Posts tagged "devise"

Security announcement: Devise v2.2.3, v2.1.3, v2.0.5 and v1.5.4 released

Hi everybody. I’d like to announce that Devise v2.2.3, v2.1.3, v2.0.5 and v1.5.4 have been released with a security patch. Upgrade immediately unless you are using PostgreSQL or SQLite3. Users of all other databases (including NoSQL ones) require immediate upgrade. Using a specially crafted request, an attacker could trick the database type conversion code to … »

Say hi to Devise 2.1.0 !

In this blog post we talk about a new feature upcoming on Devise 2.1 that aims to provide developers faster feedback in case a model is missing a field required by Devise behaviors.

Devise 2.0 released

Devise 2.0 was just released. This version is not a big refactoring, nor contains stellar features, it is simply another step towards a very mature authentication library.

Three tips to improve the performance of your test suite

Three quick short tips to improve the performance of your test suite!

Bare-bone, stripped-down Devise

Last week I spoke at Silicon Valley Ruby Group about PlataformaTec’s open source tools, mainly Devise, Simple Form and Responders. When talking about Devise, I’ve mentioned that, before creating Devise, we were alternating between using Authlogic or Clearance in our projects. However, we soon realized that we needed a solution that was as customizable as … »

Devise Security Release 1.1.6

Note: Devise 1.1.6 broke compatibility with Rails versions prior to 3.0.4, this has been fixed on Devise 1.1.7. Devise 1.1.6 has just been released and it follows Rails 3.0.4 release. Rails 3.0.4 changes how CSRF works and adds a new method called handle_unverified_request that should be properly overridden by authentication frameworks. Devise 1.1.6 implements this … »