actionview 6.0.0.beta1 → 6.0.1.rc1

data/lib/action_view/gem_version.rb

@@ -9,8 +9,8 @@ module ActionView
   module VERSION
     MAJOR = 6
     MINOR = 0
-    TINY  = 0
-    PRE   = "beta1"
+    TINY  = 1
+    PRE   = "rc1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/action_view/helpers/asset_tag_helper.rb

@@ -329,14 +329,14 @@ module ActionView
       #   image_tag("pic.jpg", srcset: [["pic_1024.jpg", "1024w"], ["pic_1980.jpg", "1980w"]], sizes: "100vw")
       #   # => <img src="/assets/pic.jpg" srcset="/assets/pic_1024.jpg 1024w, /assets/pic_1980.jpg 1980w" sizes="100vw">
       #
-      # Active Storage (images that are uploaded by the users of your app):
+      # Active Storage blobs (images that are uploaded by the users of your app):
       #
       #   image_tag(user.avatar)
       #   # => <img src="/rails/active_storage/blobs/.../tiger.jpg" />
-      #   image_tag(user.avatar.variant(resize_to_fit: [100, 100]))
-      #   # => <img src="/rails/active_storage/variants/.../tiger.jpg" />
-      #   image_tag(user.avatar.variant(resize_to_fit: [100, 100]), size: '100')
-      #   # => <img width="100" height="100" src="/rails/active_storage/variants/.../tiger.jpg" />
+      #   image_tag(user.avatar.variant(resize_to_limit: [100, 100]))
+      #   # => <img src="/rails/active_storage/representations/.../tiger.jpg" />
+      #   image_tag(user.avatar.variant(resize_to_limit: [100, 100]), size: '100')
+      #   # => <img width="100" height="100" src="/rails/active_storage/representations/.../tiger.jpg" />
       def image_tag(source, options = {})
         options = options.symbolize_keys
         check_for_image_tag_errors(options)

data/lib/action_view/helpers/cache_helper.rb

@@ -216,13 +216,13 @@ module ActionView
         end
       end
 
-      def digest_path_from_virtual(virtual_path) # :nodoc:
-        digest = Digestor.digest(name: virtual_path, finder: lookup_context, dependencies: view_cache_dependencies)
+      def digest_path_from_template(template) # :nodoc:
+        digest = Digestor.digest(name: template.virtual_path, format: template.format, finder: lookup_context, dependencies: view_cache_dependencies)
 
         if digest.present?
-          "#{virtual_path}:#{digest}"
+          "#{template.virtual_path}:#{digest}"
         else
-          virtual_path
+          template.virtual_path
         end
       end
 
@@ -234,7 +234,7 @@ module ActionView
         if virtual_path || digest_path
           name = controller.url_for(name).split("://").last if name.is_a?(Hash)
 
-          digest_path ||= digest_path_from_virtual(virtual_path)
+          digest_path ||= digest_path_from_template(@current_template)
 
           [ digest_path, name ]
         else

data/lib/action_view/helpers/csp_helper.rb

@@ -14,9 +14,11 @@ module ActionView
       # This is used by the Rails UJS helper to create dynamically
       # loaded inline <script> elements.
       #
-      def csp_meta_tag
+      def csp_meta_tag(**options)
         if content_security_policy?
-          tag("meta", name: "csp-nonce", content: content_security_policy_nonce)
+          options[:name] = "csp-nonce"
+          options[:content] = content_security_policy_nonce
+          tag("meta", options)
         end
       end
     end

data/lib/action_view/helpers/form_helper.rb

@@ -739,7 +739,7 @@ module ActionView
       #   def labelled_form_with(**options, &block)
       #     form_with(**options.merge(builder: LabellingFormBuilder), &block)
       #   end
-      def form_with(model: nil, scope: nil, url: nil, format: nil, **options)
+      def form_with(model: nil, scope: nil, url: nil, format: nil, **options, &block)
         options[:allow_method_names_outside_object] = true
         options[:skip_default_ids] = !form_with_generates_ids
 
@@ -752,7 +752,7 @@ module ActionView
 
         if block_given?
           builder = instantiate_builder(scope, model, options)
-          output  = capture(builder, &Proc.new)
+          output  = capture(builder, &block)
           options[:multipart] ||= builder.multipart?
 
