Release 4.7.3

This reverts commit 2da46d8dd6.

CHANGELOG.md

@@ -1,13 +1,10 @@
-### master
+### 4.7.3 - 2020-09-20
 
 * bug fixes
   * Do not modify `:except` option given to `#serializable_hash`. (by @dpep)
   * Fix thor deprecation when running the devise generator. (by @deivid-rodriguez)
   * Fix hanging tests for streaming controllers using Devise. (by @afn)
 
-* deprecations
-  * `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` is deprecated in favor of `Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION` (@hanachin)
-
 ### 4.7.2 - 2020-06-10
 
 * enhancements

Gemfile.lock

@@ -19,7 +19,7 @@ GIT
 PATH
   remote: .
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

gemfiles/Gemfile.rails-4.1-stable.lock

@@ -48,7 +48,7 @@ GIT
 PATH
   remote: ..
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

gemfiles/Gemfile.rails-4.2-stable.lock

@@ -57,7 +57,7 @@ GIT
 PATH
   remote: ..
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

gemfiles/Gemfile.rails-5.0-stable.lock

@@ -10,7 +10,7 @@ GIT
 PATH
   remote: ..
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

gemfiles/Gemfile.rails-5.1-stable.lock

@@ -10,7 +10,7 @@ GIT
 PATH
   remote: ..
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

gemfiles/Gemfile.rails-5.2-stable.lock

@@ -10,7 +10,7 @@ GIT
 PATH
   remote: ..
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

gemfiles/Gemfile.rails-6.0-stable.lock

@@ -19,7 +19,7 @@ GIT
 PATH
   remote: ..
   specs:
-    devise (4.7.2)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)

lib/devise/models/authenticatable.rb

@@ -2,7 +2,6 @@
 
 require 'devise/hooks/activatable'
 require 'devise/hooks/csrf_cleaner'
-require 'devise/rails/deprecated_constant_accessor'
 
 module Devise
   module Models
@@ -56,14 +55,11 @@ module Devise
     module Authenticatable
       extend ActiveSupport::Concern
 
-      UNSAFE_ATTRIBUTES_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
+      BLACKLIST_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
         :remember_created_at, :sign_in_count, :current_sign_in_at, :last_sign_in_at, :current_sign_in_ip,
         :last_sign_in_ip, :password_salt, :confirmation_token, :confirmed_at, :confirmation_sent_at,
         :remember_token, :unconfirmed_email, :failed_attempts, :unlock_token, :locked_at]
 
-      include Devise::DeprecatedConstantAccessor
-      deprecate_constant "BLACKLIST_FOR_SERIALIZATION", "Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION"
-
       included do
         class_attribute :devise_modules, instance_writer: false
         self.devise_modules ||= []
@@ -113,7 +109,7 @@ module Devise
         if options[:force_except]
           options[:except].concat Array(options[:force_except])
         else
-          options[:except].concat UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
+          options[:except].concat BLACKLIST_FOR_SERIALIZATION
         end
 
         super(options)

lib/devise/rails/deprecated_constant_accessor.rb

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-begin
-  require 'active_support/deprecation/constant_accessor'
-
-  module Devise
-    DeprecatedConstantAccessor = ActiveSupport::Deprecation::DeprecatedConstantAccessor #:nodoc:
-  end
-rescue LoadError
-
-  # Copy of constant deprecation module from Rails / Active Support version 6, so we can use it
-  # with Rails <= 5.0 versions. This can be removed once we support only Rails 5.1 or greater.
-  module Devise
-    module DeprecatedConstantAccessor #:nodoc:
-      def self.included(base)
-        require "active_support/inflector/methods"
-
-        extension = Module.new do
-          def const_missing(missing_const_name)
-            if class_variable_defined?(:@@_deprecated_constants)
-              if (replacement = class_variable_get(:@@_deprecated_constants)[missing_const_name.to_s])
-                replacement[:deprecator].warn(replacement[:message] || "#{name}::#{missing_const_name} is deprecated! Use #{replacement[:new]} instead.", Rails::VERSION::MAJOR == 4 ? caller : caller_locations)
-                return ActiveSupport::Inflector.constantize(replacement[:new].to_s)
-              end
-            end
-            super
-          end
-
-          def deprecate_constant(const_name, new_constant, message: nil, deprecator: ActiveSupport::Deprecation.instance)
-            class_variable_set(:@@_deprecated_constants, {}) unless class_variable_defined?(:@@_deprecated_constants)
-            class_variable_get(:@@_deprecated_constants)[const_name.to_s] = { new: new_constant, message: message, deprecator: deprecator }
-          end
-        end
-        base.singleton_class.prepend extension
-      end
-    end
-  end
-
-end

lib/devise/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Devise
-  VERSION = "4.7.2".freeze
+  VERSION = "4.7.3".freeze
 end

test/models/serializable_test.rb

@@ -46,10 +46,6 @@ class SerializableTest < ActiveSupport::TestCase
     assert_key "username", @user.as_json({ only: :username, except: [:email].freeze }.freeze)["user"]
   end
 
-  test 'constant `BLACKLIST_FOR_SERIALIZATION` is deprecated' do
-    assert_deprecated { Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION }
-  end
-
   def assert_key(key, subject)
     assert subject.key?(key), "Expected #{subject.inspect} to have key #{key.inspect}"
   end