Merge pull request #5600 from heartcombo/rm-drop-support-to-old-rubies-and-rails

Drop support to EOL rubies and Rails

.github/workflows/test.yml

@@ -11,176 +11,38 @@ jobs:
           - gemfiles/Gemfile-rails-7-0
           - gemfiles/Gemfile-rails-6-1
           - gemfiles/Gemfile-rails-6-0
-          - gemfiles/Gemfile-rails-5-2
-          - gemfiles/Gemfile-rails-5-1
-          - gemfiles/Gemfile-rails-5-0
-          - gemfiles/Gemfile-rails-4-2
-          - gemfiles/Gemfile-rails-4-1
         ruby:
           - '3.2'
           - '3.1'
           - '3.0'
           - '2.7'
-          - '2.6'
-          - '2.5'
-          - '2.4'
-          - '2.3'
-          - '2.2'
-          - '2.1'
         env:
           - DEVISE_ORM=active_record
           - DEVISE_ORM=mongoid
         exclude:
-          - gemfile: Gemfile
-            ruby: '2.6'
-          - gemfile: Gemfile
-            ruby: '2.5'
-          - gemfile: Gemfile
-            ruby: '2.4'
-          - gemfile: Gemfile
-            ruby: '2.3'
-          - gemfile: Gemfile
-            ruby: '2.2'
-          - gemfile: Gemfile
-            ruby: '2.1'
           - gemfile: Gemfile
             env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-main
-            ruby: '2.6'
-          - gemfile: gemfiles/Gemfile-rails-main
-            ruby: '2.5'
-          - gemfile: gemfiles/Gemfile-rails-main
-            ruby: '2.4'
-          - gemfile: gemfiles/Gemfile-rails-main
-            ruby: '2.3'
-          - gemfile: gemfiles/Gemfile-rails-main
-            ruby: '2.2'
-          - gemfile: gemfiles/Gemfile-rails-main
-            ruby: '2.1'
           - gemfile: gemfiles/Gemfile-rails-main
             env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.6'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.5'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.4'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.3'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.2'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.1'
           - gemfile: gemfiles/Gemfile-rails-7-0
             env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-6-1
-            ruby: '2.4'
-          - gemfile: gemfiles/Gemfile-rails-6-1
-            ruby: '2.3'
-          - gemfile: gemfiles/Gemfile-rails-6-1
-            ruby: '2.2'
-          - gemfile: gemfiles/Gemfile-rails-6-1
-            ruby: '2.1'
           - gemfile: gemfiles/Gemfile-rails-6-1
             env: DEVISE_ORM=mongoid
           - gemfile: gemfiles/Gemfile-rails-6-0
             ruby: '3.2'
           - gemfile: gemfiles/Gemfile-rails-6-0
             ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-6-0
-            ruby: '2.4'
-          - gemfile: gemfiles/Gemfile-rails-6-0
-            ruby: '2.3'
-          - gemfile: gemfiles/Gemfile-rails-6-0
-            ruby: '2.2'
-          - gemfile: gemfiles/Gemfile-rails-6-0
-            ruby: '2.1'
           - gemfile: gemfiles/Gemfile-rails-6-0
             env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-5-2
+    runs-on: ubuntu-latest
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '2.7'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '2.2'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '2.1'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '2.7'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '2.1'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '2.7'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '2.1'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '2.7'
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '2.6'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '2.7'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '2.6'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '2.5'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '2.4'
-    # TODO: lock `ubunty-20.04` due to older Ruby version compatibility, change to `ubuntu-latest` again when dropping older Ruby support.
-    # https://github.com/ruby/setup-ruby/issues/496#issuecomment-1520662740
-    runs-on: ubuntu-20.04
     env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
       BUNDLE_GEMFILE: ${{ matrix.gemfile }}
     steps:
       - uses: actions/checkout@v3
-      - name: Setup Bundler 1.x for Rails 4.x and Ruby <= 2.2
-        if: ${{ matrix.gemfile == 'gemfiles/Gemfile-rails-4-1' || matrix.gemfile == 'gemfiles/Gemfile-rails-4-2' || matrix.ruby <= '2.2' }}
-        run: echo "BUNDLER_VERSION=1.17.3" >> $GITHUB_ENV
-      - name: Setup Rubygems version as default for Ruby < 2.5
-        if: ${{ matrix.ruby < '2.5' }}
-        run: echo "RUBYGEMS_VERSION=default" >> $GITHUB_ENV
-      - name: Setup Rubygems version as 3.2.3 for Ruby 2.5
-        if: ${{ matrix.ruby == '2.5' }}
-        run: echo "RUBYGEMS_VERSION=3.2.3" >> $GITHUB_ENV
       - uses: ruby/setup-ruby@v1
         with:
           ruby-version: ${{ matrix.ruby }}
           bundler-cache: true # runs bundle install and caches installed gems automatically
-          bundler: ${{ env.BUNDLER_VERSION || 'default' }}
-          rubygems: ${{ env.RUBYGEMS_VERSION || 'latest' }}
       - uses: supercharge/mongodb-github-action@1.9.0
         if: ${{ matrix.env == 'DEVISE_ORM=mongoid' }}
       - run: bundle exec rake

CHANGELOG.md

@@ -1,5 +1,8 @@
 ### Unreleased
 
+* Drop support to Ruby < 2.7
+* Drop support to Rails < 6.0
+
 * enhancements
   * Removed deprecations warning output for `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` (@soartec-lab)
 

Gemfile.lock

@@ -13,7 +13,7 @@ PATH
     devise (4.9.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
+      railties (>= 6.0.0)
       responders
       warden (~> 1.2.3)
 

README.md

@@ -129,17 +129,17 @@ Please note that the command output will show the variable value being used.
