❤️💚💙💛🧡

Devise v5.0.3 released, fixing a security issue with (re)confirmable "change email" feature, which would allow confirming an email they don't own. https://t.co/0X174qM0gS

Finally got this deployed somewhere else, which is going to be "good enough" for now: https://t.co/WjNdAbsMzQ

Devise v5.0.1 released with a minor fix for auth translation keys in certain languages, introduced by v5. e.g. German E-Mail was being converted to E-mail in the flash message when auth was invalid. https://t.co/MrqoyI3gHo

Looks like standardrb is the winner... but at what cost? 🤣

Should we apply some rubocop / standard workflow across all projects? (devise, simple form, responders, etc.)

Devise v5.0 rc was just released, with a ton of enhancements, bug fixes, and a few potential breaking changes too, including dropping support for older Ruby/Rails versions. Give it a try, and please report back if you hit anything. https://t.co/51KAyL3CWg Happy New Year! 🎇

SimpleForm v5.3.1 was just released, reverting a change that was meant to speed up input mapping lookup, since that broke some custom input lookup. https://t.co/JSRkDghC2j

Devise v4.9.4 was just released, with a fix to use the set I18n locale on some messages when redirecting to authentication via the failure app, plus CI running on Ruby 3.3.

We will also be dropping support to Rails versions < 6 and Ruby versions < 2.7 soon. If your app uses one of the soon-to-be-dropped Ruby/Rails versions, we strongly encourage to plan the upgrade.

There are new released versions of Devise, Simple Form, Responders, Has Scope, Mail Form, and Show For, all with a green test suite on Rails 7.1, no changes required. Please report to the issues tracker if you run into any issues.

I've got a Devise branch with Rails 7.1 tests green / deprecation free, if anyone wants to give it a try: https://t.co/prf149KQqP Note: This is based on the current v4.9.2, not main, and is likely going to become a `4-stable` branch going forward.

We received report of another library that "broke" with release v4.9.1 due to relying on a `nodoc` / non-public method `Devise.activerecord51?`, so we released a new version v4.9.2 bringing that back with a deprecation warning, to make it easier for people to upgrade for now.

It looks like this release broke `devise-security` due to usage of a `:nodoc:` (non-public) method that was removed/refactored: https://t.co/6pwpND9O8m If you run into issues and we can't get an update on devise-security (or some other library relying on that), let us know.

Devise v4.9.1 released, fixing an issue with custom recall logic performing redirects in the failure app, improved support when both AR & Mongoid are loaded, respect per-model "sign_in_after_reset_password" config, and a couple other improvements. https://t.co/9uuaKsRndc

Devise will soon target a v5 with plans to drop support to older versions of Ruby/Rails, and other possible breaking changes.

Devise v4.9.0 was just released with improved Turbo integration out of the box. Please check the Changelog and the linked wiki there for more info on the upgrade, and report if you run into any issues. https://t.co/bcqN9jtZlC

This is now on the main Devise branch. Hoping for a new release soon, but I'll let it sit there for a bit more in case someone still wants to give it a shot and provide any feedback.