devise 4.2.0 → 4.4.3

data/README.md

@@ -17,7 +17,7 @@ Devise is a flexible authentication solution for Rails based on Warden. It:
 It's composed of 10 modules:
 
 * [Database Authenticatable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/DatabaseAuthenticatable): hashes and stores a password in the database to validate the authenticity of a user while signing in. The authentication can be done both through POST requests or HTTP Basic Authentication.
-* [Omniauthable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Omniauthable): adds OmniAuth (https://github.com/intridea/omniauth) support.
+* [Omniauthable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Omniauthable): adds OmniAuth (https://github.com/omniauth/omniauth) support.
 * [Confirmable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Confirmable): sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
 * [Recoverable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Recoverable): resets the user password and sends reset instructions.
 * [Registerable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Registerable): handles signing up users through a registration process, also allowing them to edit and destroy their account.
@@ -27,6 +27,50 @@ It's composed of 10 modules:
 * [Validatable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Validatable): provides validations of email and password. It's optional and can be customized, so you're able to define your own validations.
 * [Lockable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Lockable): locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.
 
+## Table of Contents
+
+<!-- TOC depthFrom:1 depthTo:6 withLinks:1 orderedList:0 -->
+
+- [Information](#information)
+	- [The Devise wiki](#the-devise-wiki)
+	- [Bug reports](#bug-reports)
+	- [StackOverflow and Mailing List](#stackoverflow-and-mailing-list)
+	- [RDocs](#rdocs)
+	- [Example applications](#example-applications)
+	- [Extensions](#extensions)
+	- [Contributing](#contributing)
+- [Starting with Rails?](#starting-with-rails)
+- [Getting started](#getting-started)
+	- [Controller filters and helpers](#controller-filters-and-helpers)
+	- [Configuring Models](#configuring-models)
+	- [Strong Parameters](#strong-parameters)
+	- [Configuring views](#configuring-views)
+	- [Configuring controllers](#configuring-controllers)
+	- [Configuring routes](#configuring-routes)
+	- [I18n](#i18n)
+	- [Test helpers](#test-helpers)
+	- [Controller tests](#controller-tests)
+	- [Integration tests](#integration-tests)
+	- [OmniAuth](#omniauth)
+	- [Configuring multiple models](#configuring-multiple-models)
+- [Create a migration with the required fields](#create-a-migration-with-the-required-fields)
+- [Inside your Admin model](#inside-your-admin-model)
+- [Inside your routes](#inside-your-routes)
+- [Inside your protected controller](#inside-your-protected-controller)
+- [Inside your controllers and views](#inside-your-controllers-and-views)
+	- [ActiveJob Integration](#activejob-integration)
+	- [Password reset tokens and Rails logs](#password-reset-tokens-and-rails-logs)
+	- [Other ORMs](#other-orms)
+- [Additional information](#additional-information)
+	- [Heroku](#heroku)
+	- [Warden](#warden)
+	- [Contributors](#contributors)
+- [License](#license)
+
+<!-- /TOC -->
+
+
+
 ## Information
 
 ### The Devise wiki
@@ -43,9 +87,13 @@ https://github.com/plataformatec/devise/wiki/Bug-reports
 
 If you have discovered a security related bug, please do *NOT* use the GitHub issue tracker. Send an email to opensource@plataformatec.com.br.
 
-### Mailing list
+### StackOverflow and Mailing List
+
+If you have any questions, comments, or concerns, please use StackOverflow instead of the GitHub issue tracker:
 