 ### BUNDLE_GEMFILE
 We can use this variable to tell bundler what Gemfile it should use (instead of the one in the current directory).
 Inside the [gemfiles](https://github.com/heartcombo/devise/tree/main/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite breaks using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
-For example, if the tests broke using Ruby 2.4.2 and Rails 4.1, you can do the following:
+For example, if the tests broke using Ruby 3.0.0 and Rails 6.0, you can do the following:
 ```bash
-rbenv shell 2.4.2 # or rvm use 2.4.2
+rbenv shell 3.0.0 # or rvm use 3.0.0
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
+BUNDLE_GEMFILE=gemfiles/Gemfile-rails-6-0 bundle install
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bin/test
+BUNDLE_GEMFILE=gemfiles/Gemfile-rails-6-0 bin/test
 ```
 
 You can also combine both of them if the tests broke for Mongoid:
 ```bash
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
+BUNDLE_GEMFILE=gemfiles/Gemfile-rails-6-0 bundle install
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable DEVISE_ORM=mongoid bin/test
+BUNDLE_GEMFILE=gemfiles/Gemfile-rails-6-0 DEVISE_ORM=mongoid bin/test
 ```
 
 ### Running tests
@@ -172,7 +172,7 @@ Once you have solidified your understanding of Rails and authentication mechanis
 
 ## Getting started
 
-Devise 4.0 works with Rails 4.1 onwards. Run:
+Devise 4.0 works with Rails 6.0 onwards. Run:
 
 ```sh
 bundle add devise
@@ -644,7 +644,7 @@ Unlike controller tests, integration tests do not need to supply the
 `devise.mapping` `env` value, as the mapping can be inferred by the routes that
 are executed in your tests.
 
-You can read more about testing your Rails 3 - Rails 4 controllers with RSpec in the wiki:
+You can read more about testing your Rails controllers with RSpec in the wiki:
 
 * https://github.com/heartcombo/devise/wiki/How-To:-Test-controllers-with-Rails-(and-RSpec)
 
@@ -691,9 +691,9 @@ Alternatively, you can simply run the Devise generator.
 
 Keep in mind that those models will have completely different routes. They **do not** and **cannot** share the same controller for sign in, sign out and so on. In case you want to have different roles sharing the same actions, we recommend that you use a role-based approach, by either providing a role column or using a dedicated gem for authorization.
 
-### ActiveJob Integration
+### Active Job Integration
 
-If you are using Rails 4.2 and ActiveJob to deliver ActionMailer messages in the
+If you are using Active Job to deliver Action Mailer messages in the
 background through a queuing back-end, you can send Devise emails through your
 existing queue by overriding the `send_devise_notification` method in your model.
 

bin/test

@@ -1,17 +1,12 @@
 #!/usr/bin/env ruby
 $: << File.expand_path(File.expand_path('../../test', __FILE__))
 
-# Remove this begin/rescue once Rails 4 support is removed.
+require 'bundler/setup'
-begin
+require 'rails/test_unit/runner'
-  require 'bundler/setup'
+require 'rails/test_unit/reporter'
-  require 'rails/test_unit/runner'
+require 'rails/test_unit/line_filtering'
-  require 'rails/test_unit/reporter'
-  require 'rails/test_unit/line_filtering'
 
-  Rails::TestUnitReporter.executable = 'bin/test'
+Rails::TestUnitReporter.executable = 'bin/test'
 
-  Rails::TestUnit::Runner.parse_options(ARGV)
+Rails::TestUnit::Runner.parse_options(ARGV)
-  Rails::TestUnit::Runner.run(ARGV)
+Rails::TestUnit::Runner.run(ARGV)
-rescue LoadError
-  exec 'rake'
-end

devise.gemspec

@@ -25,12 +25,12 @@ Gem::Specification.new do |s|
 
   s.files         = Dir["{app,config,lib}/**/*", "CHANGELOG.md", "MIT-LICENSE", "README.md"]
   s.require_paths = ["lib"]
-  s.required_ruby_version = '>= 2.1.0'
+  s.required_ruby_version = '>= 2.7.0'
 
   s.add_dependency("warden", "~> 1.2.3")
   s.add_dependency("orm_adapter", "~> 0.1")
   s.add_dependency("bcrypt", "~> 3.0")
-  s.add_dependency("railties", ">= 4.1.0")
+  s.add_dependency("railties", ">= 6.0.0")
   s.add_dependency("responders")
 
   s.post_install_message = %q{

gemfiles/Gemfile-rails-4-1

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-source "https://rubygems.org"
-
-git_source(:github) do |repo_name|
-  repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?('/')
-  "https://github.com/#{repo_name}.git"
-end
-
-gemspec path: ".."
-
-gem "rails", github: "rails/rails", branch: "4-1-stable"
-gem "omniauth"
-gem "omniauth-oauth2"
-gem "rdoc", "~> 5.1"
-# Force this version because it's breaking on CI since a higher nokogiri version requires Ruby 2.3+.
-gem "nokogiri", "1.9.1"
-
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid"
-  gem "timecop"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 2.1", require: false
-  gem 'test_after_commit', require: false
-end
-
-platforms :jruby do
-  gem "activerecord-jdbc-adapter"
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jruby-openssl"
-end
-
-platforms :ruby do
-  gem "sqlite3", "~> 1.3.6"
-end
-
-group :mongoid do
-  gem "mongoid", "~> 4.0"
-end
-
-if RUBY_VERSION < "2.3.0"
-  # We're getting version 2.2.0 which doesn't play nice with Ruby 2.2, using
-  # `Object.deprecate_constant` which isn't available.
-  gem "multipart-post", "2.1.1"
-end
-
-# There's a build incompatibility issue with nokogiri and loofah
-gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-4-2

@@ -1,48 +0,0 @@
-# frozen_string_literal: true
-
-source "https://rubygems.org"
-
-git_source(:github) do |repo_name|
-  repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?('/')
-  "https://github.com/#{repo_name}.git"
-end
-
-gemspec path: ".."
-
-gem "rails", github: "rails/rails", branch: "4-2-stable"
-gem "omniauth"
-gem "omniauth-oauth2"
-gem "rdoc", "~> 5.1"
-gem "nokogiri", "1.9.1"
-
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid"
-  gem "timecop"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 2.1", require: false
-  gem 'test_after_commit', require: false
-end
-
-platforms :jruby do
-  gem "activerecord-jdbc-adapter"
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jruby-openssl"
-end
-
-platforms :ruby do
-  gem "sqlite3", "~> 1.3.6"
-end
-
-group :mongoid do
-  gem "mongoid", "~> 4.0"
-end
-
-if RUBY_VERSION < "2.3.0"
-  # We're getting version 2.2.0 which doesn't play nice with Ruby 2.2, using
-  # `Object.deprecate_constant` which isn't available.
-  gem "multipart-post", "2.1.1"
-end
-
-# There's a build incompatibility issue with nokogiri and loofah
-gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-5-0

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-source "https://rubygems.org"
-
-gemspec path: ".."
-
-gem "rails", '~> 5.0.0'
-gem "omniauth"
-gem "omniauth-oauth2"
-gem "rdoc"
-
-gem "rails-controller-testing"
-
-gem "responders", "~> 2.1"
-
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid"
-  gem "timecop"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 2.1", require: false
-end
-
-platforms :ruby do
-  gem "sqlite3", "~> 1.3.6"
-end
-
-# TODO:
-# group :mongoid do
-#   gem "mongoid", "~> 4.0.0"
-# end
-
-if RUBY_VERSION < "2.3.0"
-  # We're getting version 2.2.0 which doesn't play nice with Ruby 2.2, using
-  # `Object.deprecate_constant` which isn't available.
-  gem "multipart-post", "2.1.1"
-end
-
-# There's a build incompatibility issue with nokogiri and loofah
-gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-5-1

@@ -1,33 +0,0 @@
-source "https://rubygems.org"
-
-gemspec path: ".."
-
-gem "rails", '~> 5.1.0'
-gem "omniauth"
-gem "omniauth-oauth2"
-gem "rdoc"
-
-gem "rails-controller-testing"
-
-gem "responders", "~> 2.1"
-
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid"
-  gem "timecop"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 2.1", require: false
-end
-
-platforms :ruby do
-  gem "sqlite3", "~> 1.3.6"
-end
-
-if RUBY_VERSION < "2.3.0"
-  # We're getting version 2.2.0 which doesn't play nice with Ruby 2.2, using
-  # `Object.deprecate_constant` which isn't available.
