Drop support to all EOL rails versions

.github/workflows/test.yml

@@ -11,11 +11,6 @@ jobs:
           - gemfiles/Gemfile-rails-7-0
           - gemfiles/Gemfile-rails-6-1
           - gemfiles/Gemfile-rails-6-0
-          - gemfiles/Gemfile-rails-5-2
-          - gemfiles/Gemfile-rails-5-1
-          - gemfiles/Gemfile-rails-5-0
-          - gemfiles/Gemfile-rails-4-2
-          - gemfiles/Gemfile-rails-4-1
         ruby:
           - '3.2'
           - '3.1'
@@ -28,18 +23,6 @@ jobs:
             env: DEVISE_ORM=mongoid
           - gemfile: gemfiles/Gemfile-rails-main
             env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.6'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.5'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.4'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.3'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.2'
-          - gemfile: gemfiles/Gemfile-rails-7-0
-            ruby: '2.1'
           - gemfile: gemfiles/Gemfile-rails-7-0
             env: DEVISE_ORM=mongoid
           - gemfile: gemfiles/Gemfile-rails-6-1
@@ -50,52 +33,13 @@ jobs:
             ruby: '3.1'
           - gemfile: gemfiles/Gemfile-rails-6-0
             env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-5-2
-            env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-5-1
-            env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-5-0
-            env: DEVISE_ORM=mongoid
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-4-2
-            ruby: '3.0'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '3.2'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '3.1'
-          - gemfile: gemfiles/Gemfile-rails-4-1
-            ruby: '3.0'
     # TODO: lock `ubunty-20.04` due to older Ruby version compatibility, change to `ubuntu-latest` again when dropping older Ruby support.
     # https://github.com/ruby/setup-ruby/issues/496#issuecomment-1520662740
     runs-on: ubuntu-20.04
     env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
       BUNDLE_GEMFILE: ${{ matrix.gemfile }}
     steps:
       - uses: actions/checkout@v3
-      - name: Setup Bundler 1.x for Rails 4.x and Ruby <= 2.2
-        if: ${{ matrix.gemfile == 'gemfiles/Gemfile-rails-4-1' || matrix.gemfile == 'gemfiles/Gemfile-rails-4-2' || matrix.ruby <= '2.2' }}
-        run: echo "BUNDLER_VERSION=1.17.3" >> $GITHUB_ENV
       - uses: ruby/setup-ruby@v1
         with:
           ruby-version: ${{ matrix.ruby }}

CHANGELOG.md

@@ -1,5 +1,8 @@
 ### Unreleased
 
+* Drop support to Ruby < 3.0
+* Drop support to Rails < 6.0
+
 * enhancements
   * Removed deprecations warning output for `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` (@soartec-lab)
 

Gemfile.lock

@@ -13,7 +13,7 @@ PATH
     devise (4.9.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
+      railties (>= 6.0.0)
       responders
       warden (~> 1.2.3)
 

README.md

@@ -129,17 +129,17 @@ Please note that the command output will show the variable value being used.
 ### BUNDLE_GEMFILE
 We can use this variable to tell bundler what Gemfile it should use (instead of the one in the current directory).
 Inside the [gemfiles](https://github.com/heartcombo/devise/tree/main/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite breaks using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
-For example, if the tests broke using Ruby 3.0.0 and Rails 4.1, you can do the following:
+For example, if the tests broke using Ruby 3.0.0 and Rails 6.0, you can do the following:
 ```bash
 rbenv shell 3.0.0 # or rvm use 3.0.0
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bin/test
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-6.0-stable bundle install
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-6.0-stable bin/test
 ```
 
 You can also combine both of them if the tests broke for Mongoid:
 ```bash
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable bundle install
-BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.1-stable DEVISE_ORM=mongoid bin/test
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-6.0-stable bundle install
+BUNDLE_GEMFILE=gemfiles/Gemfile.rails-6.0-stable DEVISE_ORM=mongoid bin/test
 ```
 