-If you have any questions, comments, or concerns, please use the Google Group instead of the GitHub issue tracker:
+http://stackoverflow.com/questions/tagged/devise
+
+The deprecated mailing list can still be read on
 
 https://groups.google.com/group/plataformatec-devise
 
@@ -75,7 +123,36 @@ We hope that you will consider contributing to Devise. Please read this short ov
 
 https://github.com/plataformatec/devise/wiki/Contributing
 
-You will usually want to write tests for your changes.  To run the test suite, go into Devise's top-level directory and run "bundle install" and "rake".  For the tests to pass, you will need to have a MongoDB server (version 2.0 or newer) running on your system.
+You will usually want to write tests for your changes.  To run the test suite, go into Devise's top-level directory and run `bundle install` and `bin/test`.
+Devise works with multiple Ruby and Rails versions, and ActiveRecord and Mongoid ORMs, which means you can run the test suite with some modifiers: `DEVISE_ORM` and `BUNDLE_GEMFILE`.
+
+### DEVISE_ORM
+Since Devise support both Mongoid and ActiveRecord, we rely on this variable to run specific code for each ORM.
+The default value of `DEVISE_ORM` is `active_record`. To run the tests for mongoid, you can pass `mongoid`:
+```
+DEVISE_ORM=mongoid bin/test
+
+==> Devise.orm = :mongoid
+```
+When running the tests for Mongoid, you will need to have a MongoDB server (version 2.0 or newer) running on your system.
+
+Please note that the command output will show the variable value being used.
+
+### BUNDLE_GEMFILE
+We can use this variable to tell bundler what Gemfile it should use (instead of the one in the current directory).
+Inside the [gemfiles](https://github.com/plataformatec/devise/tree/master/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite brakes on Travis using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
+For example, if the tests broke using Ruby 2.4.2 and Rails 4.1, you can do the following:
+```bash
+rbenv shell 2.4.2 # or rvm use 2.4.2
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bin/test
+```
+
+You can also combine both of them if the tests broke for Mongoid:
+```bash
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable DEVISE_ORM=mongoid bin/test
+```
 
 ## Starting with Rails?
 
@@ -95,7 +172,7 @@ Devise 4.0 works with Rails 4.1 onwards. You can add it to your Gemfile with:
 gem 'devise'
 ```
 
-Run the bundle command to install it.
+Then run `bundle install`
 
 Next, you need to run the generator:
 
@@ -120,9 +197,9 @@ $ rails generate devise MODEL
 
 Next, check the MODEL for any additional configuration options you might want to add, such as confirmable or lockable. If you add an option, be sure to inspect the migration file (created by the generator if your ORM supports them) and uncomment the appropriate section.  For example, if you add the confirmable option in the model, you'll need to uncomment the Confirmable section in the migration. 
 
-Then run `rake db:migrate`
+Then run `rails db:migrate`
 
-You should restart your application after changing Devise's configuration options. Otherwise, you will run into strange errors, for example, users being unable to login and route helpers being undefined.
+You should restart your application after changing Devise's configuration options (this includes stopping spring). Otherwise, you will run into strange errors, for example, users being unable to login and route helpers being undefined.
 
 ### Controller filters and helpers
 
@@ -179,7 +256,7 @@ member_session
 The Devise method in your models also accepts some options to configure its modules. For example, you can choose the cost of the hashing algorithm with:
 
 ```ruby
-devise :database_authenticatable, :registerable, :confirmable, :recoverable, stretches: 20
+devise :database_authenticatable, :registerable, :confirmable, :recoverable, stretches: 12
 ```
 
 Besides `:stretches`, you can define `:pepper`, `:encryptor`, `:confirm_within`, `:remember_for`, `:timeout_in`, `:unlock_in` among other options. For more details, see the initializer file that was created when you invoked the "devise:install" generator described above. This file is usually located at `/config/initializers/devise.rb`.
@@ -212,7 +289,21 @@ class ApplicationController < ActionController::Base
 end
 ```
 
-The above works for any additional fields where the parameters are simple scalar types. If you have nested attributes (say you're using `accepts_nested_attributes_for`), then you will need to tell devise about those nestings and types. Devise allows you to completely change Devise defaults or invoke custom behaviour by passing a block:
+The above works for any additional fields where the parameters are simple scalar types. If you have nested attributes (say you're using `accepts_nested_attributes_for`), then you will need to tell devise about those nestings and types:
+
+```ruby
+class ApplicationController < ActionController::Base
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, address_attributes: [:country, :state, :city, :area, :postal_code]])
+  end
+end
+```
+
+Devise allows you to completely change Devise defaults or invoke custom behaviour by passing a block:
 
 To permit simple scalar values for username and email, use this
 
@@ -370,6 +461,12 @@ end
 
 This way, you tell Devise to use the scope `:user` when "/sign_in" is accessed. Notice `devise_scope` is also aliased as `as` in your router.
 
