actionview 5.0.0.1 → 5.0.1.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eef6f68f50be30f192b6db928ae5bae09efa6471
-  data.tar.gz: 538a821d9fcfc3d4f3caf44394120b5dadd0ecec
+  metadata.gz: 72d354dd1600d2bd3a6b748947dc6e5178c930e0
+  data.tar.gz: 86768dbfffe647ce3b7161bb6fec7f4e8aaae67d
 SHA512:
-  metadata.gz: eee6abcea24bea2ceeb02d90831600aca3c152468fcd8ee2a57422458238ccf0cc8ad02f357620a896ed4070bf978c726cc61eef63cbfb7dd63c7c069ea6131d
-  data.tar.gz: 838399475575bde9589e8801461392cab0d733e98e13250e7819bc39755766635c7f963dd928199aea1e4e3eb74a52ab9cd2b2ff6699813eef110d7a06616965
+  metadata.gz: a966cb46db779ce5bcffc2f83d7770036ed6752dbfe0dbf497bdc971e0fcf70c91abcdc0e554bf6fc5c0166bb4e2f29b3363785dd88bdb17568ec559bbf15fa3
+  data.tar.gz: 540ba24650be60525c4bf012418a925cc3c0b37a759c0a634d403d7eb096643a7f1518a3ba452a19f9759b3dd42dd094c12d6745d06b19df980c2313aabbf893

data/CHANGELOG.md

@@ -1,5 +1,59 @@
+## Rails 5.0.1.rc1 (December 01, 2016) ##
+
+*   Fix support to `ActionController::Parameters` in `button_to`.
+
+    *Jon Moss*
+
+*   Render now accepts any keys for locals, including reserved words
+
+    Only locals with valid variable names get set directly. Others
+    will still be available in local_assigns.
+
+    Example of render with reserved words:
+
+    ```erb
+    <%= render "example", class: "text-center", message: "Hello world!" %>
+
+    <!-- _example.html.erb: -->
+    <%= tag.div class: local_assigns[:class] do %>
+      <p><%= message %></p>
+    <% end %>
+    ```
+
+    *Peter Schilling*, *Matthew Draper*
+
+*   Changed partial rendering with a collection to allow collections which
+    implement `to_a`.
+
+    Extracting the collection option had an optimization to avoid unnecessary
+    queries of ActiveRecord Relations by calling `#to_ary` on the given
+    collection. Instances of `Enumerator` or `Enumerable` are valid
+    collections, but they do not implement `#to_ary`. By changing this to
+    `#to_a`, they will now be extracted and rendered as expected.
+
+    *Steven Harman*
+
+*   Fix `ActionView::Helpers#current_page?` to work properly even with
+    a trailing slash.
+
+    Fixes #19472.
+
+    *Stan Lo*
+
+
 ## Rails 5.0.0 (June 30, 2016) ##
 
+*   Changed partial rendering with a collection to allow collections which
+    implement `to_a`.
+
+    Extracting the collection option had an optimization to avoid unnecessary
+    queries of ActiveRecord Relations by calling `#to_ary` on the given
+    collection. Instances of `Enumerator` or `Enumerable` are valid
+    collections, but they do not implement `#to_ary`. By changing this to
+    `#to_a`, they will now be extracted and rendered as expected.
+
+    *Steven Harman*
+
 *   Change `datetime_field` and `datetime_field_tag` to generate `datetime-local` fields.
 
     As a new specification of the HTML 5 the text field type `datetime` will no longer exist
@@ -292,7 +346,7 @@
 
     *Todd Bealmear*
 
-*   Allow to pass a string value to `size` option in `image_tag` and `video_tag`.
+*   Allow to pass an integer value to `size` option in `image_tag` and `video_tag`.
 
     This makes the behavior more consistent with `width` or `height` options.
 

data/README.rdoc

@@ -13,7 +13,7 @@ The latest version of Action View can be installed with RubyGems:
 
 Source code can be downloaded as part of the Rails project on GitHub
 
-* https://github.com/rails/rails/tree/master/actionview
+* https://github.com/rails/rails/tree/5-0-stable/actionview
 
 
 == License

data/lib/action_view/digestor.rb

@@ -6,6 +6,12 @@ module ActionView
   class Digestor
     @@digest_mutex   = Mutex.new
 
+    module PerExecutionDigestCacheExpiry
+      def self.before(target)
+        ActionView::LookupContext::DetailsKey.clear
+      end
+    end
+
     class << self
       # Supported options:
       #
@@ -42,8 +48,7 @@ module ActionView
         options = {}
         options[:formats] = [finder.rendered_format] if finder.rendered_format
 
-        if finder.disable_cache { finder.exists?(logical_name, [], partial, [], options) }
-          template = finder.disable_cache { finder.find(logical_name, [], partial, [], options) }
+        if template = finder.disable_cache { finder.find_all(logical_name, [], partial, [], options).first }
           finder.rendered_format ||= template.formats.first
 
           if node = seen[template.identifier] # handle cycles in the tree

data/lib/action_view/gem_version.rb

@@ -7,8 +7,8 @@ module ActionView
   module VERSION
     MAJOR = 5
     MINOR = 0
-    TINY  = 0
-    PRE   = "1"
+    TINY  = 1
+    PRE   = "rc1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/action_view/helpers/tag_helper.rb