           html_options = html_options_for_form_with(url, model, options)

data/lib/action_view/helpers/form_options_helper.rb

@@ -566,9 +566,10 @@ module ActionView
       # an ActiveSupport::TimeZone.
       #
       # By default, +model+ is the ActiveSupport::TimeZone constant (which can
-      # be obtained in Active Record as a value object). The only requirement
-      # is that the +model+ parameter be an object that responds to +all+, and
-      # returns an array of objects that represent time zones.
+      # be obtained in Active Record as a value object). The +model+ parameter
+      # must respond to +all+ and return an array of objects that represent time
+      # zones; each object must respond to +name+. If a Regexp is given it will
+      # attempt to match the zones using the <code>=~<code> operator.
       #
       # NOTE: Only the option tags are returned, you have to wrap this call in
       # a regular HTML select tag.

data/lib/action_view/helpers/form_tag_helper.rb

@@ -24,7 +24,7 @@ module ActionView
 
       mattr_accessor :default_enforce_utf8, default: true
 
-      # Starts a form tag that points the action to a url configured with <tt>url_for_options</tt> just like
+      # Starts a form tag that points the action to a URL configured with <tt>url_for_options</tt> just like
       # ActionController::Base#url_for. The method for the form defaults to POST.
       #
       # ==== Options
@@ -137,7 +137,8 @@ module ActionView
         html_name = (options[:multiple] == true && !name.to_s.ends_with?("[]")) ? "#{name}[]" : name
 
         if options.include?(:include_blank)
-          include_blank = options.delete(:include_blank)
+          include_blank = options[:include_blank]
+          options = options.except(:include_blank)
           options_for_blank_options_tag = { value: "" }
 
           if include_blank == true
@@ -165,6 +166,8 @@ module ActionView
       # * <tt>:size</tt> - The number of visible characters that will fit in the input.
       # * <tt>:maxlength</tt> - The maximum number of characters that the browser will allow the user to enter.
       # * <tt>:placeholder</tt> - The text contained in the field by default which is removed when the field receives focus.
+      #   If set to true, use a translation is found in the current I18n locale
+      #   (through helpers.placeholders.<modelname>.<attribute>).
       # * Any other key creates standard HTML attributes for the tag.
       #
       # ==== Examples

data/lib/action_view/helpers/output_safety_helper.rb

@@ -38,7 +38,7 @@ module ActionView #:nodoc:
 
       # Converts the array to a comma-separated sentence where the last element is
       # joined by the connector word. This is the html_safe-aware version of
-      # ActiveSupport's {Array#to_sentence}[http://api.rubyonrails.org/classes/Array.html#method-i-to_sentence].
+      # ActiveSupport's {Array#to_sentence}[https://api.rubyonrails.org/classes/Array.html#method-i-to_sentence].
       #
       def to_sentence(array, options = {})
         options.assert_valid_keys(:words_connector, :two_words_connector, :last_word_connector, :locale)

data/lib/action_view/helpers/rendering_helper.rb

@@ -27,10 +27,12 @@ module ActionView
       def render(options = {}, locals = {}, &block)
         case options
         when Hash
-          if block_given?
-            view_renderer.render_partial(self, options.merge(partial: options[:layout]), &block)
-          else
-            view_renderer.render(self, options)
+          in_rendering_context(options) do |renderer|
+            if block_given?
+              view_renderer.render_partial(self, options.merge(partial: options[:layout]), &block)
+            else
+              view_renderer.render(self, options)
+            end
           end
         else
           view_renderer.render_partial(self, partial: options, locals: locals, &block)

data/lib/action_view/helpers/sanitize_helper.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require "active_support/core_ext/object/try"
 require "rails-html-sanitizer"
 
 module ActionView
@@ -17,7 +16,7 @@ module ActionView
       # ASCII, and hex character references to work around these protocol filters.
       # All special characters will be escaped.
       #
-      # The default sanitizer is Rails::Html::WhiteListSanitizer. See {Rails HTML
+      # The default sanitizer is Rails::Html::SafeListSanitizer. See {Rails HTML
       # Sanitizers}[https://github.com/rails/rails-html-sanitizer] for more information.
       #
       # Custom sanitization rules can also be provided.
@@ -80,12 +79,12 @@ module ActionView
       #   config.action_view.sanitized_allowed_tags = ['strong', 'em', 'a']
       #   config.action_view.sanitized_allowed_attributes = ['href', 'title']
       def sanitize(html, options = {})
-        self.class.white_list_sanitizer.sanitize(html, options).try(:html_safe)
+        self.class.safe_list_sanitizer.sanitize(html, options)&.html_safe
       end
 