+Please note: You will still need to add `devise_for` in your routes in order to use helper methods such as `current_user`.
+
+```ruby
+devise_for :users, skip: :all
+```
+
 ### I18n
 
 Devise uses flash messages with I18n, in conjunction with the flash keys :notice and :alert. To customize your app, you can set up your locale file:
@@ -447,7 +544,7 @@ tests:
 
 ```ruby
 sign_in @user
-sign_in @user, scope: admin
+sign_in @user, scope: :admin
 ```
 
 If you are testing Devise internal controllers or a controller that inherits
@@ -606,6 +703,6 @@ https://github.com/plataformatec/devise/graphs/contributors
 
 ## License
 
-MIT License. Copyright 2009-2016 Plataformatec. http://plataformatec.com.br
+MIT License. Copyright 2009-2018 Plataformatec. http://plataformatec.com.br
 
 You are not granted rights or licenses to the trademarks of Plataformatec, including without limitation the Devise name or logo.

data/Rakefile

@@ -1,4 +1,5 @@
 # encoding: UTF-8
+# frozen_string_literal: true
 
 require 'bundler/gem_tasks'
 require 'rake/testtask'

data/app/controllers/devise/confirmations_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class Devise::ConfirmationsController < DeviseController
   # GET /resource/confirmation/new
   def new

data/app/controllers/devise/omniauth_callbacks_controller.rb

@@ -1,12 +1,14 @@
+# frozen_string_literal: true
+
 class Devise::OmniauthCallbacksController < DeviseController
   prepend_before_action { request.env["devise.skip_timeout"] = true }
 
   def passthru
-    render status: 404, text: "Not found. Authentication passthru."
+    render status: 404, plain: "Not found. Authentication passthru."
   end
 
   def failure
-    set_flash_message :alert, :failure, kind: OmniAuth::Utils.camelize(failed_strategy.name), reason: failure_message
+    set_flash_message! :alert, :failure, kind: OmniAuth::Utils.camelize(failed_strategy.name), reason: failure_message
     redirect_to after_omniauth_failure_path_for(resource_name)
   end
 

data/app/controllers/devise/passwords_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class Devise::PasswordsController < DeviseController
   prepend_before_action :require_no_authentication
   # Render the #edit only if coming from a reset password email link

data/app/controllers/devise/registrations_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class Devise::RegistrationsController < DeviseController
   prepend_before_action :require_no_authentication, only: [:new, :create, :cancel]
   prepend_before_action :authenticate_scope!, only: [:edit, :update, :destroy]
@@ -5,7 +7,7 @@ class Devise::RegistrationsController < DeviseController
 
   # GET /resource/sign_up
   def new
-    build_resource({})
+    build_resource
     yield resource if block_given?
     respond_with resource
   end
@@ -57,6 +59,7 @@ class Devise::RegistrationsController < DeviseController
       respond_with resource, location: after_update_path_for(resource)
     else
       clean_up_passwords resource
+      set_minimum_password_length
       respond_with resource
     end
   end
@@ -96,8 +99,8 @@ class Devise::RegistrationsController < DeviseController
 
   # Build a devise resource passing in the session. Useful to move
   # temporary session data to the newly created user.
-  def build_resource(hash=nil)
-    self.resource = resource_class.new_with_session(hash || {}, session)
+  def build_resource(hash = {})
+    self.resource = resource_class.new_with_session(hash, session)
   end
 
   # Signs in a user on sign up. You can overwrite this method in your own

data/app/controllers/devise/sessions_controller.rb

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
+
 class Devise::SessionsController < DeviseController
   prepend_before_action :require_no_authentication, only: [:new, :create]
   prepend_before_action :allow_params_authentication!, only: :create
   prepend_before_action :verify_signed_out_user, only: :destroy
-  prepend_before_action only: [:create, :destroy] { request.env["devise.skip_timeout"] = true }
+  prepend_before_action(only: [:create, :destroy]) { request.env["devise.skip_timeout"] = true }
 
