Open boatrite opened 6 years ago
this is a meaningful change, but rather than using an unsafe hash we should figure out a way to safely dump this format. (although this is a dev tool, people may forget to not include it in prod, and debug lines always get dropped in...)
@boatride would you be willing to work on this to help get it ready for release, please? :)
I don't think this causes any issues even if left in production. As far as I know, the whole unsafe hash thing is really only relevant when being passed in to a model -- to prevent arbitrarily set params from setting attributes on the model that shouldn't allowed to be set. It's not possible to pass the result of ap params
into a model's update
(or similar) method because the ap
method returns nil anyways and not the hash.
As far as I know, unsafe
refers to the fact that it's all of the key-value pairs with no filtering applied, and that is exactly the behavior we want when ap
ing an ActionController::Parameters object.
I would be happy to work on this, but I don't see that anything needs to be changed about it. (aside from the test failures)
Heyo @imajes , I added a commit to fix the test failure in Rails 3. There is one failure left, but it seems to be occurring in active record, using ruby-head with frozen string literals enabled. I haven't looked into it.
Do you have any thoughts re: unsafe hash? I might be misunderstanding, could you explain more about the changes you want me to make? :)
@boatrite thx for the update -- i'm gonna take this work and merge it into the v2 i've been working on :)
Since it doesn't appear that version 2.0 PR has changed much recently, would it be possible to get this merged into a release prior than 2.0?
…tionController::Parameters object