       # Sanitizes a block of CSS code. Used by +sanitize+ when it comes across a style attribute.
       def sanitize_css(style)
-        self.class.white_list_sanitizer.sanitize_css(style)
+        self.class.safe_list_sanitizer.sanitize_css(style)
       end
 
       # Strips all HTML tags from +html+, including comments and special characters.
@@ -123,20 +122,18 @@ module ActionView
       end
 
       module ClassMethods #:nodoc:
-        attr_writer :full_sanitizer, :link_sanitizer, :white_list_sanitizer
+        attr_writer :full_sanitizer, :link_sanitizer, :safe_list_sanitizer
 
-        # Vendors the full, link and white list sanitizers.
-        # Provided strictly for compatibility and can be removed in Rails 6.
         def sanitizer_vendor
           Rails::Html::Sanitizer
         end
 
         def sanitized_allowed_tags
-          sanitizer_vendor.white_list_sanitizer.allowed_tags
+          safe_list_sanitizer.allowed_tags
         end
 
         def sanitized_allowed_attributes
-          sanitizer_vendor.white_list_sanitizer.allowed_attributes
+          safe_list_sanitizer.allowed_attributes
         end
 
         # Gets the Rails::Html::FullSanitizer instance used by +strip_tags+. Replace with
@@ -145,7 +142,6 @@ module ActionView
         #   class Application < Rails::Application
         #     config.action_view.full_sanitizer = MySpecialSanitizer.new
         #   end
-        #
         def full_sanitizer
           @full_sanitizer ||= sanitizer_vendor.full_sanitizer.new
         end
@@ -156,20 +152,18 @@ module ActionView
         #   class Application < Rails::Application
         #     config.action_view.link_sanitizer = MySpecialSanitizer.new
         #   end
-        #
         def link_sanitizer
           @link_sanitizer ||= sanitizer_vendor.link_sanitizer.new
         end
 
-        # Gets the Rails::Html::WhiteListSanitizer instance used by sanitize and +sanitize_css+.
+        # Gets the Rails::Html::SafeListSanitizer instance used by sanitize and +sanitize_css+.
         # Replace with any object that responds to +sanitize+.
         #
         #   class Application < Rails::Application
-        #     config.action_view.white_list_sanitizer = MySpecialSanitizer.new
+        #     config.action_view.safe_list_sanitizer = MySpecialSanitizer.new
         #   end
-        #
-        def white_list_sanitizer
-          @white_list_sanitizer ||= sanitizer_vendor.white_list_sanitizer.new
+        def safe_list_sanitizer
+          @safe_list_sanitizer ||= sanitizer_vendor.safe_list_sanitizer.new
         end
       end
     end

data/lib/action_view/helpers/tag_helper.rb

@@ -88,7 +88,7 @@ module ActionView
           if value.is_a?(Array)
             value = escape ? safe_join(value, " ") : value.join(" ")
           else
-            value = escape ? ERB::Util.unwrapped_html_escape(value) : value.to_s.dup
+            value = escape ? ERB::Util.unwrapped_html_escape(value).dup : value.to_s.dup
           end
           value.gsub!('"', """)
           %(#{key}="#{value}")

data/lib/action_view/helpers/tags/base.rb

@@ -138,7 +138,7 @@ module ActionView
           end
 
           def sanitized_value(value)
-            value.to_s.gsub(/\s/, "_").gsub(/[^-[[:word:]]]/, "").mb_chars.downcase.to_s
+            value.to_s.gsub(/[\s\.]/, "_").gsub(/[^-[[:word:]]]/, "").downcase
           end
 
           def select_content_tag(option_tags, options, html_options)

data/lib/action_view/helpers/translation_helper.rb

@@ -60,7 +60,7 @@ module ActionView
       def translate(key, options = {})
         options = options.dup
         if options.has_key?(:default)
-          remaining_defaults = Array(options.delete(:default)).compact
+          remaining_defaults = Array.wrap(options.delete(:default)).compact
           options[:default] = remaining_defaults unless remaining_defaults.first.kind_of?(Symbol)
         end
 