   # GET /resource/sign_in
   def new

data/app/controllers/devise/unlocks_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class Devise::UnlocksController < DeviseController
   prepend_before_action :require_no_authentication
 

data/app/controllers/devise_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # All Devise controllers are inherited from here.
 class DeviseController < Devise.parent_controller.constantize
   include Devise::Controllers::ScopedViews

data/app/helpers/devise_helper.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module DeviseHelper
   # A simple way to show error messages for the current devise resource. If you need
   # to customize this method, you can either overwrite it in your application helpers or

data/app/mailers/devise/mailer.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 if defined?(ActionMailer)
   class Devise::Mailer < Devise.parent_mailer.constantize
     include Devise::Mailers::Helpers
@@ -17,6 +19,10 @@ if defined?(ActionMailer)
       devise_mail(record, :unlock_instructions, opts)
     end
 
+    def email_changed(record, opts={})
+      devise_mail(record, :email_changed, opts)
+    end
+
     def password_change(record, opts={})
       devise_mail(record, :password_change, opts)
     end

data/app/views/devise/confirmations/new.html.erb

@@ -5,7 +5,7 @@
 
   <div class="field">
     <%= f.label :email %><br />
-    <%= f.email_field :email, autofocus: true, value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
+    <%= f.email_field :email, autofocus: true, autocomplete: "email", value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
   </div>
 
   <div class="actions">

data/app/views/devise/mailer/email_changed.html.erb

@@ -0,0 +1,7 @@
+<p>Hello <%= @email %>!</p>
+
+<% if @resource.try(:unconfirmed_email?) %>
+  <p>We're contacting you to notify you that your email is being changed to <%= @resource.unconfirmed_email %>.</p>
+<% else %>
+  <p>We're contacting you to notify you that your email has been changed to <%= @resource.email %>.</p>
+<% end %>

data/app/views/devise/passwords/new.html.erb

@@ -5,7 +5,7 @@
 
   <div class="field">
     <%= f.label :email %><br />
-    <%= f.email_field :email, autofocus: true %>
+    <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
   </div>
 
   <div class="actions">

data/app/views/devise/registrations/edit.html.erb

@@ -5,7 +5,7 @@
 
   <div class="field">
     <%= f.label :email %><br />
-    <%= f.email_field :email, autofocus: true %>
+    <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
   </div>
 
   <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>

data/app/views/devise/registrations/new.html.erb

@@ -5,7 +5,7 @@
 
   <div class="field">
     <%= f.label :email %><br />
-    <%= f.email_field :email, autofocus: true %>
+    <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
   </div>
 
   <div class="field">

data/app/views/devise/sessions/new.html.erb

@@ -3,7 +3,7 @@
 <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
   <div class="field">
     <%= f.label :email %><br />
-    <%= f.email_field :email, autofocus: true %>
+    <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
   </div>
 
   <div class="field">

data/app/views/devise/unlocks/new.html.erb

@@ -5,7 +5,7 @@
 
   <div class="field">
     <%= f.label :email %><br />
-    <%= f.email_field :email, autofocus: true %>
+    <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
   </div>
 
   <div class="actions">

data/config/locales/en.yml

@@ -23,6 +23,8 @@ en:
         subject: "Reset password instructions"
       unlock_instructions:
         subject: "Unlock instructions"
+      email_changed:
+        subject: "Email Changed"
       password_change:
         subject: "Password Changed"
     omniauth_callbacks:

data/devise.gemspec

@@ -1,4 +1,6 @@
 # -*- encoding: utf-8 -*-
+# frozen_string_literal: true
+
 $:.push File.expand_path("../lib", __FILE__)
 require "devise/version"
 
