Merge branch '4-stable'

.github/workflows/test.yml

@@ -8,6 +8,7 @@ jobs:
         gemfile:
           - Gemfile
           - gemfiles/Gemfile-rails-main
+          - gemfiles/Gemfile-rails-7-0
           - gemfiles/Gemfile-rails-6-1
           - gemfiles/Gemfile-rails-6-0
           - gemfiles/Gemfile-rails-5-2
@@ -58,6 +59,20 @@ jobs:
             ruby: '2.1'
           - gemfile: gemfiles/Gemfile-rails-main
             env: DEVISE_ORM=mongoid
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            ruby: '2.6'
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            ruby: '2.5'
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            ruby: '2.4'
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            ruby: '2.3'
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            ruby: '2.2'
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            ruby: '2.1'
+          - gemfile: gemfiles/Gemfile-rails-7-0
+            env: DEVISE_ORM=mongoid
           - gemfile: gemfiles/Gemfile-rails-6-1
             ruby: '2.4'
           - gemfile: gemfiles/Gemfile-rails-6-1
@@ -144,13 +159,15 @@ jobs:
             ruby: '2.5'
           - gemfile: gemfiles/Gemfile-rails-4-1
             ruby: '2.4'
-    runs-on: ubuntu-latest
+    # TODO: lock `ubunty-20.04` due to older Ruby version compatibility, change to `ubuntu-latest` again when dropping older Ruby support.
+    # https://github.com/ruby/setup-ruby/issues/496#issuecomment-1520662740
+    runs-on: ubuntu-20.04
     env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
       BUNDLE_GEMFILE: ${{ matrix.gemfile }}
     steps:
       - uses: actions/checkout@v3
-      - name: Setup Bundler 1.x for Rails 4.x
+      - name: Setup Bundler 1.x for Rails 4.x and Ruby <= 2.2
-        if: ${{ matrix.gemfile == 'gemfiles/Gemfile-rails-4-1' || matrix.gemfile == 'gemfiles/Gemfile-rails-4-2' }}
+        if: ${{ matrix.gemfile == 'gemfiles/Gemfile-rails-4-1' || matrix.gemfile == 'gemfiles/Gemfile-rails-4-2' || matrix.ruby <= '2.2' }}
         run: echo "BUNDLER_VERSION=1.17.3" >> $GITHUB_ENV
       - name: Setup Rubygems version as default for Ruby < 2.5
         if: ${{ matrix.ruby < '2.5' }}

CHANGELOG.md

@@ -2,7 +2,12 @@
 
 * enhancements
   * Removed deprecations warning output for `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` (@soartec-lab)
-  * Changed to use a separate deprecator inside the gem. because `rails` 7.1 will deprecate using the singleton `ActiveSupport::Deprecation.instance` (@soartec-lab, @etiennebarrie)
+
+### 4.9.3 - 2023-10-11
+
+* enhancements
+  * Add support for Rails 7.1.
+  * Add `Devise.deprecator` to integrate with new application deprecators in Rails 7.1. (@soartec-lab, @etiennebarrie)
 
 ### 4.9.2 - 2023-04-03
 

Gemfile

@@ -4,7 +4,7 @@ source "https://rubygems.org"
 
 gemspec
 
-gem "rails", "~> 7.0.0"
+gem "rails", "~> 7.1.0"
 gem "omniauth"
 gem "omniauth-oauth2"
 gem "rdoc"
@@ -19,7 +19,7 @@ group :test do
   gem "rexml"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do