@@ -114,7 +114,7 @@ module ActionView
 
       # Delegates to <tt>I18n.localize</tt> with no additional functionality.
       #
-      # See http://rubydoc.info/github/svenfuchs/i18n/master/I18n/Backend/Base:localize
+      # See https://www.rubydoc.info/github/svenfuchs/i18n/master/I18n/Backend/Base:localize
       # for more information.
       def localize(*args)
         I18n.localize(*args)
@@ -138,7 +138,7 @@ module ActionView
         end
 
         def html_safe_translation_key?(key)
-          /(\b|_|\.)html$/.match?(key.to_s)
+          /(?:_|\b)html\z/.match?(key.to_s)
         end
     end
   end

data/lib/action_view/helpers/url_helper.rb

@@ -253,7 +253,7 @@ module ActionView
       #   #      <input value="New" type="submit" />
       #   #    </form>"
       #
-      #   <%= button_to "New", new_articles_path %>
+      #   <%= button_to "New", new_article_path %>
       #   # => "<form method="post" action="/articles/new" class="button_to">
       #   #      <input value="New" type="submit" />
       #   #    </form>"
@@ -553,7 +553,7 @@ module ActionView
         url_string = URI.parser.unescape(url_for(options)).force_encoding(Encoding::BINARY)
 
         # We ignore any extra parameters in the request_uri if the
-        # submitted url doesn't have any either. This lets the function
+        # submitted URL doesn't have any either. This lets the function
         # work with things like ?order=asc
         # the behaviour can be disabled with check_parameters: true
         request_uri = url_string.index("?") || check_parameters ? request.fullpath : request.path

data/lib/action_view/layouts.rb

@@ -322,7 +322,7 @@ module ActionView
           end
 
         class_eval <<-RUBY, __FILE__, __LINE__ + 1
-          def _layout(formats)
+          def _layout(lookup_context, formats)
             if _conditional_layout?
               #{layout_definition}
             else
@@ -388,8 +388,8 @@ module ActionView
       case name
       when String     then _normalize_layout(name)
       when Proc       then name
-      when true       then Proc.new { |formats| _default_layout(formats, true)  }
-      when :default   then Proc.new { |formats| _default_layout(formats, false) }
+      when true       then Proc.new { |lookup_context, formats| _default_layout(lookup_context, formats, true)  }
+      when :default   then Proc.new { |lookup_context, formats| _default_layout(lookup_context, formats, false) }
       when false, nil then nil
       else
         raise ArgumentError,
@@ -411,9 +411,9 @@ module ActionView
     #
     # ==== Returns
     # * <tt>template</tt> - The template object for the default layout (or +nil+)
-    def _default_layout(formats, require_layout = false)
+    def _default_layout(lookup_context, formats, require_layout = false)
       begin
-        value = _layout(formats) if action_has_layout?
+        value = _layout(lookup_context, formats) if action_has_layout?
       rescue NameError => e
         raise e, "Could not render layout: #{e.message}"
       end

data/lib/action_view/lookup_context.rb

@@ -3,6 +3,7 @@
 require "concurrent/map"
 require "active_support/core_ext/module/remove_method"
 require "active_support/core_ext/module/attribute_accessors"
+require "active_support/deprecation"
 require "action_view/template/resolver"
 
 module ActionView
@@ -15,6 +16,8 @@ module ActionView
   # only once during the request, it speeds up all cache accesses.
   class LookupContext #:nodoc:
     attr_accessor :prefixes, :rendered_format
+    deprecate :rendered_format
+    deprecate :rendered_format=
 
     mattr_accessor :fallbacks, default: FallbackFileSystemResolver.instances
 
@@ -57,21 +60,36 @@ module ActionView
       alias :eql? :equal?
 
       @details_keys = Concurrent::Map.new
+      @digest_cache = Concurrent::Map.new
 
-      def self.get(details)
+      def self.digest_cache(details)
+        @digest_cache[details_cache_key(details)] ||= Concurrent::Map.new
+      end
+
+      def self.details_cache_key(details)
         if details[:formats]
           details = details.dup
           details[:formats] &= Template::Types.symbols
         end
-        @details_keys[details] ||= Concurrent::Map.new
+        @details_keys[details] ||= Object.new
       end
 
       def self.clear
+        ActionView::ViewPaths.all_view_paths.each do |path_set|
+          path_set.each(&:clear_cache)
+        end
+        ActionView::LookupContext.fallbacks.each(&:clear_cache)
+        @view_context_class = nil
         @details_keys.clear
+        @digest_cache.clear
       end
 
       def self.digest_caches
-        @details_keys.values
+        @digest_cache.values
+      end
+
+      def self.view_context_class(klass)
+        @view_context_class ||= klass.with_empty_template_cache
       end
     end
 
@@ -82,7 +100,7 @@ module ActionView
       # Calculate the details key. Remove the handlers from calculation to improve performance
       # since the user cannot modify it explicitly.
       def details_key #:nodoc:
-        @details_key ||= DetailsKey.get(@details) if @cache
+        @details_key ||= DetailsKey.details_cache_key(@details) if @cache
       end
 
