Version: 4.4.1-bp150.2.4
* Thu Feb 08 2018 factory-auto@kulow.org
- updated to version 4.4.1
see installed CHANGELOG.md
[#]## 4.4.1 - 2018-01-23
* bug fixes
* Ensure Gemspec is loaded as utf-8. (by @segiddins)
* Fix `ActiveRecord` check on `Confirmable`. (by @tegon)
* Fix `signed_in?` docs without running auth hooks. by (@machty)
* Tue Jan 16 2018 msabate@suse.com
- Updated to version 4.4.0
* enhancements
* Add `frozen_string_literal` pragma comment to all Ruby files. (by @pat)
* Use `set_flash_method!` instead of `set_flash_method` in `Devise::OmniauthCallbacksController#failure`. (by @saichander17)
* Clarify how `store_location_for` modifies URIs. (by @olivierlacan)
* Move `failed_attempts` increment into its own function. by (@mobilutz)
* Add `autocomplete="email"` to email fields. by (@MikeRogers0)
* Add the ability to change the default migrations path introduced in Rails 5.0.3. (by @alexhifer)
* Delete unnecessary condition for helper method. (by @davydovanton)
* Support `id: :uuid` option for migrations. (by @filip373)
* bug fixes
* Fix syntax for MRI 2.5.0. (by @pat)
* Validations were being ignored on singup in the `Trackable#update_tracked_fields!` method. (by @AshleyFoster)
* Do not modify options for `#serializable_hash`. (by @guigs)
* Email confirmations were being sent on sign in/sign out for application using `mongoid` and `mongoid-paperclip` gems. This is because previously we were checking if a model is from Active Record by checking if the method `after_commit` was defined - since `mongoid` doesn' have one - but `mongoid-paperclip` gem does define one, which cause this issue. (by @fjg)
* Tue Jan 09 2018 coolo@suse.com
- updated to version 4.4.0
see installed CHANGELOG.md
[#]## Unreleased
[#]## 4.4.0 - 2017-12-29
* enhancements
* Add `frozen_string_literal` pragma comment to all Ruby files. (by @pat)
* Use `set_flash_method!` instead of `set_flash_method` in `Devise::OmniauthCallbacksController#failure`. (by @saichander17)
* Clarify how `store_location_for` modifies URIs. (by @olivierlacan)
* Move `failed_attempts` increment into its own function. by (@mobilutz)
* Add `autocomplete="email"` to email fields. by (@MikeRogers0)
* Add the ability to change the default migrations path introduced in Rails 5.0.3. (by @alexhifer)
* Delete unnecessary condition for helper method. (by @davydovanton)
* Support `id: :uuid` option for migrations. (by @filip373)
* bug fixes
* Fix syntax for MRI 2.5.0. (by @pat)
* Validations were being ignored on singup in the `Trackable#update_tracked_fields!` method. (by @AshleyFoster)
* Do not modify options for `#serializable_hash`. (by @guigs)
* Email confirmations were being sent on sign in/sign out for application using `mongoid` and `mongoid-paperclip` gems. This is because previously we were checking if a model is from Active Record by checking if the method `after_commit` was defined - since `mongoid` doesn' have one - but `mongoid-paperclip` gem does define one, which cause this issue. (by @fjg)
* Tue May 23 2017 coolo@suse.com
- updated to version 4.3.0
see installed CHANGELOG.md
[#]## 4.3.0 - 2017-05-14
* Enhancements
* Dependency support added for Rails 5.1.x.
* Thu Mar 16 2017 coolo@suse.com
- updated to version 4.2.1
see installed CHANGELOG.md
* Sat Jul 02 2016 coolo@suse.com
- updated to version 4.2.0
see installed CHANGELOG.md
[#]## Unreleased
[#]## 4.2.0 - 2016-07-01
* removals
* Remove the deprecated `Devise::ParameterSanitizer` API from Devise 3.
Please use the `#permit` and `#sanitize` methods over `#for`.
* Remove the deprecated OmniAuth URL helpers. Use the fully qualified helpers
(`user_facebook_omniauth_authorize_path`) over the scope based helpers
( `user_omniauth_authorize_path(:facebook)`).
* Remove the `Devise.bcrypt` method, use `Devise::Encryptor.digest` instead.
* Remove the `Devise::Models::Confirmable#confirm!` method, use `confirm` instead.
* Remove the `Devise::Models::Recoverable#reset_password!` method, use `reset_password` instead.
* Remove the `Devise::Models::Recoverable#after_password_reset` method.
* bug fixes
* Fix an `ActionDispatch::IllegalStateError` when testing controllers with Rails 5 rc 2(by @hamadata).
* Use `ActiveSupport.on_load` hooks to include Devise on `ActiveRecord` and `Mongoid`,
avoiding autoloading these constants too soon (by @lucasmazza, @rafaelfranca).
* enhancements
* Display the minimum password length on `registrations/edit` view (by @Yanchek99).
* You can disable Devise's routes reloading on boot by through the `reload_routes = false` config.
This can reduce the time taken to boot the application but it might trigger
some errors if you application (mostly your controllers) requires that
Devise mappings be loaded during boot time (by @sidonath).
* Added `Devise::Test::IntegrationHelpers` to bypass the sign in process using
Warden test API (by @lucasmazza).
* Define `inspect` in `Devise::Models::Authenticatable` to help ensure password hashes
aren't included in exceptions or otherwise accidentally serialized (by @tkrajcar).
