AtHeartEngineer/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-09 23:58:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Release v3.5.1

Browse Source
This commit is contained in:
José Valim
2015-05-26 15:10:29 +02:00
parent e641b4b7b9
commit 42c1ad3c78
3 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGELOG.md
View File

@@ -1,4 +1,10 @@
### 3.5.0 - 2015-05-23
### 3.5.1 - 2015-05-24
Note: 3.5.0 has been yanked due to a regression
* security improvements
* Clean up reset password token whenever e-mail or password changes. thanks to George Deglin & Dennis Charles Hackethal for reporting this bug
* Ensure empty `authenticable_salt` cannot be used as remember token. This bug can only affect users who manually implement their own `authenticable_salt` and allow empty values as salt
* enhancements
* The hint about minimum password length required both `@validatable` and `@minimum_password_length` variables on the views, it now uses only the latter. If you have generated the views relying on the `@validatable` variable, replace it with `@minimum_password_length`.