devise 4.9.1 → 4.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f56cd83cbbdcdf01b18950a30f37e542829de1b581208437053f6ad64b17a39c
4
- data.tar.gz: 839cdea0f7460ec74bccee64aa5fb72907ff91a893a527fff876380db47d5db8
3
+ metadata.gz: 1dc134957d3855a45dd68b04b36bca2a993b095b1c05f5d87f4a68d2469660df
4
+ data.tar.gz: '09de3502b6e5afdb42d9c34b7896dfd9fcc0d58fa088951a2aab2f39095246c4'
5
5
  SHA512:
6
- metadata.gz: 12577bae2a233b3d4fd9a6555951f22598d1045069cdd23050c2b3d939488a65bee07ca120aacdf041a04f0dce8a44918a5b52479f5464402c05eb41bf17f23f
7
- data.tar.gz: 39a55340727b03a3762a17d714717d89e92c26255da9dc5877571c78eaf13629f540bccda449e7e7bab3b166945d5fcf4e4d67d02f3e63747194d897fa974c1d
6
+ metadata.gz: 2413954e6decdda1c1e0adf5bf39b8ede790ef90dfc61d433528e28948f248a598ac1772b2606ff1b79f07ae330aec153e92b53aa0b2708a1b7ca19156034e81
7
+ data.tar.gz: a04f21e33fb88287ff808102c76e550a70165b2fddbde92c3984a4fa3c325fe507b68366c4b1a11d847ddce3e3722e4bda7d09642f140a872c7c0c73de32ba50
data/CHANGELOG.md CHANGED
@@ -1,6 +1,13 @@
1
- ### Unreleased
1
+ ### 4.9.3 - 2023-10-11
2
2
 
3
+ * enhancements
4
+ * Add support for Rails 7.1.
5
+ * Add `Devise.deprecator` to integrate with new application deprecators in Rails 7.1. (@soartec-lab, @etiennebarrie)
6
+
7
+ ### 4.9.2 - 2023-04-03
3
8
 
9
+ * deprecations
10
+ * Bring back `Devise.activerecord51?` and deprecate it, in order to avoid breakage with some libraries that apparently relied on it.
4
11
 
5
12
  ### 4.9.1 - 2023-03-31
6
13
 
data/README.md CHANGED
@@ -483,7 +483,7 @@ Devise.setup do |config|
483
483
  # ...
484
484
  # When using Devise with Hotwire/Turbo, the http status for error responses
485
485
  # and some redirects must match the following. The default in Devise for existing
486
- # apps is `200 OK` and `302 Found respectively`, but new apps are generated with
486
+ # apps is `200 OK` and `302 Found` respectively, but new apps are generated with
487
487
  # these new defaults that match Hotwire/Turbo behavior.
488
488
  # Note: These might become the new default in future versions of Devise.
489
489
  config.responder.error_status = :unprocessable_entity
@@ -33,6 +33,19 @@ class DeviseController < Devise.parent_controller.constantize
33
33
  end
34
34
  end
35
35
 
36
+ # Override internal methods to exclude `_prefixes` from action methods since
37
+ # we override it above.
38
+ #
39
+ # There was an intentional change in Rails 7.1 that will allow it to become
40
+ # an action method because it's a public method of a non-abstract controller,
41
+ # but we also can't make this abstract because it can affect potential actions
42
+ # defined in the parent controller, so instead we ensure `_prefixes` is going
43
+ # to be considered internal. (and thus, won't become an action method.)
44
+ # Ref: https://github.com/rails/rails/pull/48699
45
+ def self.internal_methods #:nodoc:
46
+ super << :_prefixes
47
+ end
48
+
36
49
  protected
37
50
 
38
51
  # Gets the actual resource stored in the instance variable
@@ -4,7 +4,7 @@ module DeviseHelper
4
4
  # Retain this method for backwards compatibility, deprecated in favor of modifying the
5
5
  # devise/shared/error_messages partial.
6
6
  def devise_error_messages!
7
- ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
7
+ Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
8
8
  [Devise] `DeviseHelper#devise_error_messages!` is deprecated and will be
9
9
  removed in the next major version.
10
10
 
@@ -38,7 +38,7 @@ module Devise
38
38
  expire_data_after_sign_in!
39
39
 
40
40
  if options[:bypass]
41
- ActiveSupport::Deprecation.warn(<<-DEPRECATION.strip_heredoc, caller)
41
+ Devise.deprecator.warn(<<-DEPRECATION.strip_heredoc, caller)
42
42
  [Devise] bypass option is deprecated and it will be removed in future version of Devise.
43
43
  Please use bypass_sign_in method instead.
44
44
  Example:
@@ -62,7 +62,7 @@ module Devise
62
62
  :remember_token, :unconfirmed_email, :failed_attempts, :unlock_token, :locked_at]
63
63
 
64
64
  include Devise::DeprecatedConstantAccessor
65
- deprecate_constant "BLACKLIST_FOR_SERIALIZATION", "Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION"
65
+ deprecate_constant "BLACKLIST_FOR_SERIALIZATION", "Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION", deprecator: Devise.deprecator
66
66
 