* Add missing support of `Rails.application.config.action_controller.relative_url_root` (by @kosdiamantis).
* deprecations
* `Devise::TestHelpers` is deprecated in favor of `Devise::Test::ControllerHelpers`
(by @lucasmazza).
* The `sign_in` test helper has changed to use keyword arguments when passing
a scope. `sign_in :admin, users(:alice)` should be rewritten as
`sign_in users(:alice), scope: :admin` (by @lucasmazza).
* The option `bypass` of `Devise::Controllers::SignInOut#sign_in` method is
deprecated in favor of `Devise::Controllers::SignInOut#bypass_sign_in`
method (by @ulissesalmeida).
* Sat May 21 2016 coolo@suse.com
- updated to version 4.1.1
see installed CHANGELOG.md
* Tue Apr 19 2016 coolo@suse.com
- updated to version 4.0.0
see installed CHANGELOG.md
* Tue Feb 02 2016 coolo@suse.com
- updated to version 3.5.6
see installed CHANGELOG.md
[#]## 3.5.6 - 2016-01-02
* bug fixes
* Fix type coercion of the rememberable timestamp stored on cookies.
* Mon Jan 25 2016 coolo@suse.com
- updated to version 3.5.5
see installed CHANGELOG.md
[#]## 3.5.5 - 2016-22-01
* bug fixes
* Bring back remember_expired? implementation
* Ensure timeouts are not triggered if remember me is being used
* Thu Jan 21 2016 coolo@suse.com
- updated to version 3.5.4
see installed CHANGELOG.md
* Sat Dec 12 2015 coolo@suse.com
- updated to version 3.5.3
see installed CHANGELOG.md
[#]## Unreleased
[#]## 3.5.3 - 2015-12-10
* bug fixes
* Fix password reset for records where `confirmation_required?` is disabled and
`confirmation_sent_at` is nil. (by @andygeers)
* Allow resources with no `email` field to be recoverable (and do not clear the
reset password token if the model was already persisted). (by @seddy, @stanhu)
* enhancements
* Upon setting `Devise.send_password_change_notification = true` a user will receive notification when their password has been changed.
* Tue Aug 11 2015 coolo@suse.com
- updated to version 3.5.2
see installed CHANGELOG.md
[#]## 3.5.2 - 2015-08-10
* enhancements
* Perform case insensitive basic authorization matching
* Big fixes
* Do not use digests for password confirmation token
* Fix infinite redirect in Rails 4.2 authenticated routes
* Autoload Devise::Encryptor to avoid errors on thread-safe mode
* Thu May 28 2015 coolo@suse.com
- updated to version 3.5.1
see installed CHANGELOG.md
* Tue Feb 10 2015 coolo@suse.com
- updated to version 3.4.1
* Mon Oct 13 2014 coolo@suse.com
- adapt to new rubygem packaging
* Tue Mar 18 2014 coolo@suse.com
- updated to version 3.2.4
* enchancements
* `bcrypt` dependency updated due https://github.com/codahale/bcrypt-ruby/pull/86.
* View generator now can generate specific views with the `-v` flag, like `rails g devise:views -v sessions` (by @kayline)
* Sat Feb 22 2014 coolo@suse.com
- updated to version 3.2.3
* enhancements
* Devise will use the `secret_key_base` on Rails 4+ applications as its `secret_key`.
You can change this and use your own secret by changing the `devise.rb` initializer.
* bug fix
* Migrations will be properly generated when using rails 4.1.0.
* Tue Nov 26 2013 coolo@suse.com
- updated to version 3.2.2
* bug fix
* Ensure timeoutable works when `sign_out_all_scopes` is false (by @louman)
* Keep the query string when storing location (by @csexton)
* Require rails generator base class in devise generators
* Fri Nov 22 2013 coolo@suse.com
- updated to version 3.2.1
Security announcement: http://blog.plataformatec.com.br/2013/11/e-mail-enumeration-in-devise-in-paranoid-mode
* enhancements
* Add `store_location_for` helper and ensure it is safe (by @matthewrudy and @homakov)
* Add `yield` around resource methods in Devise controllers (by @edelpero)
* bug fix
* Bring `password_digest` back to fix compatibility with `devise-encryptable`
* Avoid e-mail enumeration on sign in when in paranoid mode
[#]## 3.2.0
* enhancements
* Previously deprecated token authenticatable and insecure lookups have been removed
* Add a class method so you can encrypt passwords from fixtures (by @tenderlove)
* Send custom message when user enters invalid password and it has only one attempt
to enter correct password before his account will be locked (by @Lightpower)
* Prevent mutation of values assigned to case and whitespace santitized members (by @iamvery)
* Separate redirects and flash messages in `navigational_formats` and `flashing_formats` (by @ssendev)
* bug fix
* A GET to sign_in page shouldn't extend the session (by @drewish)
* Splat the arguments to `strong_parameters#permit` to work around a limitation in the `strong_parameters` gem (by @memberful)
* Omniauth now uses `mapping.fullpath` when generating routes. This means if you call `devise_for :users` inside a scope, like `scope "/api"`, the scope will now apply to the omniauth route (by @AlexanderZaytsev)
* Ensure timeoutable hook respects `Devise.sign_out_all_scopes` configuration
* deprecations
* `expire_session_data_after_sign_in!` has been deprecated in favor of `expire_data_after_sign_in!`