devise 4.1.1 → 4.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ae66c3c22e62e034ece98b6498c993737bd056e9
-  data.tar.gz: a278bfa6812d8470f2e4b732dcad3ad858b9cd02
+  metadata.gz: 5e29ea6d513d978b0fd04f14b67dd51e2122784d
+  data.tar.gz: 05cc9f23bc3d9a990a174b0c9355e675fd0e4b7a
 SHA512:
-  metadata.gz: be13b50cfa7a16324637907e62236b1627b997fdf10081bb4513f65494461e24bccdf65410e582f0d4e8a69327e407b893e7a6e9e81367e5685fad316065f18d
-  data.tar.gz: 7697239a9ead6ee62a0d2eb25f4037b889b84a6eaf07079c8b41d98ad91924a3513e5a669e88a33e35544ec986faa14f35a0c30b28871001db4ae798afbef8e6
+  metadata.gz: 75169de4446c19bcd4da1faa1659f8481f807ea6de193a182d38dd681380c60d46cdd07dcfcaad80eaea07d8792878abf29a6572d630e982b6bba239d1b6434e
+  data.tar.gz: 0a45b86723a424e2e9633c32fd3b8775e1f1d20d8316be3af54522112511e3da95d0446abf10c70f9ebf7c57e83adfb883ac2ccb905df3957912a6b9f624d424

data/.travis.yml

@@ -1,22 +1,24 @@
 language: ruby
 
 rvm:
-  - 2.3.0
-  - 2.2.4
-  - 2.1.8
+  - 2.1.9
+  - 2.2.5
+  - 2.3.1
+  - ruby-head
 
 gemfile:
   - Gemfile
-  - gemfiles/Gemfile.rails-5.0-beta
   - gemfiles/Gemfile.rails-4.2-stable
   - gemfiles/Gemfile.rails-4.1-stable
 
 matrix:
   exclude:
-    - rvm: 2.1.8
-      gemfile: gemfiles/Gemfile.rails-5.0-beta
+    - rvm: 2.1.9
+      gemfile: Gemfile
     - env: DEVISE_ORM=mongoid
-      gemfile: gemfiles/Gemfile.rails-5.0-beta
+      gemfile: Gemfile
+  allow_failures:
+    - rvm: ruby-head
 services:
   - mongodb
 

data/CHANGELOG.md

@@ -1,3 +1,42 @@
+### Unreleased
+
+### 4.2.0 - 2016-07-01
+
+* removals
+  * Remove the deprecated `Devise::ParameterSanitizer` API from Devise 3.
+    Please use the `#permit` and `#sanitize` methods over `#for`.
+  * Remove the deprecated OmniAuth URL helpers. Use the fully qualified helpers
+    (`user_facebook_omniauth_authorize_path`) over the scope based helpers
+    ( `user_omniauth_authorize_path(:facebook)`).
+  * Remove the `Devise.bcrypt` method, use `Devise::Encryptor.digest` instead.
+  * Remove the `Devise::Models::Confirmable#confirm!` method, use `confirm` instead.
+  * Remove the `Devise::Models::Recoverable#reset_password!` method, use `reset_password` instead.
+  * Remove the `Devise::Models::Recoverable#after_password_reset` method.
+* bug fixes
+  * Fix an `ActionDispatch::IllegalStateError` when testing controllers with Rails 5 rc 2(by @hamadata).
+  * Use `ActiveSupport.on_load` hooks to include Devise on `ActiveRecord` and `Mongoid`,
+    avoiding autoloading these constants too soon (by @lucasmazza, @rafaelfranca).
+* enhancements
+  * Display the minimum password length on `registrations/edit` view (by @Yanchek99).
+  * You can disable Devise's routes reloading on boot by through the `reload_routes = false` config.
+    This can reduce the time taken to boot the application but it might trigger
+    some errors if you application (mostly your controllers) requires that
+    Devise mappings be loaded during boot time (by @sidonath).
+  * Added `Devise::Test::IntegrationHelpers` to bypass the sign in process using
+    Warden test API (by @lucasmazza).
+  * Define `inspect` in `Devise::Models::Authenticatable` to help ensure password hashes
+    aren't included in exceptions or otherwise accidentally serialized (by @tkrajcar).
+  * Add missing support of `Rails.application.config.action_controller.relative_url_root` (by @kosdiamantis).
+* deprecations
+  * `Devise::TestHelpers` is deprecated in favor of `Devise::Test::ControllerHelpers`
+    (by @lucasmazza).
+  * The `sign_in` test helper has changed to use keyword arguments when passing
+    a scope. `sign_in :admin, users(:alice)` should be rewritten as
+    `sign_in users(:alice), scope: :admin` (by @lucasmazza).
+  * The option `bypass` of `Devise::Controllers::SignInOut#sign_in` method is
+    deprecated in favor of `Devise::Controllers::SignInOut#bypass_sign_in`
+    method (by @ulissesalmeida).
+
 ### 4.1.1 - 2016-05-15
 
