possible Pay or Administrate gem error : 'polymorphic_path' issue with upgrade to Rails 6.0.3.7
After I upgraded Rails to 6.0.3.7, I noticed an error in JSP Admin/Pay/Subscriptions
of `Please use symbols for polymorphic route arguments.`
This is due to a security fix dated a few days ago (early May 2021)
https://github.com/rails/rails/issues/42157
it was somewhat straightforward to fix the `polymorphic_path` instances ( I found 2 in JSP)
However it also affects `links_to`, such as
app/views/admin/pay/subscriptions/index.html, line 44
the issue thread linked above mentions that a lot of errors come from gems wherein it shows up as a link_to error in one's code but under the hood the gem is also using polymorphic_path . (I'm guessing here it's the Pay gem).
They also mention that folks won't run into the problem until runtime since there's not a lot of Rails test coverage on this particular subtlety. Which is what I experienced, it was only when I went into the Pay Subscriptions portion of the JSP Admin that I hit the bug and became aware.
I don't have the skillset to fix this otherwise I'd do a PR
of `Please use symbols for polymorphic route arguments.`
This is due to a security fix dated a few days ago (early May 2021)
https://github.com/rails/rails/issues/42157
it was somewhat straightforward to fix the `polymorphic_path` instances ( I found 2 in JSP)
However it also affects `links_to`, such as
app/views/admin/pay/subscriptions/index.html, line 44
the issue thread linked above mentions that a lot of errors come from gems wherein it shows up as a link_to error in one's code but under the hood the gem is also using polymorphic_path . (I'm guessing here it's the Pay gem).
They also mention that folks won't run into the problem until runtime since there's not a lot of Rails test coverage on this particular subtlety. Which is what I experienced, it was only when I went into the Pay Subscriptions portion of the JSP Admin that I hit the bug and became aware.
I don't have the skillset to fix this otherwise I'd do a PR
Or maybe it's the Administrate gem , since they already posted a fix:
https://github.com/thoughtbot/administrate/pull/1972
I did a `bundle update` to pull in v0.16.0 of Chris' administrate fork that comes with JSP, hoping that would pull in the fix for the gem. But I get the same error
https://github.com/thoughtbot/administrate/pull/1972
I did a `bundle update` to pull in v0.16.0 of Chris' administrate fork that comes with JSP, hoping that would pull in the fix for the gem. But I get the same error
I ran into this issue a while ago and I submitted a PR to Chris's fork which is what jumpstart uses.
Is this happening on a fresh install or an old one?
https://github.com/excid3/administrate/pull/4
Is this happening on a fresh install or an old one?
https://github.com/excid3/administrate/pull/4
Notifications
You’re not receiving notifications from this thread.