@@ -187,9 +187,9 @@ module ActionView
           if value.is_a?(Array)
             value = escape ? safe_join(value, " ".freeze) : value.join(" ".freeze)
           else
-            value = escape ? ERB::Util.unwrapped_html_escape(value) : value
+            value = escape ? ERB::Util.unwrapped_html_escape(value) : value.to_s
           end
-          %(#{key}="#{value.gsub(/"/, '"'.freeze)}")
+          %(#{key}="#{value.gsub('"'.freeze, '"'.freeze)}")
         end
     end
   end

data/lib/action_view/helpers/text_helper.rb

@@ -225,14 +225,7 @@ module ActionView
       #
       #   pluralize(2, 'Person', locale: :de)
       #   # => 2 Personen
-      def pluralize(count, singular, deprecated_plural = nil, plural: nil, locale: I18n.locale)
-        if deprecated_plural
-          ActiveSupport::Deprecation.warn("Passing plural as a positional argument " \
-            "is deprecated and will be removed in Rails 5.1. Use e.g. " \
-            "pluralize(1, 'person', plural: 'people') instead.")
-          plural ||= deprecated_plural
-        end
-
+      def pluralize(count, singular, plural_arg = nil, plural: plural_arg, locale: I18n.locale)
         word = if (count == 1 || count =~ /^1(\.0+)?$/)
           singular
         else

data/lib/action_view/helpers/url_helper.rb

@@ -548,6 +548,8 @@ module ActionView
         request_uri = url_string.index("?") ? request.fullpath : request.path
         request_uri = URI.parser.unescape(request_uri).force_encoding(Encoding::BINARY)
 
+        url_string.chomp!("/") if url_string.start_with?("/") && url_string != "/"
+
         if url_string =~ /^\w+:\/\//
           url_string == "#{request.protocol}#{request.host_with_port}#{request_uri}"
         else
@@ -614,6 +616,17 @@ module ActionView
         #   to_form_params({ name: 'Denmark' }, 'country')
         #   # => [{name: 'country[name]', value: 'Denmark'}]
         def to_form_params(attribute, namespace = nil) # :nodoc:
+          attribute = if attribute.respond_to?(:permitted?)
+            unless attribute.permitted?
+              raise ArgumentError, "Attempting to generate a buttom from non-sanitized request parameters!" \
+                " Whitelist and sanitize passed parameters to be secure."
+            end
+
+            attribute.to_h
+          else
+            attribute
+          end
+
           params = []
           case attribute
           when Hash

data/lib/action_view/railtie.rb

@@ -40,7 +40,7 @@ module ActionView
     initializer "action_view.per_request_digest_cache" do |app|
       ActiveSupport.on_load(:action_view) do
         if app.config.consider_all_requests_local
-          app.executor.to_run { ActionView::LookupContext::DetailsKey.clear }
+          app.executor.to_run ActionView::Digestor::PerExecutionDigestCacheExpiry
         end
       end
     end

data/lib/action_view/renderer/partial_renderer.rb

@@ -403,7 +403,7 @@ module ActionView
     def collection_from_options
       if @options.key?(:collection)
         collection = @options[:collection]
-        collection.respond_to?(:to_ary) ? collection.to_ary : []
+        collection ? collection.to_a : []
       end
     end
 

data/lib/action_view/template.rb

@@ -1,6 +1,7 @@
-require 'active_support/core_ext/object/try'
-require 'active_support/core_ext/kernel/singleton_class'
-require 'thread'
+require "active_support/core_ext/object/try"
+require "active_support/core_ext/kernel/singleton_class"
+require "active_support/core_ext/module/delegation"
+require "thread"
 
 module ActionView
   # = Action View Template
@@ -325,8 +326,13 @@ module ActionView
       end
 
       def locals_code #:nodoc:
+        # Only locals with valid variable names get set directly. Others will
+        # still be available in local_assigns.
+        locals = @locals.to_set - Module::DELEGATION_RESERVED_METHOD_NAMES
+        locals = locals.grep(/\A(?![A-Z0-9])(?:[[:alnum:]_]|[^\0-\177])+\z/)
+
         # Double assign to suppress the dreaded 'assigned but unused variable' warning
-        @locals.each_with_object('') { |key, code| code << "#{key} = #{key} = local_assigns[:#{key}];" }
+        locals.each_with_object("") { |key, code| code << "#{key} = #{key} = local_assigns[:#{key}];" }
       end
 
       def method_name #:nodoc:

data/lib/action_view/test_case.rb

@@ -153,6 +153,7 @@ module ActionView
 
       included do
         setup :setup_with_controller
+        ActiveSupport.run_load_hooks(:action_view_test_case, self)
       end
 
     private

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: actionview
 version: !ruby/object:Gem::Version
-  version: 5.0.0.1
+  version: 5.0.1.rc1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-10 00:00:00.000000000 Z
+date: 2016-11-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0.1
+        version: 5.0.1.rc1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0.1
+        version: 5.0.1.rc1
 - !ruby/object:Gem::Dependency
   name: builder
   requirement: !ruby/object:Gem::Requirement
@@ -92,28 +92,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0.1
+        version: 5.0.1.rc1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0.1
+        version: 5.0.1.rc1
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0.1
+        version: 5.0.1.rc1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0.1
+        version: 5.0.1.rc1
 description: Simple, battle-tested conventions and helpers for building web pages.
 email: david@loudthinking.com
 executables: []
@@ -238,15 +238,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.2.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements:
 - none
 rubyforge_project: 
-rubygems_version: 2.6.6
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Rendering framework putting the V in MVC (part of Rails).
 test_files: []
-has_rdoc: