devise 4.2.0 → 4.4.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 5e29ea6d513d978b0fd04f14b67dd51e2122784d
-  data.tar.gz: 05cc9f23bc3d9a990a174b0c9355e675fd0e4b7a
+SHA256:
+  metadata.gz: 554c50f7db4c13beb0b2eb9ee1dbdd863aef2e7647de61d7070adac0b60fd1c7
+  data.tar.gz: 7624cffe7f3383660d08bca3c10b4f0c3ce2d5696b1f52cfe2e8b2b023c79fed
 SHA512:
-  metadata.gz: 75169de4446c19bcd4da1faa1659f8481f807ea6de193a182d38dd681380c60d46cdd07dcfcaad80eaea07d8792878abf29a6572d630e982b6bba239d1b6434e
-  data.tar.gz: 0a45b86723a424e2e9633c32fd3b8775e1f1d20d8316be3af54522112511e3da95d0446abf10c70f9ebf7c57e83adfb883ac2ccb905df3957912a6b9f624d424
+  metadata.gz: fa0cacb024cecbfb7a031f0dd5b5e8cf2ea518ecbd89b3f2d3994614bf8d859548984b4675f4cd1be1f73b17c0a07214e9d62e08e4d7362450664b27083bc1a4
+  data.tar.gz: e249d22cc464e7b04b53e990ff0c6e15b3c48a1bb7e8d9ef0a10722b867649840b7b5d48b30f234e9963400b773608b31c3732aeb5665287cea940d568bb5abe

data/.travis.yml

@@ -1,22 +1,42 @@
 language: ruby
 
 rvm:
-  - 2.1.9
-  - 2.2.5
-  - 2.3.1
+  - 2.1.10
+  - 2.2.8
+  - 2.3.5
+  - 2.4.2
+  - 2.5.0
   - ruby-head
 
 gemfile:
   - Gemfile
+  - gemfiles/Gemfile.rails-5.2-rc1
+  - gemfiles/Gemfile.rails-5.0-stable
   - gemfiles/Gemfile.rails-4.2-stable
   - gemfiles/Gemfile.rails-4.1-stable
 
 matrix:
   exclude:
-    - rvm: 2.1.9
+    - rvm: 2.1.10
+      gemfile: Gemfile
+    - rvm: 2.1.10
+      gemfile: gemfiles/Gemfile.rails-5.2-rc1
+    - rvm: 2.5.0
+      gemfile: gemfiles/Gemfile.rails-4.1-stable
+    - rvm: 2.4.2
+      gemfile: gemfiles/Gemfile.rails-4.1-stable
+    - rvm: ruby-head
+      gemfile: gemfiles/Gemfile.rails-4.1-stable
+    - rvm: 2.1.10
+      gemfile: gemfiles/Gemfile.rails-5.0-stable
+    - rvm: 2.1.10
       gemfile: Gemfile
     - env: DEVISE_ORM=mongoid
       gemfile: Gemfile
+    - env: DEVISE_ORM=mongoid
+      gemfile: gemfiles/Gemfile.rails-5.0-stable
+    - env: DEVISE_ORM=mongoid
+      gemfile: gemfiles/Gemfile.rails-5.2-rc1
   allow_failures:
     - rvm: ruby-head
 services:
@@ -31,7 +51,9 @@ env:
     - DEVISE_ORM=active_record
     - DEVISE_ORM=mongoid
 
-before_install: "rm ${BUNDLE_GEMFILE}.lock"
+before_install:
+  - "rm ${BUNDLE_GEMFILE}.lock"
+  - gem update --system
 
 before_script: "bundle update"
 

data/CHANGELOG.md

@@ -1,5 +1,70 @@
 ### Unreleased
 
+### 4.4.3 - 2018-03-17
+
+* bug fixes
+  * Fix undefined method `rails5?` for Devise::Test:Module (by @tegon)
+  * Fix: secret key was being required to be set inside credentials on Rails 5.2 (by @tegon)
+
+### 4.4.2 - 2018-03-15
+
+* enhancements
+  * Support for :credentials on Rails v5.2.x. (by @gencer)
+  * Improve documentation about the test suite. (by @tegon)
+  * Test with Rails 5.2.rc1 on Travis. (by @jcoyne)
+  * Allow test with Rails 6. (by @Fudoshiki)
+  * Creating a new section for controller configuration on `devise.rb` template (by @Danilo-Araujo-Silva)
+
+* bug fixes
+  * Preserve content_type for unauthenticated tests (by @gmcnaughton)
+  * Check if the resource is persisted in `update_tracked_fields!` instead of performing validations (by @tegon)
+  * Revert "Replace log_process_action to append_info_to_payload" (by @tegon)
+
+### 4.4.1 - 2018-01-23
+
+* bug fixes
+  * Ensure Gemspec is loaded as utf-8. (by @segiddins)
+  * Fix `ActiveRecord` check on `Confirmable`. (by @tegon)
+  * Fix `signed_in?` docs without running auth hooks. by (@machty)
+
+### 4.4.0 - 2017-12-29
+
+* enhancements
+  * Add `frozen_string_literal` pragma comment to all Ruby files. (by @pat)
+  * Use `set_flash_method!` instead of `set_flash_method` in `Devise::OmniauthCallbacksController#failure`. (by @saichander17)
+  * Clarify how `store_location_for` modifies URIs. (by @olivierlacan)
+  * Move `failed_attempts` increment into its own function. by (@mobilutz)
+  * Add `autocomplete="email"` to email fields. by (@MikeRogers0)
+  * Add the ability to change the default migrations path introduced in Rails 5.0.3.  (by @alexhifer)
+  * Delete unnecessary condition for helper method. (by @davydovanton)
+  * Support `id: :uuid` option for migrations. (by @filip373)
+
+* bug fixes
+  * Fix syntax for MRI 2.5.0. (by @pat)
+  * Validations were being ignored on singup in the `Trackable#update_tracked_fields!` method. (by @AshleyFoster)
+  * Do not modify options for `#serializable_hash`. (by @guigs)
+  * Email confirmations were being sent on sign in/sign out for application using `mongoid` and `mongoid-paperclip` gems. This is because previously we were checking if a model is from Active Record by checking if the method `after_commit` was defined - since `mongoid` doesn' have one - but `mongoid-paperclip` gem does define one, which cause this issue. (by @fjg)
+ 
+### 4.3.0 - 2017-05-14
+
+* Enhancements
+  * Dependency support added for Rails 5.1.x.
+
+### 4.2.1 - 2017-03-15
+
+* removals
+  * `Devise::Mailer#scope_name` and `Devise::Mailer#resource` are now protected
+    methods instead of public.
+* bug fixes
+  * Attempt to reset password without the password field in the request now results in a `:blank` validation error.
+    Before this change, Devise would accept the reset password request and log the user in, without validating/changing
+    the password. (by @victor-am)
+  * Confirmation links now expire based on UTC time, working properly when using different timezones. (by @jjuliano)
+* enhancements
+  * Notify the original email when it is changed with a new `Devise.send_email_changed_notification` setting.
+    When using `reconfirmable`, the notification will be sent right away instead of when the unconfirmed email is confirmed.
+    (original change by @ethirajsrinivasan)
+
 ### 4.2.0 - 2016-07-01
 
 * removals

data/CONTRIBUTING.md

@@ -1,39 +1,79 @@
-### Please read before contributing
+# How to contribute to Devise
 
-1) Do not post questions in the issues tracker. If you have any questions about
-Devise, search the [Wiki](https://github.com/plataformatec/devise/wiki) or use
-the [Mailing List](https://groups.google.com/group/plataformatec-devise) or
-[Stack Overflow](http://stackoverflow.com/questions/tagged/devise).
+Thanks for your interest on contributing to Devise! Here are a few general
+guidelines on contributing and reporting bugs to Devise that we ask you to
+take a look first. Notice that all of your interactions in the project are
+expected to follow our [Code of Conduct](CODE_OF_CONDUCT.md).
 
-2) If you find a security bug, **DO NOT** submit an issue here. Please send an
+## Reporting Issues
+
+Before reporting a new issue, please be sure that the issue wasn't already
+reported or fixed by searching on GitHub through our [issues](https://github.com/plataformatec/devise/issues).
+
+When creating a new issue, be sure to include a **title and clear description**,
+as much relevant information as possible, and either a test case example or
+even better a **sample Rails app that replicates the issue** - Devise has a lot
+of moving parts and it's functionality can be affected by third party gems, so
+we need as much context and details as possible to identify what might be broken
+for you. We have a [test case template](guides/bug_report_templates/integration_test.rb)
+that can be used to replicate issues with minimal setup.
+
+Please do not attempt to translate Devise built in views. The views are meant
+to be a starting point for fresh apps and not production material - eventually
+all applications will require custom views where you can write your own copy and
+translate it if the application requires it . For historical references, please look into closed
+[Issues/Pull Requests](https://github.com/plataformatec/devise/issues?q=i18n) regarding
+internationalization.
+
+Avoid opening new issues to ask questions in our issues tracker. Please go through
+the project wiki, documentation and source code first, or try to ask your question
+on [Stack Overflow](http://stackoverflow.com/questions/tagged/devise).
+
+**If you find a security bug, do not report it through GitHub. Please send an
 e-mail to [opensource@plataformatec.com.br](mailto:opensource@plataformatec.com.br)
-instead.
+instead.**
+
+## Sending Pull Requests
+
+Before sending a new Pull Request, take a look on existing Pull Requests and Issues
+to see if the proposed change or fix has been discussed in the past, or if the
+change was already implemented but not yet released.
+
+We expect new Pull Requests to include enough tests for new or changed behavior,
+and we aim to maintain everything as most backwards compatible as possible,
+reserving breaking changes to be ship in major releases when necessary - you
+can wrap the new code path with a setting toggle from the `Devise` module defined
+as `false` by default to require developers to opt-in for the new behavior.
 
-3) If possible, replicate your issue with our
-[guides/bug_report_templates/integration_test.rb](test case example), and attach
-it to your issue or Pull Request - this way we have an isolated way to replicate
-your issue and investigate it further.
+If your Pull Request includes new or changed behavior, be sure that the changes
+are beneficial to a wide range of use cases or it's an application specific change
+that might not be so valuable to other applications. Some changes can be introduced
+as a new `devise-something` gem instead of belonging to the main codebase.
 
-4) Otherwise, please provide a fresh new Rails application that replicates your
-issue on a public GitHub repository, as some scenarios might not be possible to
-replicate using the standalone test case example.
+When adding new settings, you can take advantage of the [`Devise::Models.config`](https://github.com/plataformatec/devise/blob/245b1f9de0b3386b7913e14b60ea24f43b77feb0/lib/devise/models.rb#L13-L50) method to add class and instance level fallbacks
+to the new setting.
 
-5) Do a small search on the issues tracker before submitting your issue to see
-if it was already reported / fixed. Duplicated issues will be closed to avoid
-too much noise/duplication in the issue tracker.
+We also welcome Pull Requests that improve our existing documentation (both our
+`README.md` and the RDoc sections in the source code) or improve existing rough
+edges in our API that might be blocking existing integrations or 3rd party gems.
 
-6) When reporting an issue, include Rails, Devise and Warden versions. If you
-are getting exceptions, please include the full backtrace.
+## Other ways to contribute
 
-7) Please do not attempt to translate Devise built in views. The views are meant
-to be a starting point and not a final version. For historical references,
-please look into closed issues/Pull regarding i18n.
+We welcome anyone that wants to contribute to Devise to triage and reply to
+open issues to help troubleshoot and fix existing bugs on Devise. Here is what
+you can do:
 
-8) Notice that all of your interactions in the project are expected to follow
-our [Code of Conduct](CODE_OF_CONDUCT.md)
+* Help ensure that existing issues follows the recommendations from the
+_[Reporting Issues](#reporting-issues)_ section, providing feeback to the issue's
+author on what might be missing.
+* Review and update the existing content of our [Wiki](https://github.com/plataformatec/devise/wiki)
+with up to date instructions and code samples - the wiki was grown with several
+different tutorials and references that we can't keep track of everything, so if
+there is a page that showcases an integration or customization that you are
+familiar with feel free to update it as necessary.
+* Review existing Pull Requests, and testing patches against real existing
+applications that use Devise.
 
-That's it! The more information you give, the easier it becomes for us to track
-it down and fix it. Ideally, you should provide an application that reproduces
-the error or a test case to Devise's suite.
+Thanks again for your interest on contributing to the project!
 
-Thanks!
+:heart:

data/Gemfile

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
 gemspec
 
-gem "rails", "~> 5.0.0"
+gem "rails", "~> 5.1"
 gem "omniauth", "~> 1.3"
 gem "oauth2"
 gem "omniauth-oauth2"

data/Gemfile.lock

@@ -1,79 +1,77 @@
 GIT
   remote: git://github.com/rails/activemodel-serializers-xml.git
-  revision: 570ee7ed33d60e44ca1f3ccbec3d1fbf61d52cbf
+  revision: dd9c0acf26aab111ebc647cd8deb99ebc6946531
   specs:
     activemodel-serializers-xml (1.0.1)
       activemodel (> 5.x)
-      activerecord (> 5.x)
       activesupport (> 5.x)
       builder (~> 3.1)
 
 PATH
   remote: .
   specs:
-    devise (4.2.0)
+    devise (4.4.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.1)
+      railties (>= 4.1.0, < 6.0)
       responders
       warden (~> 1.2.3)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.0.0)
-      actionpack (= 5.0.0)
-      nio4r (~> 1.2)
+    actioncable (5.1.0)
+      actionpack (= 5.1.0)
+      nio4r (~> 2.0)
       websocket-driver (~> 0.6.1)
-    actionmailer (5.0.0)
-      actionpack (= 5.0.0)
-      actionview (= 5.0.0)
-      activejob (= 5.0.0)
+    actionmailer (5.1.0)
+      actionpack (= 5.1.0)
+      actionview (= 5.1.0)
+      activejob (= 5.1.0)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.0.0)
-      actionview (= 5.0.0)
-      activesupport (= 5.0.0)
+    actionpack (5.1.0)
+      actionview (= 5.1.0)
+      activesupport (= 5.1.0)
       rack (~> 2.0)
       rack-test (~> 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.0.0)
-      activesupport (= 5.0.0)
+    actionview (5.1.0)
+      activesupport (= 5.1.0)
       builder (~> 3.1)
-      erubis (~> 2.7.0)
+      erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (5.0.0)
-      activesupport (= 5.0.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (5.1.0)
+      activesupport (= 5.1.0)
       globalid (>= 0.3.6)
-    activemodel (5.0.0)
-      activesupport (= 5.0.0)
-    activerecord (5.0.0)
-      activemodel (= 5.0.0)
-      activesupport (= 5.0.0)
-      arel (~> 7.0)
-    activesupport (5.0.0)
+    activemodel (5.1.0)
+      activesupport (= 5.1.0)
+    activerecord (5.1.0)
+      activemodel (= 5.1.0)
+      activesupport (= 5.1.0)
+      arel (~> 8.0)
+    activesupport (5.1.0)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (~> 0.7)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    arel (7.0.0)
+    arel (8.0.0)
     bcrypt (3.1.11)
-    builder (3.2.2)
-    concurrent-ruby (1.0.2)
-    erubis (2.7.0)
-    faraday (0.9.2)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    erubi (1.6.0)
+    faraday (0.11.0)
       multipart-post (>= 1.2, < 3)
-    globalid (0.3.6)
-      activesupport (>= 4.1.0)
-    hashie (3.4.4)
-    i18n (0.7.0)
-    json (1.8.3)
-    jwt (1.5.4)
+    globalid (0.4.0)
+      activesupport (>= 4.2.0)
+    hashie (3.5.5)
+    i18n (0.8.1)
+    jwt (1.5.6)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
-    mail (2.6.4)
+    mail (2.6.5)
       mime-types (>= 1.16, < 4)
     metaclass (0.0.4)
     method_source (0.8.2)
@@ -81,26 +79,25 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
     mini_portile2 (2.1.0)
-    minitest (5.9.0)
-    mocha (1.1.0)
+    minitest (5.10.1)
+    mocha (1.2.1)
       metaclass (~> 0.0.1)
     multi_json (1.12.1)
-    multi_xml (0.5.5)
+    multi_xml (0.6.0)
     multipart-post (2.0.0)
-    nio4r (1.2.1)
-    nokogiri (1.6.8)
+    nio4r (2.0.0)
+    nokogiri (1.7.1)
       mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
-    oauth2 (1.2.0)
-      faraday (>= 0.8, < 0.10)
+    oauth2 (1.3.1)
+      faraday (>= 0.8, < 0.12)
       jwt (~> 1.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
-    omniauth (1.3.1)
