When rendering the text-feed for todos (_text_todo.rhtml) this
uses localized string 'as-is'. Those are html-encoded which
is not appropriate for TXT feeds (e.g. 'todos.due' is 'Fällig'
in German locale).
ruby-debug is referenced in the 'Setting up a development environment'
page on the Tracks wiki. Include it in the Gemfile as part of the
development group
One side effect though: althoug dependencies are still in place, the gui cannot differentiate between pending and hidden todos. The views currently do not show dependencies anymore in hidden projects. Postponing a fix for 2.2
Signed-off-by: Reinier Balt <lrbalt@gmail.com>
Reinier Balt wrote:
> One problem I see is when people want to downgrade. You chop the
> password field back to 40 chars, but it will cause all users incapable
> of logging in. Perhaps we can put a default password in the password on
> migration.down? like sha1('secret123') so we leave Tracks operable on
> downgrade?
https://github.com/bsag/tracks-old/pull/26#issuecomment-2001500
Expressions '...should == @user' caused specs to fail because of
ArgumentError in 'User authentication resets password'
wrong number of arguments (0 for 1)
Replacing expectations declared for User objects with expectations declared
for their id fields solves the problem and doesn't change specs' logic.
BCrypt is regarded as a more secure alternative to hashing using message
digest algorithms, such as MD5 and SHA families [0, 1, 2]. Apart from
built-in salting it is adaptable to the increasing power of modern
processing units, which makes it more secure against brute-force cracking.
This commit makes all passwords hashed using BCrypt. The session tokens
remain generated using SHA1. Tests were updated, `rake test:units` and
`rake test:functionals` didn't report any regressions.
[0] http://bcrypt.sourceforge.net/
[1] http://en.wikipedia.org/w/index.php?title=Bcrypt&oldid=439692871
[2] eab1c72/README.md
There was a selenium test that verified that projects could not have
commas that was previously missed. Modify that test so that it verifies
that the project was created successfully.
There were several places where newer versions of gems were being
pulled. Those newer versions were breaking the functional tests and the
cucumber features.
Go back to known working versions of the gems that were causing failures