Gemfile.lock

@@ -1,6 +1,6 @@
 GIT
   remote: https://github.com/rails/rails-controller-testing.git
-  revision: 351c0162df0771c0c48e6a5a886c4c2f0a5d1a74
+  revision: c203673f8011a7cdc2a8edf995ae6b3eec3417ca
   specs:
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
@@ -10,7 +10,7 @@ GIT
 PATH
   remote: .
   specs:
-    devise (4.9.2)
+    devise (4.9.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -20,114 +20,133 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.4.3)
+    actioncable (7.1.0)
-      actionpack (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.4.3)
+      zeitwerk (~> 2.6)
-      actionpack (= 7.0.4.3)
+    actionmailbox (7.1.0)
-      activejob (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      activerecord (= 7.0.4.3)
+      activejob (= 7.1.0)
-      activestorage (= 7.0.4.3)
+      activerecord (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activestorage (= 7.1.0)
+      activesupport (= 7.1.0)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.0.4.3)
+    actionmailer (7.1.0)
-      actionpack (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      actionview (= 7.0.4.3)
+      actionview (= 7.1.0)
-      activejob (= 7.0.4.3)
+      activejob (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-    actionpack (7.0.4.3)
+    actionpack (7.1.0)
-      actionview (= 7.0.4.3)
+      actionview (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
-      rack (~> 2.0, >= 2.2.0)
+      nokogiri (>= 1.8.5)
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    actiontext (7.0.4.3)
+    actiontext (7.1.0)
-      actionpack (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      activerecord (= 7.0.4.3)
+      activerecord (= 7.1.0)
-      activestorage (= 7.0.4.3)
+      activestorage (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.4.3)
+    actionview (7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
       builder (~> 3.1)
-      erubi (~> 1.4)
+      erubi (~> 1.11)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    activejob (7.0.4.3)
+    activejob (7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
       globalid (>= 0.3.6)
-    activemodel (7.0.4.3)
+    activemodel (7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
-    activerecord (7.0.4.3)
+    activerecord (7.1.0)
-      activemodel (= 7.0.4.3)
+      activemodel (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activesupport (= 7.1.0)
-    activestorage (7.0.4.3)
+      timeout (>= 0.4.0)
-      actionpack (= 7.0.4.3)
+    activestorage (7.1.0)
-      activejob (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      activerecord (= 7.0.4.3)
+      activejob (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activerecord (= 7.1.0)
+      activesupport (= 7.1.0)
       marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
+    activesupport (7.1.0)
-    activesupport (7.0.4.3)
+      base64
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
+      mutex_m
       tzinfo (~> 2.0)
-    bcrypt (3.1.18)
+    base64 (0.1.1)
+    bcrypt (3.1.19)
+    bigdecimal (3.1.4)
     builder (3.2.4)
     concurrent-ruby (1.2.2)
+    connection_pool (2.4.1)
     crass (1.0.6)
     date (3.3.3)
+    drb (2.1.1)
+      ruby2_keywords
     erubi (1.12.0)
-    faraday (2.7.4)
+    faraday (2.7.11)
+      base64
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-net_http (3.0.2)
-    globalid (1.1.0)
+    globalid (1.2.1)
-      activesupport (>= 5.0)
+      activesupport (>= 6.1)
     hashie (5.0.0)
-    i18n (1.12.0)
+    i18n (1.14.1)
       concurrent-ruby (~> 1.0)
-    jwt (2.7.0)
+    io-console (0.6.0)
-    loofah (2.19.1)
+    irb (1.8.1)
+      rdoc
+      reline (>= 0.3.8)
+    jwt (2.7.1)
+    loofah (2.21.3)
       crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
+      nokogiri (>= 1.12.0)
     mail (2.8.1)
       mini_mime (>= 0.1.1)
       net-imap
       net-pop
       net-smtp