 * bug fixes
@@ -39,6 +78,11 @@
 * improvements
   * Avoids extra computation of friendly token for confirmation token (by @sbc100)
 
+### 4.0.3 - 2016-05-15
+
+  * bug fixes
+    * Fix overwriting the remember_token when a valid one already exists (by @ralinchimev).
+
 ### 4.0.2 - 2016-05-02
 
 * bug fixes
@@ -82,11 +126,11 @@
 
 * deprecations
   * omniauth routes are no longer defined with a wildcard `:provider` parameter,
-    and provider specific routes are defined instead, so route helpers like `user_omniauth_authorize_path(:github)` are deprecated in favor of `user_github_authorize_path`.
+    and provider specific routes are defined instead, so route helpers like `user_omniauth_authorize_path(:github)` are deprecated in favor of `user_github_omniauth_authorize_path`.
     You can still use `omniauth_authorize_path(:user, :github)` if you need to
     call the helpers dynamically.
 
-### 4.0.0.rc1 - 2016-01-02
+### 4.0.0.rc1 - 2016-02-01
 
 * Support added to Rails 5 (by @twalpole).
 * Devise no longer supports Rails 3.2 and 4.0.

data/CONTRIBUTING.md

@@ -1,16 +1,39 @@
 ### Please read before contributing
 
-1) Do not post questions in the issues tracker. If you have any questions about Devise, search the [Wiki](https://github.com/plataformatec/devise/wiki) or use the [Mailing List](https://groups.google.com/group/plataformatec-devise) or [Stack Overflow](http://stackoverflow.com/questions/tagged/devise).
+1) Do not post questions in the issues tracker. If you have any questions about
+Devise, search the [Wiki](https://github.com/plataformatec/devise/wiki) or use
+the [Mailing List](https://groups.google.com/group/plataformatec-devise) or
+[Stack Overflow](http://stackoverflow.com/questions/tagged/devise).
 
-2) If you find a security bug, **DO NOT** submit an issue here. Please send an e-mail to [opensource@plataformatec.com.br](mailto:opensource@plataformatec.com.br) instead.
+2) If you find a security bug, **DO NOT** submit an issue here. Please send an
+e-mail to [opensource@plataformatec.com.br](mailto:opensource@plataformatec.com.br)
+instead.
 
-3) Do a small search on the issues tracker before submitting your issue to see if it was already reported / fixed.
+3) If possible, replicate your issue with our
+[guides/bug_report_templates/integration_test.rb](test case example), and attach
+it to your issue or Pull Request - this way we have an isolated way to replicate
+your issue and investigate it further.
 
-4) When reporting an issue, include Rails, Devise and Warden versions. If you are getting exceptions, please include the full backtrace.
+4) Otherwise, please provide a fresh new Rails application that replicates your
+issue on a public GitHub repository, as some scenarios might not be possible to
+replicate using the standalone test case example.
 
-5) Notice that all of your interactions in the project are expected to follow our [Code of Conduct](CODE_OF_CONDUCT.md)
+5) Do a small search on the issues tracker before submitting your issue to see
+if it was already reported / fixed. Duplicated issues will be closed to avoid
+too much noise/duplication in the issue tracker.
 
-That's it! The more information you give, the easier it becomes for us to track it down and fix it.
-Ideally, you should provide an application that reproduces the error or a test case to Devise's suite.
+6) When reporting an issue, include Rails, Devise and Warden versions. If you
+are getting exceptions, please include the full backtrace.
+
+7) Please do not attempt to translate Devise built in views. The views are meant
+to be a starting point and not a final version. For historical references,
+please look into closed issues/Pull regarding i18n.
+
+8) Notice that all of your interactions in the project are expected to follow
+our [Code of Conduct](CODE_OF_CONDUCT.md)
+
+That's it! The more information you give, the easier it becomes for us to track
+it down and fix it. Ideally, you should provide an application that reproduces
+the error or a test case to Devise's suite.
 
