Open
Conversation
kennethkalmer
force-pushed
the
devise-5-support
branch
2 times, most recently
from
b91c48b to
68873a5
Compare
- Tighten devise dependency to ~> 5.0 (was >= 4.8.0, < 6.0) - Remove dead rails5?/rails5_or_newer? methods and conditional - Simplify engine reloader: always use ActiveSupport::Reloader - Remove Devise config.secret_key (removed in Devise 5) - Remove dead StrongParameters conditional and Rails 3 generator code - Fix secret_token → secret_key_base for Rails 7+ - Fix test environment config (remove whiny_nils, show_exceptions) - Upgrade mocha to ~> 2.0 with minitest integration - Remove unused bson_ext dependency - Fix integration tests to be self-contained across test runs - Freeze time in TOTP tests to reduce flakiness at period boundaries Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Run tests on push and PR against Ruby 3.3 and 3.4. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The .to_i call on the token string strips leading zeros (e.g. "012345" becomes 12345), which then fails to match the zero-padded string from ROTP when compared via validate_token. Since validate_token already calls .to_s internally, the token should stay as a string throughout. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the wall-clock-derived freeze with a fixed FROZEN_TIME constant (5 seconds into a TOTP period). This eliminates test ordering sensitivity where Timecop.travel in the remembertime test left real time advancing, causing subsequent tests to land on 30-second TOTP boundaries. Also switches the remembertime and ga_timeout tests to use Timecop.freeze with absolute times. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
kennethkalmer
force-pushed
the
devise-5-support
branch
from
5d7eaab to
2d09bb6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Tightens the devise dependency to
~> 5.0and fixes remaining incompatibilities, building on top of the Ruby 3 and Rails 8 work already merged in #3 and #4. Also adds GitHub Actions CI.>= 4.8.0, < 6.0to~> 5.0config.secret_keyfrom Devise initializer (removed in Devise 5)rails5?/rails5_or_newer?methods,ActionController::StrongParametersconditional, Rails 3attr_accessiblegenerator supportActiveSupport::Reloadersecret_token→secret_key_base, fix test environment config, removebson_ext, make integration tests self-containedContext
The
ably/websiterepo is upgrading to Devise 5 (PR #8054). This fork already resolves to Devise 5.0.3 thanks to the broad>= 4.8.0, < 6.0constraint, but the gemspec should explicitly require~> 5.0since Devise 4.x APIs (likesign_in bypass: true) are no longer supported.Test plan
bundle installresolves with Devise 5.0.3 and Rails 8.1.2bundle exec rake test— 35 tests, 0 errors, 0 failures on clean runs🤖 Generated with Claude Code