     marcel (1.0.2)
-    method_source (1.0.0)
+    mini_mime (1.1.5)
-    mini_mime (1.1.2)
+    mini_portile2 (2.8.4)
-    mini_portile2 (2.8.1)
+    minitest (5.20.0)
-    minitest (5.18.0)
+    mocha (2.1.0)
-    mocha (1.16.1)
+      ruby2_keywords (>= 0.0.5)
     multi_xml (0.6.0)
-    net-imap (0.3.4)
+    mutex_m (0.1.2)
+    net-imap (0.4.1)
       date
       net-protocol
     net-pop (0.1.2)
       net-protocol
     net-protocol (0.2.1)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.4.0)
       net-protocol
-    nio4r (2.5.8)
+    nio4r (2.5.9)
-    nokogiri (1.14.2)
+    nokogiri (1.15.4)
-      mini_portile2 (~> 2.8.0)
+      mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     oauth2 (2.0.9)
       faraday (>= 0.17.3, < 3.0)
@@ -151,84 +170,95 @@ GEM
     orm_adapter (0.5.0)
     psych (5.1.0)
       stringio
-    racc (1.6.2)
+    racc (1.7.1)
-    rack (2.2.6.4)
+    rack (2.2.8)
     rack-openid (1.4.2)
       rack (>= 1.1.0)
       ruby-openid (>= 2.1.8)
-    rack-protection (3.0.5)
+    rack-protection (3.1.0)
-      rack
+      rack (~> 2.2, >= 2.2.4)
+    rack-session (1.0.1)
+      rack (< 3)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (7.0.4.3)
+    rackup (1.0.0)
-      actioncable (= 7.0.4.3)
+      rack (< 3)
-      actionmailbox (= 7.0.4.3)
+      webrick
-      actionmailer (= 7.0.4.3)
+    rails (7.1.0)
-      actionpack (= 7.0.4.3)
+      actioncable (= 7.1.0)
-      actiontext (= 7.0.4.3)
+      actionmailbox (= 7.1.0)
-      actionview (= 7.0.4.3)
+      actionmailer (= 7.1.0)
-      activejob (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      activemodel (= 7.0.4.3)
+      actiontext (= 7.1.0)
-      activerecord (= 7.0.4.3)
+      actionview (= 7.1.0)
-      activestorage (= 7.0.4.3)
+      activejob (= 7.1.0)
-      activesupport (= 7.0.4.3)
+      activemodel (= 7.1.0)
+      activerecord (= 7.1.0)
+      activestorage (= 7.1.0)
+      activesupport (= 7.1.0)
       bundler (>= 1.15.0)
-      railties (= 7.0.4.3)
+      railties (= 7.1.0)
-    rails-dom-testing (2.0.3)
+    rails-dom-testing (2.2.0)
-      activesupport (>= 4.2.0)
+      activesupport (>= 5.0.0)
+      minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
+    rails-html-sanitizer (1.6.0)
-      loofah (~> 2.19, >= 2.19.1)
+      loofah (~> 2.21)
-    railties (7.0.4.3)
+      nokogiri (~> 1.14)
-      actionpack (= 7.0.4.3)
+    railties (7.1.0)
-      activesupport (= 7.0.4.3)
+      actionpack (= 7.1.0)
-      method_source
+      activesupport (= 7.1.0)
+      irb
+      rackup (>= 1.0.0)
       rake (>= 12.2)
-      thor (~> 1.0)
+      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.5)
+      zeitwerk (~> 2.6)
     rake (13.0.6)
     rdoc (6.5.0)
       psych (>= 4.0.0)
+    reline (0.3.9)
+      io-console (~> 0.5)
     responders (3.1.0)
       actionpack (>= 5.2)
       railties (>= 5.2)
-    rexml (3.2.5)
+    rexml (3.2.6)
     ruby-openid (2.9.2)
     ruby2_keywords (0.0.5)
     snaky_hash (2.0.1)
       hashie
       version_gem (~> 1.1, >= 1.1.1)
-    sqlite3 (1.6.1)
+    sqlite3 (1.6.6)
       mini_portile2 (~> 2.8.0)
-    stringio (3.0.5)
+    stringio (3.0.8)
-    thor (1.2.1)
+    thor (1.2.2)
-    timecop (0.9.6)
+    timecop (0.9.8)
-    timeout (0.3.2)
+    timeout (0.4.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    version_gem (1.1.2)
+    version_gem (1.1.3)
     warden (1.2.9)
       rack (>= 2.0.9)
     webrat (0.7.3)
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
-    websocket-driver (0.7.5)
+    webrick (1.8.1)
+    websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    zeitwerk (2.6.7)
+    zeitwerk (2.6.12)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   devise!
-  mocha (~> 1.1)
+  mocha (~> 2.1)
   omniauth
   omniauth-facebook
   omniauth-oauth2
   omniauth-openid
-  rails (~> 7.0.0)
+  rails (~> 7.1.0)
   rails-controller-testing!
   rdoc
   responders (~> 3.1)