 Thanks!

data/Gemfile

@@ -2,17 +2,23 @@ source "https://rubygems.org"
 
 gemspec
 
-gem "rails", "~> 4.2.6"
+gem "rails", "~> 5.0.0"
 gem "omniauth", "~> 1.3"
-gem "omniauth-oauth2", "~> 1.4"
+gem "oauth2"
+gem "omniauth-oauth2"
 gem "rdoc"
 
+gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
+
+gem "rails-controller-testing"
+
+gem "responders", "~> 2.1"
+
 group :test do
   gem "omniauth-facebook"
-  gem "omniauth-openid", "~> 1.0.1"
+  gem "omniauth-openid"
   gem "webrat", "0.7.3", require: false
   gem "mocha", "~> 1.1", require: false
-  gem 'test_after_commit', require: false
 end
 
 platforms :jruby do
@@ -25,6 +31,7 @@ platforms :ruby do
   gem "sqlite3"
 end
 
-group :mongoid do
-  gem "mongoid", "~> 5.0"
-end
+# TODO:
+# group :mongoid do
+#   gem "mongoid", "~> 4.0.0"
+# end

data/Gemfile.lock

@@ -1,7 +1,17 @@
+GIT
+  remote: git://github.com/rails/activemodel-serializers-xml.git
+  revision: 570ee7ed33d60e44ca1f3ccbec3d1fbf61d52cbf
+  specs:
+    activemodel-serializers-xml (1.0.1)
+      activemodel (> 5.x)
+      activerecord (> 5.x)
+      activesupport (> 5.x)
+      builder (~> 3.1)
+
 PATH
   remote: .
   specs:
-    devise (4.1.1)
+    devise (4.2.0)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0, < 5.1)
@@ -11,80 +21,79 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (4.2.6)
-      actionpack (= 4.2.6)
-      actionview (= 4.2.6)
-      activejob (= 4.2.6)
+    actioncable (5.0.0)
+      actionpack (= 5.0.0)
+      nio4r (~> 1.2)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.0.0)
+      actionpack (= 5.0.0)
+      actionview (= 5.0.0)
+      activejob (= 5.0.0)
       mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.6)
-      actionview (= 4.2.6)
-      activesupport (= 4.2.6)
-      rack (~> 1.6)
-      rack-test (~> 0.6.2)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.0.0)
+      actionview (= 5.0.0)
+      activesupport (= 5.0.0)
+      rack (~> 2.0)
+      rack-test (~> 0.6.3)
+      rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.6)
-      activesupport (= 4.2.6)
+    actionview (5.0.0)
+      activesupport (= 5.0.0)
       builder (~> 3.1)
       erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (4.2.6)
-      activesupport (= 4.2.6)
-      globalid (>= 0.3.0)
-    activemodel (4.2.6)
-      activesupport (= 4.2.6)
-      builder (~> 3.1)
-    activerecord (4.2.6)
-      activemodel (= 4.2.6)
-      activesupport (= 4.2.6)
-      arel (~> 6.0)
-    activesupport (4.2.6)
+    activejob (5.0.0)
+      activesupport (= 5.0.0)
+      globalid (>= 0.3.6)
+    activemodel (5.0.0)
+      activesupport (= 5.0.0)
+    activerecord (5.0.0)
+      activemodel (= 5.0.0)
+      activesupport (= 5.0.0)
+      arel (~> 7.0)
+    activesupport (5.0.0)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-    arel (6.0.3)
+    arel (7.0.0)
     bcrypt (3.1.11)
-    bson (4.0.0)
     builder (3.2.2)
-    concurrent-ruby (1.0.1)
+    concurrent-ruby (1.0.2)
     erubis (2.7.0)
     faraday (0.9.2)
       multipart-post (>= 1.2, < 3)
     globalid (0.3.6)
       activesupport (>= 4.1.0)
-    hashie (3.4.3)
+    hashie (3.4.4)
     i18n (0.7.0)
     json (1.8.3)
-    jwt (1.5.1)
+    jwt (1.5.4)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
-    mail (2.6.3)
-      mime-types (>= 1.16, < 3)
+    mail (2.6.4)
+      mime-types (>= 1.16, < 4)
     metaclass (0.0.4)
-    mime-types (2.99.1)
-    mini_portile2 (2.0.0)
-    minitest (5.8.4)