-  gem "multipart-post", "2.1.1"
-end
-
-# There's a build incompatibility issue with nokogiri and loofah
-gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-5-2

@@ -1,27 +0,0 @@
-source "https://rubygems.org"
-
-gemspec path: ".."
-
-gem "rails", '~> 5.2.0'
-gem "omniauth"
-gem "omniauth-oauth2"
-gem "rdoc"
-
-gem "rails-controller-testing"
-
-gem "responders", "~> 2.1"
-
-group :test do
-  gem "omniauth-facebook"
-  gem "omniauth-openid"
-  gem "timecop"
-  gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 2.1", require: false
-end
-
-platforms :ruby do
-  gem "sqlite3", "~> 1.3.6"
-end
-
-# There's a build incompatibility issue with nokogiri and loofah
-gem "loofah", "~> 2.20.0"

lib/devise/controllers/sign_in_out.rb

@@ -106,12 +106,6 @@ module Devise
       private
 
       def expire_data_after_sign_in!
-        # TODO: remove once Rails 5.2+ and forward are only supported.
-        # session.keys will return an empty array if the session is not yet loaded.
-        # This is a bug in both Rack and Rails.
-        # A call to #empty? forces the session to be loaded.
-        session.empty?
-
         session.keys.grep(/^devise\./).each { |k| session.delete(k) }
       end
 

lib/devise/failure_app.rb

@@ -149,7 +149,7 @@ module Devise
       opts  = {}
 
       # Initialize script_name with nil to prevent infinite loops in
-      # authenticated mounted engines in rails 4.2 and 5.0
+      # authenticated mounted engines
       opts[:script_name] = nil
 
       route = route(scope)
@@ -161,13 +161,6 @@ module Devise
 
       if relative_url_root?
         opts[:script_name] = relative_url_root
-
-      # We need to add the rootpath to `script_name` manually for applications that use a Rails
-      # version lower than 5.1. Otherwise, it is going to generate a wrong path for Engines
-      # that use Devise. Remove it when the support of Rails 5.0 is dropped.
-      elsif root_path_defined?(context) && !rails_51_and_up?
-        rootpath = context.routes.url_helpers.root_path
-        opts[:script_name] = rootpath.chomp('/') if rootpath.length > 1
       end
 
       if context.respond_to?(route)
@@ -283,15 +276,5 @@ module Devise
     end
 
     ActiveSupport.run_load_hooks(:devise_failure_app, self)
-
-    private
-
-    def root_path_defined?(context)
-      defined?(context.routes) && context.routes.url_helpers.respond_to?(:root_path)
-    end
-
-    def rails_51_and_up?
-      Rails.gem_version >= Gem::Version.new("5.1")
-    end
   end
 end

lib/devise/models/authenticatable.rb

@@ -2,7 +2,6 @@
 
 require 'devise/hooks/activatable'
 require 'devise/hooks/csrf_cleaner'
-require 'devise/rails/deprecated_constant_accessor'
 
 module Devise
   module Models
@@ -184,11 +183,8 @@ module Devise
       #         # Deliver later with Active Job's `deliver_later`
       #         if message.respond_to?(:deliver_later)
       #           message.deliver_later
-      #         # Remove once we move to Rails 4.2+ only, as `deliver` is deprecated.
-      #         elsif message.respond_to?(:deliver_now)
-      #           message.deliver_now
       #         else
-      #           message.deliver
+      #           message.deliver_now
       #         end
       #       end
       #
@@ -196,12 +192,7 @@ module Devise
       #
       def send_devise_notification(notification, *args)
         message = devise_mailer.send(notification, self, *args)
-        # Remove once we move to Rails 4.2+ only.
-        if message.respond_to?(:deliver_now)
         message.deliver_now
-        else
-          message.deliver
-        end
       end
 
       def downcase_keys

lib/devise/models/database_authenticatable.rb

@@ -84,16 +84,7 @@ module Devise
       # users to change relevant information like the e-mail without changing
       # their password). In case the password field is rejected, the confirmation
       # is also rejected as long as it is also blank.
-      def update_with_password(params, *options)
+      def update_with_password(params)
-        if options.present?
-          Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
-            [Devise] The second argument of `DatabaseAuthenticatable#update_with_password`
-            (`options`) is deprecated and it will be removed in the next major version.
-            It was added to support a feature deprecated in Rails 4, so you can safely remove it
-            from your code.
-          DEPRECATION
-        end
-
         current_password = params.delete(:current_password)
 
         if params[:password].blank?
@@ -102,9 +93,9 @@ module Devise
         end
 
         result = if valid_password?(current_password)
-          update(params, *options)
+          update(params)
         else
-          assign_attributes(params, *options)
+          assign_attributes(params)
           valid?
           errors.add(:current_password, current_password.blank? ? :blank : :invalid)
           false
@@ -121,25 +112,16 @@ module Devise
       #
       # Example:
       #
-      #   def update_without_password(params, *options)
+      #   def update_without_password(params)
       #     params.delete(:email)
       #     super(params)
       #   end
       #
-      def update_without_password(params, *options)
+      def update_without_password(params)
-        if options.present?