@@ -21,6 +23,6 @@ Gem::Specification.new do |s|
   s.add_dependency("warden", "~> 1.2.3")
   s.add_dependency("orm_adapter", "~> 0.1")
   s.add_dependency("bcrypt", "~> 3.0")
-  s.add_dependency("railties", ">= 4.1.0", "< 5.1")
+  s.add_dependency("railties", ">= 4.1.0", "< 6.0")
   s.add_dependency("responders")
 end

data/gemfiles/Gemfile.rails-4.1-stable

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
 gemspec path: ".."
@@ -5,7 +7,7 @@ gemspec path: ".."
 gem "rails", github: "rails/rails", branch: "4-1-stable"
 gem "omniauth"
 gem "omniauth-oauth2"
-gem "rdoc"
+gem "rdoc", "~> 5.1"
 
 group :test do
   gem "omniauth-facebook"

data/gemfiles/Gemfile.rails-4.1-stable.lock

@@ -1,76 +1,71 @@
 GIT
   remote: git://github.com/rails/rails.git
-  revision: 9f5cbe613c8a80282970c73b0f00095788d54e34
+  revision: 0cad778c2605a5204a05a9f1dbd3344e39f248d8
   branch: 4-1-stable
   specs:
-    actionmailer (4.1.15)
-      actionpack (= 4.1.15)
-      actionview (= 4.1.15)
+    actionmailer (4.1.16)
+      actionpack (= 4.1.16)
+      actionview (= 4.1.16)
       mail (~> 2.5, >= 2.5.4)
-    actionpack (4.1.15)
-      actionview (= 4.1.15)
-      activesupport (= 4.1.15)
-      rack (~> 1.5.2)
-      rack-test (~> 0.6.2)
-    actionview (4.1.15)
-      activesupport (= 4.1.15)
-      builder (~> 3.1)
-      erubis (~> 2.7.0)
-    activemodel (4.1.15)
-      activesupport (= 4.1.15)
-      builder (~> 3.1)
-    activerecord (4.1.15)
-      activemodel (= 4.1.15)
-      activesupport (= 4.1.15)
-      arel (~> 5.0.0)
-    activesupport (4.1.15)
-      i18n (~> 0.6, >= 0.6.9)
-      json (~> 1.7, >= 1.7.7)
-      minitest (~> 5.1)
-      thread_safe (~> 0.1)
-      tzinfo (~> 1.1)
-    rails (4.1.15)
-      actionmailer (= 4.1.15)
-      actionpack (= 4.1.15)
-      actionview (= 4.1.15)
-      activemodel (= 4.1.15)
-      activerecord (= 4.1.15)
-      activesupport (= 4.1.15)
+    rails (4.1.16)
+      actionmailer (= 4.1.16)
+      actionpack (= 4.1.16)
+      actionview (= 4.1.16)
+      activemodel (= 4.1.16)
+      activerecord (= 4.1.16)
+      activesupport (= 4.1.16)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.1.15)
+      railties (= 4.1.16)
       sprockets-rails (~> 2.0)
-    railties (4.1.15)
-      actionpack (= 4.1.15)
-      activesupport (= 4.1.15)
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
 
