AtHeartEngineer/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-08 23:28:00 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
dd7ee27f74f919eacc48337c966cdcb648d9e2f0
devise/CHANGELOG.md
Carlos Antonio da Silva dd7ee27f74 Bring back Mongoid official support (#5568) 
Devise hasn't been tested with Mongoid since Rails version 5, only 4.x was still running those tests.

This enables the tests again on all currently supported Rails versions, with their respective mongoid supported versions. There were a couple of minor tweaks to make it happen, namely:

* The way we were dropping the session before doesn't work in later versions so I changed back to calling `purge!` which appears to work fine. We used to call `Mongoid.purge!` but that changed in #4686.
* Some of the configs in the Rails test app were setting Active Record values when outside of the AR ORM tests, updated those to make sure they are not set when running mongoid ORM tests.
* The validations added to the shared admin code in tests were only checking for Rails version 5.1, but we need to use the same check for AR 5.1 that is used in code, otherwise it will try to use methods not available in mongoid there.
2025-10-31 11:16:02 -03:00

1.9 KiB
Raw Blame History

Unreleased

  • breaking changes

    • Drop support to Ruby < 2.7

    • Drop support to Rails < 7.0

    • Remove SecretKeyFinder and use app.secret_key_base as the default secret key for Devise.secret_key if a custom Devise.secret_key is not provided.

      This is potentially a breaking change because Devise previously used the following order to find a secret key:

      app.credentials.secret_key_base > app.secrets.secret_key_base > application.config.secret_key_base > application.secret_key_base

      Now, it always uses application.secret_key_base. Make sure you're using the same secret key after the upgrade; otherwise, previously generated tokens for recoverable, lockable, and confirmable will be invalid. https://github.com/heartcombo/devise/pull/5645

  • enhancements

    • Removed deprecations warning output for Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION (@soartec-lab)

    • Add Rails 8 support.

      • Routes are lazy-loaded by default in test and development environments now so Devise loads them before Devise.mappings call.

    • Add Ruby 3.4 support.

    • Password length validator is changed from

      validates_length_of :password, within: password_length, allow_blank: true`

      to

      validates_length_of :password, minimum: proc { password_length.min }, maximum: proc { password_length.max }, allow_blank: true

      so it's possible to override password_length at runtime. (@manojmj92)

    • Reenable Mongoid test suite across all Rails 7+ versions, to ensure we continue supporting it. Changes to dirty tracking to support Mongoid 8.0+. #5568

  • bug fixes

    • Make Devise work without ActionMailer when Zeitwerk autoloader is used.

Please check 4-stable for previous changes.

Reference in New Issue View Git Blame Copy Permalink