Merge pull request #142 from aspettl/dependabot/bundler/devise-4.9.0

Bump devise from 4.8.1 to 4.9.0
aspettl · Feb 18, 2023 · 688b38a · 688b38a
2 parents 2152b14 + 30a8e50
commit 688b38a
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 14 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
     concurrent-ruby (1.2.0)
     crass (1.0.6)
     date (3.3.3)
-    devise (4.8.1)
+    devise (4.9.0)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -137,7 +137,7 @@ GEM
       activerecord (>= 4.0.0)
       activesupport (>= 4.0.0)
     nio4r (2.5.8)
-    nokogiri (1.14.1-x86_64-linux)
+    nokogiri (1.14.2-x86_64-linux)
       racc (~> 1.4)
     orm_adapter (0.5.0)
     parallel (1.22.1)
@@ -252,7 +252,7 @@ GEM
     websocket-extensions (0.1.5)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.6.6)
+    zeitwerk (2.6.7)
 
 PLATFORMS
   x86_64-linux

diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
@@ -15,7 +15,7 @@
       <p id="login_bar">
         You are logged in as <%= @user.email %>.
         <% unless @login_via_http_auth %>
-          <%= link_to 'Log out', destroy_user_session_path, method: :delete %>
+          <%= link_to 'Log out', destroy_user_session_path, method: :delete, data: { turbo_method: :delete } %>
         <% end %>
       </p>
     <% end %>

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'socket'
-
 # Assuming you have not yet modified this file, each configuration option below
 # is set to its default value. Note that some are commented out while others
 # are not: uncommented lines are intended to protect your configuration from
@@ -260,14 +258,14 @@
 
   # ==> Navigation configuration
   # Lists the formats that should be treated as navigational. Formats like
-  # :html, should redirect to the sign in page when the user does not have
+  # :html should redirect to the sign in page when the user does not have
   # access, but formats like :xml or :json, should return 401.
   #
   # If you have any extra navigational formats, like :iphone or :mobile, you
   # should add them to the navigational formats lists.
   #
   # The "*/*" below is required to match Internet Explorer requests.
-  # config.navigational_formats = ['*/*', :html]
+  # config.navigational_formats = ['*/*', :html, :turbo_stream]
 
   # The default HTTP method used to sign out a resource. Default is :delete.
   config.sign_out_via = :delete
@@ -300,12 +298,14 @@
   # so you need to do it manually. For the users scope, it would be:
   # config.omniauth_path_prefix = '/my_engine/users/auth'
 
-  # ==> Turbolinks configuration
-  # If your app is using Turbolinks, Turbolinks::Controller needs to be included to make redirection work correctly:
-  #
-  # ActiveSupport.on_load(:devise_failure_app) do
-  #   include Turbolinks::Controller
-  # end
+  # ==> Hotwire/Turbo configuration
+  # When using Devise with Hotwire/Turbo, the http status for error responses
+  # and some redirects must match the following. The default in Devise for existing
+  # apps is `200 OK` and `302 Found respectively`, but new apps are generated with
+  # these new defaults that match Hotwire/Turbo behavior.
+  # Note: These might become the new default in future versions of Devise.
+  config.responder.error_status = :unprocessable_entity
+  config.responder.redirect_status = :see_other
 
   # ==> Configuration for :registerable