 PATH
   remote: ..
   specs:
-    devise (4.2.0)
+    devise (4.4.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.1)
+      railties (>= 4.1.0, < 6.0)
       responders
       warden (~> 1.2.3)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actionpack (4.1.16)
+      actionview (= 4.1.16)
+      activesupport (= 4.1.16)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    actionview (4.1.16)
+      activesupport (= 4.1.16)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+    activemodel (4.1.16)
+      activesupport (= 4.1.16)
+      builder (~> 3.1)
+    activerecord (4.1.16)
+      activemodel (= 4.1.16)
+      activesupport (= 4.1.16)
+      arel (~> 5.0.0)
+    activesupport (4.1.16)
+      i18n (~> 0.6, >= 0.6.9)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.1)
+      tzinfo (~> 1.1)
     arel (5.0.1.20140414130214)
     bcrypt (3.1.11)
     bson (3.2.6)
-    builder (3.2.2)
-    concurrent-ruby (1.0.2)
-    connection_pool (2.2.0)
+    builder (3.2.3)
+    concurrent-ruby (1.0.5)
+    connection_pool (2.2.1)
     erubis (2.7.0)
-    faraday (0.9.2)
+    faraday (0.11.0)
       multipart-post (>= 1.2, < 3)
-    hashie (3.4.4)
-    i18n (0.7.0)
-    json (1.8.3)
-    jwt (1.5.4)
+    hashie (3.5.5)
+    i18n (0.8.1)
+    json (1.8.6)
+    jwt (1.5.6)
     mail (2.6.4)
       mime-types (>= 1.16, < 4)
     metaclass (0.0.4)
@@ -78,8 +73,8 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
     mini_portile2 (2.1.0)
-    minitest (5.9.0)
-    mocha (1.1.0)
+    minitest (5.10.1)
+    mocha (1.2.1)
       metaclass (~> 0.0.1)
     mongoid (4.0.2)
       activemodel (~> 4.0)
@@ -91,21 +86,20 @@ GEM
       connection_pool (~> 2.0)
       optionable (~> 0.2.0)
     multi_json (1.12.1)
-    multi_xml (0.5.5)
+    multi_xml (0.6.0)
     multipart-post (2.0.0)
-    nokogiri (1.6.8)
+    nokogiri (1.7.0.1)
       mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
-    oauth2 (1.2.0)
-      faraday (>= 0.8, < 0.10)
+    oauth2 (1.3.1)
+      faraday (>= 0.8, < 0.12)
       jwt (~> 1.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
-    omniauth (1.3.1)
+    omniauth (1.4.2)
       hashie (>= 1.2, < 4)
       rack (>= 1.0, < 3)
-    omniauth-facebook (3.0.0)
+    omniauth-facebook (4.0.0)
       omniauth-oauth2 (~> 1.2)
     omniauth-oauth2 (1.4.0)
       oauth2 (~> 1.0)
@@ -114,36 +108,39 @@ GEM
       omniauth (~> 1.0)
       rack-openid (~> 1.3.1)
     optionable (0.2.0)
-    origin (2.2.0)
+    origin (2.3.0)
     orm_adapter (0.5.0)
-    pkg-config (1.1.7)
     rack (1.5.5)
     rack-openid (1.3.1)
       rack (>= 1.1.0)
       ruby-openid (>= 2.1.8)
     rack-test (0.6.3)
       rack (>= 1.0)
-    rake (11.2.2)
-    rdoc (4.2.2)
-      json (~> 1.4)
+    railties (4.1.16)
+      actionpack (= 4.1.16)
+      activesupport (= 4.1.16)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (12.0.0)
+    rdoc (5.1.0)
     responders (1.1.2)
       railties (>= 3.2, < 4.2)
     ruby-openid (2.7.0)
-    sprockets (3.6.2)
+    sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
     sprockets-rails (2.3.3)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       sprockets (>= 2.8, < 4.0)
-    sqlite3 (1.3.11)
+    sqlite3 (1.3.13)
     test_after_commit (1.1.0)
       activerecord (>= 3.2)
-    thor (0.19.1)
-    thread_safe (0.3.5)
+    thor (0.19.4)
+    thread_safe (0.3.6)
     tzinfo (1.2.2)
       thread_safe (~> 0.1)
-    warden (1.2.6)
+    warden (1.2.7)
       rack (>= 1.0)
     webrat (0.7.3)
       nokogiri (>= 1.2.0)
@@ -165,10 +162,10 @@ DEPENDENCIES
   omniauth-oauth2
   omniauth-openid
   rails!
-  rdoc
+  rdoc (~> 5.1)
   sqlite3
   test_after_commit
   webrat (= 0.7.3)
 
 BUNDLED WITH
-   1.12.5
+   1.16.1

data/gemfiles/Gemfile.rails-4.2-stable

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
 gemspec path: ".."
@@ -5,7 +7,7 @@ gemspec path: ".."
 gem "rails", github: "rails/rails", branch: "4-2-stable"
 gem "omniauth"
 gem "omniauth-oauth2"
-gem "rdoc"
+gem "rdoc", "~> 5.1"
 
 group :test do
   gem "omniauth-facebook"