67
67
  included do
68
68
  class_attribute :devise_modules, instance_writer: false
@@ -86,7 +86,7 @@ module Devise
86
86
  # is also rejected as long as it is also blank.
87
87
  def update_with_password(params, *options)
88
88
  if options.present?
89
- ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
89
+ Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
90
90
  [Devise] The second argument of `DatabaseAuthenticatable#update_with_password`
91
91
  (`options`) is deprecated and it will be removed in the next major version.
92
92
  It was added to support a feature deprecated in Rails 4, so you can safely remove it
@@ -128,7 +128,7 @@ module Devise
128
128
  #
129
129
  def update_without_password(params, *options)
130
130
  if options.present?
131
- ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
131
+ Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
132
132
  [Devise] The second argument of `DatabaseAuthenticatable#update_without_password`
133
133
  (`options`) is deprecated and it will be removed in the next major version.
134
134
  It was added to support a feature deprecated in Rails 4, so you can safely remove it
@@ -26,7 +26,7 @@ rescue LoadError
26
26
  super
27
27
  end
28
28
 
29
- def deprecate_constant(const_name, new_constant, message: nil, deprecator: ActiveSupport::Deprecation.instance)
29
+ def deprecate_constant(const_name, new_constant, message: nil, deprecator: Devise.deprecator)
30
30
  class_variable_set(:@@_deprecated_constants, {}) unless class_variable_defined?(:@@_deprecated_constants)
31
31
  class_variable_get(:@@_deprecated_constants)[const_name.to_s] = { new: new_constant, message: message, deprecator: deprecator }
32
32
  end
data/lib/devise/rails.rb CHANGED
@@ -17,6 +17,10 @@ module Devise
17
17
  app.reload_routes! if Devise.reload_routes
18
18
  end
19
19
 
20
+ initializer "devise.deprecator" do |app|
21
+ app.deprecators[:devise] = Devise.deprecator if app.respond_to?(:deprecators)
22
+ end
23
+
20
24
  initializer "devise.url_helpers" do
21
25
  Devise.include_helpers(Devise::Controllers)
22
26
  end
@@ -69,7 +69,7 @@ module Devise
69
69
  scope = resource
70
70
  resource = deprecated
71
71
 
72
- ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
72
+ Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
73
73
  [Devise] sign_in(:#{scope}, resource) on controller tests is deprecated and will be removed from Devise.
74
74
  Please use sign_in(resource, scope: :#{scope}) instead.
75
75
  DEPRECATION
@@ -4,7 +4,7 @@ module Devise
4
4
  module TestHelpers
5
5
  def self.included(base)
6
6
  base.class_eval do
7
- ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
7
+ Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
8
8
  [Devise] including `Devise::TestHelpers` is deprecated and will be removed from Devise.
9
9
  For controller tests, please include `Devise::Test::ControllerHelpers` instead.
10
10
  DEPRECATION
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Devise
4
- VERSION = "4.9.1".freeze
4
+ VERSION = "4.9.3".freeze
5
5
  end
data/lib/devise.rb CHANGED
@@ -520,6 +520,18 @@ module Devise
520
520
  b.each_byte { |byte| res |= byte ^ l.shift }
521
521
  res == 0
522
522
  end
523
+
524
+ def self.deprecator
525
+ @deprecator ||= ActiveSupport::Deprecation.new("5.0", "Devise")
526
+ end
527
+
528
+ def self.activerecord51? # :nodoc:
529
+ deprecator.warn <<-DEPRECATION.strip_heredoc
530
+ [Devise] `Devise.activerecord51?` is deprecated and will be removed in the next major version.
531
+ It is a non-public method that's no longer used internally, but that other libraries have been relying on.
532
+ DEPRECATION
533
+ defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
534
+ end
523
535
  end
524
536
 
525
537
  require 'warden'
@@ -299,7 +299,7 @@ Devise.setup do |config|
299
299
  # ==> Hotwire/Turbo configuration
300
300
  # When using Devise with Hotwire/Turbo, the http status for error responses
301
301
  # and some redirects must match the following. The default in Devise for existing
302
- # apps is `200 OK` and `302 Found respectively`, but new apps are generated with
302
+ # apps is `200 OK` and `302 Found` respectively, but new apps are generated with
303
303
  # these new defaults that match Hotwire/Turbo behavior.
304
304
  # Note: These might become the new default in future versions of Devise.
305
305
  config.responder.error_status = :unprocessable_entity
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.9.1
4
+ version: 4.9.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - José Valim
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2023-03-31 00:00:00.000000000 Z
12
+ date: 2023-10-11 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: warden
@@ -229,7 +229,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
229
229
  - !ruby/object:Gem::Version
230
230
  version: '0'
231
231
  requirements: []
232
- rubygems_version: 3.4.5
232
+ rubygems_version: 3.4.10
233
233
  signing_key:
234
234
  specification_version: 4
235
235
  summary: Flexible authentication solution for Rails with Warden