+    method_source (0.8.2)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_portile2 (2.1.0)
+    minitest (5.9.0)
     mocha (1.1.0)
       metaclass (~> 0.0.1)
-    mongo (2.2.0)
-      bson (~> 4.0)
-    mongoid (5.0.1)
-      activemodel (~> 4.0)
-      mongo (~> 2.1)
-      origin (~> 2.1)
-      tzinfo (>= 0.3.37)
-    multi_json (1.11.2)
+    multi_json (1.12.1)
     multi_xml (0.5.5)
     multipart-post (2.0.0)
-    nokogiri (1.6.7.2)
-      mini_portile2 (~> 2.0.0.rc2)
-    oauth2 (1.1.0)
+    nio4r (1.2.1)
+    nokogiri (1.6.8)
+      mini_portile2 (~> 2.1.0)
+      pkg-config (~> 1.1.7)
+    oauth2 (1.2.0)
       faraday (>= 0.8, < 0.10)
-      jwt (~> 1.0, < 1.5.2)
+      jwt (~> 1.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
@@ -99,54 +108,55 @@ GEM
     omniauth-openid (1.0.1)
       omniauth (~> 1.0)
       rack-openid (~> 1.3.1)
-    origin (2.2.0)
     orm_adapter (0.5.0)
-    rack (1.6.4)
+    pkg-config (1.1.7)
+    rack (2.0.1)
     rack-openid (1.3.1)
       rack (>= 1.1.0)
       ruby-openid (>= 2.1.8)
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.6)
-      actionmailer (= 4.2.6)
-      actionpack (= 4.2.6)
-      actionview (= 4.2.6)
-      activejob (= 4.2.6)
-      activemodel (= 4.2.6)
-      activerecord (= 4.2.6)
-      activesupport (= 4.2.6)
+    rails (5.0.0)
+      actioncable (= 5.0.0)
+      actionmailer (= 5.0.0)
+      actionpack (= 5.0.0)
+      actionview (= 5.0.0)
+      activejob (= 5.0.0)
+      activemodel (= 5.0.0)
+      activerecord (= 5.0.0)
+      activesupport (= 5.0.0)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.6)
-      sprockets-rails
-    rails-deprecated_sanitizer (1.0.3)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
-      activesupport (>= 4.2.0.beta, < 5.0)
+      railties (= 5.0.0)
+      sprockets-rails (>= 2.0.0)
+    rails-controller-testing (0.1.1)
+      actionpack (~> 5.x)
+      actionview (~> 5.x)
+      activesupport (~> 5.x)
+    rails-dom-testing (2.0.1)
+      activesupport (>= 4.2.0, < 6.0)
       nokogiri (~> 1.6.0)
-      rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (4.2.6)
-      actionpack (= 4.2.6)
-      activesupport (= 4.2.6)
+    railties (5.0.0)
+      actionpack (= 5.0.0)
+      activesupport (= 5.0.0)
+      method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rake (11.0.1)
+    rake (11.2.2)
     rdoc (4.2.2)
       json (~> 1.4)
     responders (2.2.0)
       railties (>= 4.2.0, < 5.1)
     ruby-openid (2.7.0)
-    sprockets (3.5.2)
+    sprockets (3.6.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.0.4)
+    sprockets-rails (3.1.1)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
     sqlite3 (1.3.11)
-    test_after_commit (1.0.0)
-      activerecord (>= 3.2)
     thor (0.19.1)
     thread_safe (0.3.5)
     tzinfo (1.2.2)
@@ -157,26 +167,31 @@ GEM
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
+    websocket-driver (0.6.4)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.2)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
+  activemodel-serializers-xml!
   activerecord-jdbc-adapter
   activerecord-jdbcsqlite3-adapter
   devise!
   jruby-openssl
   mocha (~> 1.1)
-  mongoid (~> 5.0)
+  oauth2
   omniauth (~> 1.3)
   omniauth-facebook
-  omniauth-oauth2 (~> 1.4)
-  omniauth-openid (~> 1.0.1)
-  rails (~> 4.2.6)
+  omniauth-oauth2
+  omniauth-openid
+  rails (~> 5.0.0)
+  rails-controller-testing
   rdoc
+  responders (~> 2.1)
   sqlite3
-  test_after_commit
   webrat (= 0.7.3)
 
 BUNDLED WITH
-   1.12.3
+   1.12.5