app/controllers/devise_controller.rb

@@ -33,6 +33,19 @@ class DeviseController < Devise.parent_controller.constantize
     end
   end
 
+  # Override internal methods to exclude `_prefixes` from action methods since
+  # we override it above.
+  #
+  # There was an intentional change in Rails 7.1 that will allow it to become
+  # an action method because it's a public method of a non-abstract controller,
+  # but we also can't make this abstract because it can affect potential actions
+  # defined in the parent controller, so instead we ensure `_prefixes` is going
+  # to be considered internal. (and thus, won't become an action method.)
+  # Ref: https://github.com/rails/rails/pull/48699
+  def self.internal_methods #:nodoc:
+    super << :_prefixes
+  end
+
   protected
 
   # Gets the actual resource stored in the instance variable

gemfiles/Gemfile-rails-4-1

@@ -21,7 +21,7 @@ group :test do
   gem "omniauth-openid"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
   gem 'test_after_commit', require: false
 end
 
@@ -44,3 +44,6 @@ if RUBY_VERSION < "2.3.0"
   # `Object.deprecate_constant` which isn't available.
   gem "multipart-post", "2.1.1"
 end
+
+# There's a build incompatibility issue with nokogiri and loofah
+gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-4-2

@@ -20,7 +20,7 @@ group :test do
   gem "omniauth-openid"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
   gem 'test_after_commit', require: false
 end
 
@@ -43,3 +43,6 @@ if RUBY_VERSION < "2.3.0"
   # `Object.deprecate_constant` which isn't available.
   gem "multipart-post", "2.1.1"
 end
+
+# There's a build incompatibility issue with nokogiri and loofah
+gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-5-0

@@ -18,7 +18,7 @@ group :test do
   gem "omniauth-openid"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do
@@ -35,3 +35,6 @@ if RUBY_VERSION < "2.3.0"
   # `Object.deprecate_constant` which isn't available.
   gem "multipart-post", "2.1.1"
 end
+
+# There's a build incompatibility issue with nokogiri and loofah
+gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-5-1

@@ -16,7 +16,7 @@ group :test do
   gem "omniauth-openid"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do
@@ -28,3 +28,6 @@ if RUBY_VERSION < "2.3.0"
   # `Object.deprecate_constant` which isn't available.
   gem "multipart-post", "2.1.1"
 end
+
+# There's a build incompatibility issue with nokogiri and loofah
+gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-5-2

@@ -16,9 +16,12 @@ group :test do
   gem "omniauth-openid"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do
   gem "sqlite3", "~> 1.3.6"
 end
+
+# There's a build incompatibility issue with nokogiri and loofah
+gem "loofah", "~> 2.20.0"

gemfiles/Gemfile-rails-6-0

@@ -17,7 +17,7 @@ group :test do
   gem "rexml"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do

gemfiles/Gemfile-rails-6-1

@@ -23,7 +23,7 @@ group :test do
   gem "rexml"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do

gemfiles/Gemfile-rails-7-0

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gemspec path: ".."
+
+gem "rails", "~> 7.0.0"
+gem "omniauth"
+gem "omniauth-oauth2"
+gem "rdoc"
+
+gem "rails-controller-testing", github: "rails/rails-controller-testing"
+
+gem "responders", "~> 3.1"
+
+group :test do
+  gem "omniauth-facebook"
+  gem "omniauth-openid"
+  gem "rexml"
+  gem "timecop"
+  gem "webrat", "0.7.3", require: false
+  gem "mocha", "~> 2.1", require: false
+end
+
+platforms :ruby do
+  gem "sqlite3", "~> 1.4"
+end
+
+# platforms :jruby do
+#   gem "activerecord-jdbc-adapter"
+#   gem "activerecord-jdbcsqlite3-adapter"
+#   gem "jruby-openssl"
+# end
+
+# TODO:
+# group :mongoid do
+#   gem "mongoid", "~> 4.0.0"
+# end