-      hashie (>= 1.2, < 4)
-      rack (>= 1.0, < 3)
-    omniauth-facebook (3.0.0)
+    omniauth (1.6.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-facebook (4.0.0)
       omniauth-oauth2 (~> 1.2)
     omniauth-oauth2 (1.4.0)
       oauth2 (~> 1.0)
@@ -109,65 +106,64 @@ GEM
       omniauth (~> 1.0)
       rack-openid (~> 1.3.1)
     orm_adapter (0.5.0)
-    pkg-config (1.1.7)
     rack (2.0.1)
     rack-openid (1.3.1)
       rack (>= 1.1.0)
       ruby-openid (>= 2.1.8)
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (5.0.0)
-      actioncable (= 5.0.0)
-      actionmailer (= 5.0.0)
-      actionpack (= 5.0.0)
-      actionview (= 5.0.0)
-      activejob (= 5.0.0)
-      activemodel (= 5.0.0)
-      activerecord (= 5.0.0)
-      activesupport (= 5.0.0)
+    rails (5.1.0)
+      actioncable (= 5.1.0)
+      actionmailer (= 5.1.0)
+      actionpack (= 5.1.0)
+      actionview (= 5.1.0)
+      activejob (= 5.1.0)
+      activemodel (= 5.1.0)
+      activerecord (= 5.1.0)
+      activesupport (= 5.1.0)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 5.0.0)
+      railties (= 5.1.0)
       sprockets-rails (>= 2.0.0)
-    rails-controller-testing (0.1.1)
+    rails-controller-testing (1.0.1)
       actionpack (~> 5.x)
       actionview (~> 5.x)
       activesupport (~> 5.x)
-    rails-dom-testing (2.0.1)
+    rails-dom-testing (2.0.2)
       activesupport (>= 4.2.0, < 6.0)
-      nokogiri (~> 1.6.0)
+      nokogiri (~> 1.6)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (5.0.0)
-      actionpack (= 5.0.0)
-      activesupport (= 5.0.0)
+    railties (5.1.0)
+      actionpack (= 5.1.0)
+      activesupport (= 5.1.0)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rake (11.2.2)
-    rdoc (4.2.2)
-      json (~> 1.4)
-    responders (2.2.0)
-      railties (>= 4.2.0, < 5.1)
+    rake (12.0.0)
+    rdoc (5.1.0)
+    responders (2.4.0)
+      actionpack (>= 4.2.0, < 5.3)
+      railties (>= 4.2.0, < 5.3)
     ruby-openid (2.7.0)
-    sprockets (3.6.2)
+    sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.1.1)
+    sprockets-rails (3.2.0)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    sqlite3 (1.3.11)
-    thor (0.19.1)
-    thread_safe (0.3.5)
-    tzinfo (1.2.2)
+    sqlite3 (1.3.13)
+    thor (0.19.4)
+    thread_safe (0.3.6)
+    tzinfo (1.2.3)
       thread_safe (~> 0.1)
-    warden (1.2.6)
+    warden (1.2.7)
       rack (>= 1.0)
     webrat (0.7.3)
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
-    websocket-driver (0.6.4)
+    websocket-driver (0.6.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.2)
 
@@ -186,7 +182,7 @@ DEPENDENCIES
   omniauth-facebook
   omniauth-oauth2
   omniauth-openid
-  rails (~> 5.0.0)
+  rails (~> 5.1)
   rails-controller-testing
   rdoc
   responders (~> 2.1)
@@ -194,4 +190,4 @@ DEPENDENCIES
   webrat (= 0.7.3)
 
 BUNDLED WITH
-   1.12.5
+   1.16.1

data/ISSUE_TEMPLATE.md

@@ -0,0 +1,19 @@
+## Precheck
+
+- Do not use the issues tracker for help or support, try Stack Overflow.
+- For bugs, do a quick search and make sure the bug has not yet been reported
+- Finally, be nice and have fun!
+
+## Environment
+
+- Ruby **[version]**
+- Rails **[version]**
+- Devise **[version]**
+
+## Current behavior
+
+Include code samples, errors, steps to reproduce the error and stacktraces if appropriate.
+
+Will be even more helpful if you provide a sample application or a test case that reproduces the error.
+
+## Expected behavior

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2009-2016 Plataformatec. http://plataformatec.com.br
+Copyright 2009-2017 Plataformatec. http://plataformatec.com.br
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the