-          Devise.deprecator.warn <<-DEPRECATION.strip_heredoc
-            [Devise] The second argument of `DatabaseAuthenticatable#update_without_password`
-            (`options`) is deprecated and it will be removed in the next major version.
-            It was added to support a feature deprecated in Rails 4, so you can safely remove it
-            from your code.
-          DEPRECATION
-        end
-
         params.delete(:password)
         params.delete(:password_confirmation)
 
-        result = update(params, *options)
+        result = update(params)
         clean_up_passwords
         result
       end

lib/devise/orm.rb

@@ -4,19 +4,11 @@ module Devise
       defined?(ActiveRecord) && model < ActiveRecord::Base
     end
 
-    def self.active_record_51?(model)
-      active_record?(model) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
-    end
-
     def self.included(model)
-      if Devise::Orm.active_record_51?(model)
+      model.include DirtyTrackingMethods
-        model.include DirtyTrackingNewMethods
-      else
-        model.include DirtyTrackingOldMethods
-      end
     end
 
-    module DirtyTrackingNewMethods
+    module DirtyTrackingMethods
       def devise_email_before_last_save
         email_before_last_save
       end
@@ -41,31 +33,5 @@ module Devise
         respond_to?("will_save_change_to_#{attribute}?") && send("will_save_change_to_#{attribute}?")
       end
     end
-
-    module DirtyTrackingOldMethods
-      def devise_email_before_last_save
-        email_was
-      end
-
-      def devise_email_in_database
-        email_was
-      end
-
-      def devise_saved_change_to_email?
-        email_changed?
-      end
-
-      def devise_saved_change_to_encrypted_password?
-        encrypted_password_changed?
-      end
-
-      def devise_will_save_change_to_email?
-        email_changed?
-      end
-
-      def devise_respond_to_and_will_save_change_to_attribute?(attribute)
-        respond_to?("#{attribute}_changed?") && send("#{attribute}_changed?")
-      end
-    end
   end
 end

lib/devise/parameter_sanitizer.rb

@@ -130,8 +130,7 @@ module Devise
     #
     # Returns an +ActiveSupport::HashWithIndifferentAccess+.
     def cast_to_hash(params)
-      # TODO: Remove the `with_indifferent_access` method call when we only support Rails 5+.
+      params && params.to_h
-      params && params.to_h.with_indifferent_access
     end
 
     def default_params

lib/devise/rails/deprecated_constant_accessor.rb

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-begin
-  require 'active_support/deprecation/constant_accessor'
-
-  module Devise
-    DeprecatedConstantAccessor = ActiveSupport::Deprecation::DeprecatedConstantAccessor #:nodoc:
-  end
-rescue LoadError
-
-  # Copy of constant deprecation module from Rails / Active Support version 6, so we can use it
-  # with Rails <= 5.0 versions. This can be removed once we support only Rails 5.1 or greater.
-  module Devise
-    module DeprecatedConstantAccessor #:nodoc:
-      def self.included(base)
-        require "active_support/inflector/methods"
-
-        extension = Module.new do
-          def const_missing(missing_const_name)
-            if class_variable_defined?(:@@_deprecated_constants)
-              if (replacement = class_variable_get(:@@_deprecated_constants)[missing_const_name.to_s])
-                replacement[:deprecator].warn(replacement[:message] || "#{name}::#{missing_const_name} is deprecated! Use #{replacement[:new]} instead.", Rails::VERSION::MAJOR == 4 ? caller : caller_locations)
-                return ActiveSupport::Inflector.constantize(replacement[:new].to_s)
-              end
-            end
-            super
-          end
-
-          def deprecate_constant(const_name, new_constant, message: nil, deprecator: Devise.deprecator)
-            class_variable_set(:@@_deprecated_constants, {}) unless class_variable_defined?(:@@_deprecated_constants)
-            class_variable_get(:@@_deprecated_constants)[const_name.to_s] = { new: new_constant, message: message, deprecator: deprecator }
-          end
-        end
-        base.singleton_class.prepend extension
-      end
-    end
-  end
-
-end

lib/devise/test/controller_helpers.rb

@@ -141,7 +141,6 @@ module Devise
 
           status, headers, response = Devise.warden_config[:failure_app].call(env).to_a
           @controller.response.headers.merge!(headers)
-          @controller.response.content_type = headers["Content-Type"] unless Rails::VERSION::MAJOR >= 5
           @controller.status = status
           @controller.response_body = response.body
           nil # causes process return @response

lib/generators/active_record/devise_generator.rb

@@ -82,10 +82,6 @@ RUBY
         postgresql?
       end
 
-      def rails5_and_up?