gemfiles/Gemfile-rails-main

@@ -17,7 +17,7 @@ group :test do
   gem "rexml"
   gem "timecop"
   gem "webrat", "0.7.3", require: false
-  gem "mocha", "~> 1.1", require: false
+  gem "mocha", "~> 2.1", require: false
 end
 
 platforms :ruby do

lib/devise/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Devise
-  VERSION = "4.9.2".freeze
+  VERSION = "4.9.3".freeze
 end

test/controllers/helpers_test.rb

@@ -64,30 +64,30 @@ class ControllerAuthenticatableTest < Devise::ControllerTestCase
   end
 
   test 'proxy authenticate_user! to authenticate with user scope' do
-    @mock_warden.expects(:authenticate!).with(scope: :user)
+    @mock_warden.expects(:authenticate!).with({ scope: :user })
     @controller.authenticate_user!
   end
 
   test 'proxy authenticate_user! options to authenticate with user scope' do
-    @mock_warden.expects(:authenticate!).with(scope: :user, recall: "foo")
+    @mock_warden.expects(:authenticate!).with({ scope: :user, recall: "foo" })
     @controller.authenticate_user!(recall: "foo")
   end
 
   test 'proxy authenticate_admin! to authenticate with admin scope' do
-    @mock_warden.expects(:authenticate!).with(scope: :admin)
+    @mock_warden.expects(:authenticate!).with({ scope: :admin })
     @controller.authenticate_admin!
   end
 
   test 'proxy authenticate_[group]! to authenticate!? with each scope' do
     [:user, :admin].each do |scope|
-      @mock_warden.expects(:authenticate!).with(scope: scope)
+      @mock_warden.expects(:authenticate!).with({ scope: scope })
       @mock_warden.expects(:authenticate?).with(scope: scope).returns(false)
     end
     @controller.authenticate_commenter!
   end
 
   test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate!).with(scope: :publisher_account)
+    @mock_warden.expects(:authenticate!).with({ scope: :publisher_account })
     @controller.authenticate_publisher_account!
   end
 
@@ -127,14 +127,14 @@ class ControllerAuthenticatableTest < Devise::ControllerTestCase
   test 'sign in proxy to set_user on warden' do
     user = User.new
     @mock_warden.expects(:user).returns(nil)
-    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, { scope: :user }).returns(true)
     @controller.sign_in(:user, user)
   end
 
   test 'sign in accepts a resource as argument' do
     user = User.new
     @mock_warden.expects(:user).returns(nil)
-    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, { scope: :user }).returns(true)
     @controller.sign_in(user)
   end
 
@@ -148,7 +148,7 @@ class ControllerAuthenticatableTest < Devise::ControllerTestCase
   test 'sign in again when the user is already in only if force is given' do
     user = User.new
     @mock_warden.expects(:user).returns(user)
-    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, { scope: :user }).returns(true)
     @controller.sign_in(user, force: true)
   end
 
@@ -269,7 +269,7 @@ class ControllerAuthenticatableTest < Devise::ControllerTestCase
     user = User.new
     @controller.session[:user_return_to] = "/foo.bar"
     @mock_warden.expects(:user).with(:user).returns(nil)
-    @mock_warden.expects(:set_user).with(user, scope: :user).returns(true)
+    @mock_warden.expects(:set_user).with(user, { scope: :user }).returns(true)
     @controller.expects(:redirect_to).with("/foo.bar")
     @controller.sign_in_and_redirect(user)
   end
@@ -277,7 +277,7 @@ class ControllerAuthenticatableTest < Devise::ControllerTestCase
   test 'sign in and redirect uses the configured after sign in path' do
     admin = Admin.new
     @mock_warden.expects(:user).with(:admin).returns(nil)
-    @mock_warden.expects(:set_user).with(admin, scope: :admin).returns(true)
+    @mock_warden.expects(:set_user).with(admin, { scope: :admin }).returns(true)
     @controller.expects(:redirect_to).with(admin_root_path)
     @controller.sign_in_and_redirect(admin)
   end