 ### Running tests
@@ -172,7 +172,7 @@ Once you have solidified your understanding of Rails and authentication mechanis
 
 ## Getting started
 
-Devise 4.0 works with Rails 4.1 onwards. Run:
+Devise 4.0 works with Rails 6.0 onwards. Run:
 
 ```sh
 bundle add devise
@@ -691,9 +691,9 @@ Alternatively, you can simply run the Devise generator.
 
 Keep in mind that those models will have completely different routes. They **do not** and **cannot** share the same controller for sign in, sign out and so on. In case you want to have different roles sharing the same actions, we recommend that you use a role-based approach, by either providing a role column or using a dedicated gem for authorization.
 
-### ActiveJob Integration
+### Active Job Integration
 
-If you are using Rails 4.2 and ActiveJob to deliver ActionMailer messages in the
+If you are using Active Job to deliver Action Mailer messages in the
 background through a queuing back-end, you can send Devise emails through your
 existing queue by overriding the `send_devise_notification` method in your model.
 

devise.gemspec

@@ -30,7 +30,7 @@ Gem::Specification.new do |s|
   s.add_dependency("warden", "~> 1.2.3")
   s.add_dependency("orm_adapter", "~> 0.1")
   s.add_dependency("bcrypt", "~> 3.0")
-  s.add_dependency("railties", ">= 4.1.0")
+  s.add_dependency("railties", ">= 6.0.0")
   s.add_dependency("responders")
 
   s.post_install_message = %q{

lib/devise/controllers/sign_in_out.rb

@@ -106,12 +106,6 @@ def sign_out_all_scopes(lock = true)
       private
 
       def expire_data_after_sign_in!
-        # TODO: remove once Rails 5.2+ and forward are only supported.
-        # session.keys will return an empty array if the session is not yet loaded.
-        # This is a bug in both Rack and Rails.
-        # A call to #empty? forces the session to be loaded.
-        session.empty?
-
         session.keys.grep(/^devise\./).each { |k| session.delete(k) }
       end
 

lib/devise/failure_app.rb

@@ -140,7 +140,7 @@ def scope_url
       opts  = {}
 
       # Initialize script_name with nil to prevent infinite loops in
-      # authenticated mounted engines in rails 4.2 and 5.0
+      # authenticated mounted engines
       opts[:script_name] = nil
 
       route = route(scope)
@@ -152,13 +152,6 @@ def scope_url
 
       if relative_url_root?
         opts[:script_name] = relative_url_root
-
-      # We need to add the rootpath to `script_name` manually for applications that use a Rails
-      # version lower than 5.1. Otherwise, it is going to generate a wrong path for Engines
-      # that use Devise. Remove it when the support of Rails 5.0 is dropped.
-      elsif root_path_defined?(context) && !rails_51_and_up?
-        rootpath = context.routes.url_helpers.root_path
-        opts[:script_name] = rootpath.chomp('/') if rootpath.length > 1
       end
 
       if context.respond_to?(route)
@@ -274,15 +267,5 @@ def relative_url_root?
     end
 
     ActiveSupport.run_load_hooks(:devise_failure_app, self)
-
-    private
-
-    def root_path_defined?(context)
-      defined?(context.routes) && context.routes.url_helpers.respond_to?(:root_path)
-    end
-
-    def rails_51_and_up?
-      Rails.gem_version >= Gem::Version.new("5.1")
-    end
   end
 end

lib/devise/models/authenticatable.rb

@@ -2,7 +2,6 @@
 
 require 'devise/hooks/activatable'
 require 'devise/hooks/csrf_cleaner'
-require 'devise/rails/deprecated_constant_accessor'
 
 module Devise
   module Models
@@ -184,24 +183,16 @@ def devise_mailer
       #         # Deliver later with Active Job's `deliver_later`
       #         if message.respond_to?(:deliver_later)
       #           message.deliver_later
-      #         # Remove once we move to Rails 4.2+ only, as `deliver` is deprecated.
-      #         elsif message.respond_to?(:deliver_now)
-      #           message.deliver_now
       #         else
-      #           message.deliver
+      #           message.deliver_now
       #         end
       #       end
       #
       #     end
       #
       def send_devise_notification(notification, *args)
         message = devise_mailer.send(notification, self, *args)
-        # Remove once we move to Rails 4.2+ only.
-        if message.respond_to?(:deliver_now)
-          message.deliver_now
-        else
-          message.deliver
-        end
+        message.deliver_now
       end
 
       def downcase_keys

lib/devise/orm.rb

@@ -4,19 +4,11 @@ def self.active_record?(model)
       defined?(ActiveRecord) && model < ActiveRecord::Base
     end
 
-    def self.active_record_51?(model)
-      active_record?(model) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
-    end
-
     def self.included(model)
-      if Devise::Orm.active_record_51?(model)
-        model.include DirtyTrackingNewMethods
-      else
-        model.include DirtyTrackingOldMethods
-      end
+      model.include DirtyTrackingMethods
     end
 
-    module DirtyTrackingNewMethods
+    module DirtyTrackingMethods
       def devise_email_before_last_save
         email_before_last_save
       end
@@ -41,31 +33,5 @@ def devise_respond_to_and_will_save_change_to_attribute?(attribute)
         respond_to?("will_save_change_to_#{attribute}?") && send("will_save_change_to_#{attribute}?")
       end
     end
-
-    module DirtyTrackingOldMethods
-      def devise_email_before_last_save
-        email_was
-      end
-
-      def devise_email_in_database
-        email_was
-      end
-
-      def devise_saved_change_to_email?
-        email_changed?
-      end
-
-      def devise_saved_change_to_encrypted_password?
-        encrypted_password_changed?
-      end
-
-      def devise_will_save_change_to_email?
-        email_changed?
-      end
-
-      def devise_respond_to_and_will_save_change_to_attribute?(attribute)
-        respond_to?("#{attribute}_changed?") && send("#{attribute}_changed?")
-      end
-    end
   end
 end

lib/devise/parameter_sanitizer.rb

@@ -130,8 +130,7 @@ def permit(action, keys: nil, except: nil, &block)
     #
     # Returns an +ActiveSupport::HashWithIndifferentAccess+.
     def cast_to_hash(params)
-      # TODO: Remove the `with_indifferent_access` method call when we only support Rails 5+.
-      params && params.to_h.with_indifferent_access
+      params && params.to_h
     end
 
     def default_params

lib/devise/test/controller_helpers.rb

@@ -141,7 +141,6 @@ def _process_unauthenticated(env, options = {})
 
           status, headers, response = Devise.warden_config[:failure_app].call(env).to_a
           @controller.response.headers.merge!(headers)
-          @controller.response.content_type = headers["Content-Type"] unless Rails::VERSION::MAJOR >= 5
           @controller.status = status
           @controller.response_body = response.body
           nil # causes process return @response