-        Rails::VERSION::MAJOR >= 5
-      end
-
       def rails61_and_up?
         Rails::VERSION::MAJOR > 6 || (Rails::VERSION::MAJOR == 6 && Rails::VERSION::MINOR >= 1)
       end
@@ -107,13 +103,11 @@ RUBY
       end
 
       def migration_version
-       if rails5_and_up?
         "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
       end
-     end
 
      def primary_key_type
-       primary_key_string if rails5_and_up?
+       primary_key_string
      end
 
      def primary_key_string

test/generators/active_record_generator_test.rb

@@ -20,11 +20,7 @@ if DEVISE_ORM == :active_record
       Rails.application.config.paths.add "db/migrate", with: "db2/migrate"
 
       run_generator %w(monster)
-      if Rails.version >= '5.0.3'
       assert_migration "db2/migrate/devise_create_monsters.rb", /def change/
-      else
-        assert_migration "db/migrate/devise_create_monsters.rb", /def change/
-      end
 
       Rails.application.config.paths["db/migrate"] = old_paths
     end
@@ -49,11 +45,7 @@ if DEVISE_ORM == :active_record
       assert_file "app/models/monster.rb"
       run_generator %w(monster)
 
-      if Rails.version >= '5.0.3'
       assert_migration "db2/migrate/add_devise_to_monsters.rb"
-      else
-        assert_migration "db/migrate/add_devise_to_monsters.rb"
-      end
 
       Rails.application.config.paths["db/migrate"] = old_paths
     end
@@ -84,11 +76,7 @@ if DEVISE_ORM == :active_record
 
     test "add primary key type with rails 5 when specified in rails generator" do
       run_generator ["monster", "--primary_key_type=uuid"]
-      if Devise::Test.rails5_and_up?
       assert_migration "db/migrate/devise_create_monsters.rb", /create_table :monsters, id: :uuid do/
-      else
-        assert_migration "db/migrate/devise_create_monsters.rb", /create_table :monsters do/
-      end
     end
   end
 

test/integration/rememberable_test.rb

@@ -12,13 +12,7 @@ class RememberMeTest < Devise::IntegrationTest
   end
 
   def generate_signed_cookie(raw_cookie)
-    request = if Devise::Test.rails51? || Devise::Test.rails52_and_up?
+    request = ActionController::TestRequest.create(Class.new) # needs a "controller class"
-      ActionController::TestRequest.create(Class.new) # needs a "controller class"
-    elsif Devise::Test.rails5?
-      ActionController::TestRequest.create
-    else
-      ActionController::TestRequest.new
-    end
     request.cookie_jar.signed['raw_cookie'] = raw_cookie
     request.cookie_jar['raw_cookie']
   end

test/orm/active_record.rb

@@ -7,22 +7,11 @@ ActiveRecord::Base.include_root_in_json = true
 migrate_path = File.expand_path("../../rails_app/db/migrate/", __FILE__)
 if Devise::Test.rails71_and_up?
   ActiveRecord::MigrationContext.new(migrate_path).migrate
-elsif Devise::Test.rails6_and_up?
-  ActiveRecord::MigrationContext.new(migrate_path, ActiveRecord::SchemaMigration).migrate
-elsif Devise::Test.rails52_and_up?
-  ActiveRecord::MigrationContext.new(migrate_path).migrate
 else
-  ActiveRecord::Migrator.migrate(migrate_path)
+  ActiveRecord::MigrationContext.new(migrate_path, ActiveRecord::SchemaMigration).migrate
 end
 
 class ActiveSupport::TestCase
-  if Devise::Test.rails5_and_up?
   self.use_transactional_tests = true
-  else
-    # Let `after_commit` work with transactional fixtures, however this is not needed for Rails 5.
-    require 'test_after_commit'
-    self.use_transactional_fixtures = true
-  end
-
   self.use_instantiated_fixtures  = false
 end

test/rails_app/app/controllers/home_controller.rb

@@ -22,10 +22,6 @@ class HomeController < ApplicationController
   end
 
   def unauthenticated
-    if Devise::Test.rails5_and_up?
     render body: "unauthenticated", status: :unauthorized
-    else
-      render text: "unauthenticated", status: :unauthorized
-    end
   end
 end

test/rails_app/app/controllers/streaming_controller.rb

@@ -6,18 +6,6 @@ class StreamingController < ApplicationController
   before_action :authenticate_user!