test/controllers/internal_helpers_test.rb

@@ -55,7 +55,7 @@ class HelpersTest < Devise::ControllerTestCase
   end
 
   test 'require no authentication tests current mapping' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
+    @mock_warden.expects(:authenticate?).with(:rememberable, { scope: :user }).returns(true)
     @mock_warden.expects(:user).with(:user).returns(User.new)
     @controller.expects(:redirect_to).with(root_path)
     @controller.send :require_no_authentication
@@ -71,7 +71,7 @@ class HelpersTest < Devise::ControllerTestCase
   end
 
   test 'require no authentication sets a flash message' do
-    @mock_warden.expects(:authenticate?).with(:rememberable, scope: :user).returns(true)
+    @mock_warden.expects(:authenticate?).with(:rememberable, { scope: :user }).returns(true)
     @mock_warden.expects(:user).with(:user).returns(User.new)
     @controller.expects(:redirect_to).with(root_path)
     @controller.send :require_no_authentication

test/integration/authenticatable_test.rb

@@ -572,7 +572,7 @@ class AuthenticationRequestKeysTest < Devise::IntegrationTest
     host! 'foo.bar.baz'
 
     swap Devise, request_keys: [:subdomain] do
-      User.expects(:find_for_authentication).with(subdomain: 'foo', email: 'user@test.com').returns(create_user)
+      User.expects(:find_for_authentication).with({ subdomain: 'foo', email: 'user@test.com' }).returns(create_user)
       sign_in_as_user
       assert warden.authenticated?(:user)
     end

test/models/authenticatable_test.rb

@@ -43,7 +43,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
       user = create_user(email: 'example@example.com')
       attributes = ActionController::Parameters.new(email: 'example@example.com')
 
-      User.expects(:find_first_by_auth_conditions).with('email' => 'example@example.com').returns(user)
+      User.expects(:find_first_by_auth_conditions).with({ 'email' => 'example@example.com' }).returns(user)
       User.find_or_initialize_with_errors([:email], attributes)
     end
   end

test/rails_app/config/application.rb

@@ -53,5 +53,9 @@ module RailsApp
     if Devise::Test.rails70?
       config.active_record.legacy_connection_handling = false
     end
+
+    if Devise::Test.rails70_and_up?
+      config.active_support.cache_format_version = 7.0
+    end
   end
 end

test/rails_app/config/boot.rb

@@ -12,6 +12,10 @@ module Devise
       !rails70? && Rails::VERSION::MAJOR >= 7
     end
 
+    def self.rails70_and_up?
+      Rails::VERSION::MAJOR >= 7
+    end
+
     def self.rails70?
       Rails.version.start_with? '7.0'
     end

test/routes_test.rb

@@ -2,7 +2,7 @@
 
 require 'test_helper'
 
-ExpectedRoutingError = MiniTest::Assertion
+ExpectedRoutingError = Minitest::Assertion
 
 class DefaultRoutingTest < ActionController::TestCase
   test 'map new user session' do

test/test_helper.rb

@@ -27,11 +27,14 @@ class ActiveSupport::TestCase
   if ActiveSupport.version < Gem::Version.new("5.0")
     def assert_deprecated(match, deprecator)
       super(match) do
-        behavior = deprecator.behavior
+        # TODO: remove extra begin..end when dropping support for Ruby <= 2.4
-        deprecator.behavior = ActiveSupport::Deprecation.behavior
+        begin
-        yield
+          behavior = deprecator.behavior
-      ensure
+          deprecator.behavior = ActiveSupport::Deprecation.behavior
-        deprecator.behavior = behavior
+          yield
+        ensure
+          deprecator.behavior = behavior
+        end
       end
     end
   end