       # Temporary skip passing the details_key forward.
@@ -96,7 +114,8 @@ module ActionView
     private
 
       def _set_detail(key, value) # :doc:
-        @details = @details.dup if @details_key
+        @details = @details.dup if @digest_cache || @details_key
+        @digest_cache = nil
         @details_key = nil
         @details[key] = value
       end
@@ -106,20 +125,13 @@ module ActionView
     module ViewPaths
       attr_reader :view_paths, :html_fallback_for_js
 
-      # Whenever setting view paths, makes a copy so that we can manipulate them in
-      # instance objects as we wish.
-      def view_paths=(paths)
-        @view_paths = ActionView::PathSet.new(Array(paths))
-      end
-
       def find(name, prefixes = [], partial = false, keys = [], options = {})
         @view_paths.find(*args_for_lookup(name, prefixes, partial, keys, options))
       end
       alias :find_template :find
 
-      def find_file(name, prefixes = [], partial = false, keys = [], options = {})
-        @view_paths.find_file(*args_for_lookup(name, prefixes, partial, keys, options))
-      end
+      alias :find_file :find
+      deprecate :find_file
 
       def find_all(name, prefixes = [], partial = false, keys = [], options = {})
         @view_paths.find_all(*args_for_lookup(name, prefixes, partial, keys, options))
@@ -138,19 +150,34 @@ module ActionView
       # Adds fallbacks to the view paths. Useful in cases when you are rendering
       # a :file.
       def with_fallbacks
-        added_resolvers = 0
-        self.class.fallbacks.each do |resolver|
-          next if view_paths.include?(resolver)
-          view_paths.push(resolver)
-          added_resolvers += 1
+        view_paths = build_view_paths((@view_paths.paths + self.class.fallbacks).uniq)
+
+        if block_given?
+          ActiveSupport::Deprecation.warn <<~eowarn.squish
+          Calling `with_fallbacks` with a block is deprecated.  Call methods on
+          the lookup context returned by `with_fallbacks` instead.
+          eowarn
+
+          begin
+            _view_paths = @view_paths
+            @view_paths = view_paths
+            yield
+          ensure
+            @view_paths = _view_paths
+          end
+        else
+          ActionView::LookupContext.new(view_paths, @details, @prefixes)
         end
-        yield
-      ensure
-        added_resolvers.times { view_paths.pop }
       end
 
     private
 
+      # Whenever setting view paths, makes a copy so that we can manipulate them in
+      # instance objects as we wish.
+      def build_view_paths(paths)
+        ActionView::PathSet.new(Array(paths))
+      end
+
       def args_for_lookup(name, prefixes, partial, keys, details_options)
         name, prefixes = normalize_name(name, prefixes)
         details, details_key = detail_args_for(details_options)
@@ -163,7 +190,7 @@ module ActionView
         user_details = @details.merge(options)
 
         if @cache
-          details_key = DetailsKey.get(user_details)
+          details_key = DetailsKey.details_cache_key(user_details)
         else
           details_key = nil
         end
@@ -190,7 +217,7 @@ module ActionView
           end
 
           if @cache
-            [details, DetailsKey.get(details)]
+            [details, DetailsKey.details_cache_key(details)]
           else
             [details, nil]
           end
@@ -221,16 +248,23 @@ module ActionView
 
     def initialize(view_paths, details = {}, prefixes = [])
       @details_key = nil
+      @digest_cache = nil
       @cache = true
       @prefixes = prefixes
-      @rendered_format = nil
 
       @details = initialize_details({}, details)
-      self.view_paths = view_paths
+      @view_paths = build_view_paths(view_paths)
     end
 
     def digest_cache
-      details_key
+      @digest_cache ||= DetailsKey.digest_cache(@details)
+    end
+
+    def with_prepended_formats(formats)
+      details = @details.dup
+      details[:formats] = formats
+
+      self.class.new(@view_paths, details, @prefixes)
     end
 
     def initialize_details(target, details)
@@ -245,7 +279,15 @@ module ActionView
     # add :html as fallback to :js.
     def formats=(values)
       if values
+        values = values.dup
         values.concat(default_formats) if values.delete "*/*"
+        values.uniq!
+
+        invalid_values = (values - Template::Types.symbols)
+        unless invalid_values.empty?
+          raise ArgumentError, "Invalid formats: #{invalid_values.map(&:inspect).join(", ")}"
+        end
+
         if values == [:js]
           values << :html
           @html_fallback_for_js = true