 
   def index
-    render (Devise::Test.rails5_and_up? ? :body : :text) => 'Index'
+    render body: 'Index'
-  end
-
-  # Work around https://github.com/heartcombo/devise/issues/2332, which affects
-  # tests in Rails 4.x (and affects production in Rails >= 5)
-  def process(name)
-    super(name)
-  rescue ArgumentError => e
-    if e.message == 'uncaught throw :warden'
-      throw :warden
-    else
-      raise e
-    end
   end
 end

test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb

@@ -11,6 +11,6 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
     user = User.to_adapter.find_first(email: 'user@test.com')
     user.remember_me = true
     sign_in user
-    render (Devise::Test.rails5_and_up? ? :body : :text) => ""
+    render body: ""
   end
 end

test/rails_app/app/controllers/users_controller.rb

@@ -16,7 +16,7 @@ class UsersController < ApplicationController
   end
 
   def update_form
-    render (Devise::Test.rails5_and_up? ? :body : :text) => 'Update'
+    render body: 'Update'
   end
 
   def accept
@@ -24,11 +24,11 @@ class UsersController < ApplicationController
   end
 
   def exhibit
-    render (Devise::Test.rails5_and_up? ? :body : :text) => current_user ? "User is authenticated" : "User is not authenticated"
+    render body: current_user ? "User is authenticated" : "User is not authenticated"
   end
 
   def expire
     user_session['last_request_at'] = 31.minutes.ago.utc
-    render (Devise::Test.rails5_and_up? ? :body : :text) => 'User will be expired on next request'
+    render body: 'User will be expired on next request'
   end
 end

test/rails_app/config/application.rb

@@ -33,23 +33,12 @@ module RailsApp
     # config.assets.enabled = false
 
     config.action_mailer.default_url_options = { host: "localhost", port: 3000 }
-    rails_version = Gem::Version.new(Rails.version)
-    if DEVISE_ORM == :active_record &&
-       rails_version >= Gem::Version.new('4.2.0') &&
-       rails_version < Gem::Version.new('5.1.0')
-      config.active_record.raise_in_transactional_callbacks = true
-    end
 
     # This was used to break devise in some situations
     config.to_prepare do
       Devise::SessionsController.layout "application"
     end
 
-    # Remove the first check once Rails 5.0 support is removed.
-    if Devise::Test.rails52_and_up? && !Devise::Test.rails6_and_up?
-      Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true
-    end
-
     if Devise::Test.rails70?
       config.active_record.legacy_connection_handling = false
     end

test/rails_app/config/boot.rb

@@ -19,30 +19,6 @@ module Devise
     def self.rails70?
       Rails.version.start_with? '7.0'
     end
-
-    def self.rails6_and_up?
-      Rails::VERSION::MAJOR >= 6
-    end
-
-    def self.rails52_and_up?
-      Rails::VERSION::MAJOR > 5 || rails52?
-    end
-
-    def self.rails52?
-      Rails.version.start_with? '5.2'
-    end
-
-    def self.rails51?
-      Rails.version.start_with? '5.1'
-    end
-
-    def self.rails5_and_up?
-      Rails::VERSION::MAJOR >= 5
-    end
-
-    def self.rails5?
-      Rails.version.start_with? '5'
-    end
   end
 end
 

test/rails_app/config/environments/production.rb

@@ -22,13 +22,7 @@ RailsApp::Application.configure do
   # config.action_dispatch.rack_cache = true
 
   # Disable Rails's static asset server (Apache or nginx will already do this).
-  if Devise::Test.rails5_and_up?
   config.public_file_server.enabled = false
-  elsif Rails.version >= "4.2.0"
-    config.serve_static_files = false
-  else
-    config.serve_static_assets = false
-  end
 
   # Compress JavaScripts and CSS.
   config.assets.js_compressor  = :uglifier

test/rails_app/config/environments/test.rb

@@ -16,16 +16,8 @@ RailsApp::Application.configure do
 
   # Disable serving static files from the `/public` folder by default since
   # Apache or NGINX already handles this.
-  if Devise::Test.rails5_and_up?
   config.public_file_server.enabled = true
   config.public_file_server.headers = {'Cache-Control' => 'public, max-age=3600'}
-  elsif Rails.version >= "4.2.0"
-    config.serve_static_files = true
-    config.static_cache_control = "public, max-age=3600"
-  else
-    config.serve_static_assets = true
-    config.static_cache_control = "public, max-age=3600"
-  end
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true

test/rails_app/db/migrate/20100401102949_create_tables.rb

@@ -1,10 +1,6 @@
 # frozen_string_literal: true
 
-superclass = ActiveRecord::Migration
+class CreateTables < ActiveRecord::Migration[5.0]
-# TODO: Inherit from the 5.0 Migration class directly when we drop support for Rails 4.
-superclass = ActiveRecord::Migration[5.0] if superclass.respond_to?(:[])
-
-class CreateTables < superclass
   def self.up
     create_table :users do |t|
       t.string :username

test/routes_test.rb

@@ -205,7 +205,7 @@ class CustomizedRoutingTest < ActionController::TestCase
 
   test 'map with format false for sessions' do
     expected_params = {controller: 'devise/sessions', action: 'new'}
-    expected_params[:format] = false if Devise::Test.rails5_and_up?
