Skip to content

Bump devise from 4.5.0 to 4.6.0

NipaNipa requested to merge dependabot/bundler/devise-4.6.0 into master

Bumps devise from 4.5.0 to 4.6.0.

Changelog

Sourced from devise's changelog.

4.6.0 - 2019-02-07

  • enhancements

    • Allow to skip email and password change notifications (by iorme1)
    • Include the use of nil for allow_unconfirmed_access_for in the docs (by joaumg)
    • Ignore useless files into the .gem file (by huacnlee)
    • Explain the code that prevents enumeration attacks inside Devise::Strategies::DatabaseAuthenticatable (by tegon)
    • Refactor the devise_error_messages! helper to render a partial (by prograhamer)
    • Add an option (Devise.sign_in_after_change_password) to not automatically sign in a user after changing a password (by knjko)

  • bug fixes

    • Fix missing comma in Simple Form generator (by colinross)
    • Fix error with migration generator in Rails 6 (by oystersauce8)
    • Set encrypted_password to nil when password is set to nil (by sivagollapalli)
    • Consider whether the request supports flash messages inside Devise::Controllers::Helpers#is_flashing_format? (by colinross)
    • Fix typo inside Devise::Generators::ControllersGenerator (by kopylovvlad)
    • Sanitize parameters inside Devise::Models::Authenticatable#find_or_initialize_with_errors (by rlue)
    • #after_database_authentication callback was not called after authentication on password reset (by kanmaniselvan)
    • Fix corner case when #confirmation_period_valid? was called at the same second as confirmation_sent_at was set. Mostly true for date types that only have second precisions. (by stanhu)
    • Fix unclosed li tag in error_messages partial (by mracos)
    • Fix Routes issue when devise engine is mounted in another engine on Rails versions lower than 5.1 (by a-barbieri)
    • Make #increment_failed_attempts concurrency safe (by tegon)
    • Apply Test Helper fix to Rails 6.0 as well as 5.x (by matthewrudy)

  • deprecations

    • The second argument of DatabaseAuthenticatable's #update_with_password and #update_without_password is deprecated and will be removed in the next major version. It was added to support a feature deprecated in Rails 4, so you can safely remove it from your code. (by ihatov08)
    • The DeviseHelper.devise_error_messages! is deprecated and will be removed in the next major version. Use the devise/shared/error_messages partial instead. (by mracos)
Commits
  • 4501682 Prepare for 4.6.0 release
  • 337db5a Update CHANGELOG.md [ci skip]
  • a921c10 Merge pull request #5018 from plataformatec/frg-fix-webrat-warning
  • 101e50f Fix webrat warnings
  • 6064ca8 Merge pull request #5014 from plataformatec/frg-fix-test-setup
  • 2dd3225 Fix bin/test to use Rails::TestUnit
  • e72839f Merge pull request #5011 from plataformatec/frg-fix-sqlite-warning
  • 45438fc Fix SQLite3 warning
  • f332911 Update README to help run tests [ci skip] (#5012)
  • 369ba26 removing white space in devise generator new.html.erb (#5010)
  • Additional commits viewable in compare view

Merge request reports