 - Standardized naming for "Sign up," "Sign in," and "Sign out".
 
 [0.4.4]: https://github.com/thoughtbot/clearance/compare/v0.3.7...v0.4.4