+    expected_params[:format] = false
 
     assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in', method: :get})
     assert_raise ExpectedRoutingError do
@@ -215,7 +215,7 @@ class CustomizedRoutingTest < ActionController::TestCase
 
   test 'map with format false for passwords' do
     expected_params = {controller: 'devise/passwords', action: 'create'}
-    expected_params[:format] = false if Devise::Test.rails5_and_up?
+    expected_params[:format] = false
 
     assert_recognizes(expected_params, {path: '/htmlonly_admin/password', method: :post})
     assert_raise ExpectedRoutingError do
@@ -225,7 +225,7 @@ class CustomizedRoutingTest < ActionController::TestCase
 
   test 'map with format false for registrations' do
     expected_params = {controller: 'devise/registrations', action: 'new'}
-    expected_params[:format] = false if Devise::Test.rails5_and_up?
+    expected_params[:format] = false
 
     assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up', method: :get})
     assert_raise ExpectedRoutingError do
@@ -235,7 +235,7 @@ class CustomizedRoutingTest < ActionController::TestCase
 
   test 'map with format false for confirmations' do
     expected_params = {controller: 'devise/confirmations', action: 'show'}
-    expected_params[:format] = false if Devise::Test.rails5_and_up?
+    expected_params[:format] = false
 
     assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation', method: :get})
     assert_raise ExpectedRoutingError do
@@ -245,7 +245,7 @@ class CustomizedRoutingTest < ActionController::TestCase
 
   test 'map with format false for unlocks' do
     expected_params = {controller: 'devise/unlocks', action: 'show'}
-    expected_params[:format] = false if Devise::Test.rails5_and_up?
+    expected_params[:format] = false
 
     assert_recognizes(expected_params, {path: '/htmlonly_users/unlock', method: :get})
     assert_raise ExpectedRoutingError do

test/support/http_method_compatibility.rb

@@ -2,36 +2,8 @@
 
 module Devise
   class IntegrationTest < ActionDispatch::IntegrationTest
-    # %w( get post patch put head delete xml_http_request
-    #           xhr get_via_redirect post_via_redirect
-    #         ).each do |method|
-    unless Devise::Test.rails5_and_up?
-      %w( get post put ).each do |method|
-        define_method(method) do |url, options = {}|
-          if options[:xhr] == true
-            xml_http_request __method__, url, options[:params] || {}, options[:headers]
-          else
-            super url, options[:params] || {}, options[:headers]
-          end
-        end
-      end
-    end
   end
 
   class ControllerTestCase < ActionController::TestCase
-    # %w( get post patch put head delete xml_http_request
-    #           xhr get_via_redirect post_via_redirect
-    #         ).each do |method|
-    unless Devise::Test.rails5_and_up?
-      %w( get post put ).each do |method|
-        define_method(method) do |action, options = {}|
-          if options[:xhr] == true
-            xml_http_request __method__, action, options[:params] || {}, options[:headers]
-          else
-            super action, options[:params] || {}, options[:headers]
-          end
-        end
-      end
-    end
   end
 end

test/test/controller_helpers_test.rb

@@ -108,11 +108,7 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
   test "returns the content type of a failure app" do
     get :index, params: { format: :json }
 
-    if Devise::Test.rails6_and_up?
     assert_includes response.media_type, 'application/json'
-    else
-      assert_includes response.content_type, 'application/json'
-    end
   end
 
   test "defined Warden after_authentication callback should not be called when sign_in is called" do
@@ -181,13 +177,7 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
   test "creates a new warden proxy if the request object has changed" do
     old_warden_proxy = warden
 
-    @request = if Devise::Test.rails51? || Devise::Test.rails52_and_up?
+    @request = ActionController::TestRequest.create(Class.new) # needs a "controller class"
-      ActionController::TestRequest.create(Class.new) # needs a "controller class"
-    elsif Devise::Test.rails5?
-      ActionController::TestRequest.create
-    else
-      ActionController::TestRequest.new
-    end
 
     new_warden_proxy = warden
 

test/test_helper.rb

@@ -23,22 +23,6 @@ end
 if ActiveSupport.respond_to?(:test_order)
   ActiveSupport.test_order = :random
 end
-class ActiveSupport::TestCase
-  if ActiveSupport.version < Gem::Version.new("5.0")
-    def assert_deprecated(match, deprecator)
-      super(match) do
-        # TODO: remove extra begin..end when dropping support for Ruby <= 2.4
-        begin
-          behavior = deprecator.behavior
-          deprecator.behavior = ActiveSupport::Deprecation.behavior
-          yield
-        ensure
-          deprecator.behavior = behavior
-        end
-      end
-    end
-  end
-end
 
 OmniAuth.config.logger = Logger.new('/dev/null')