activestorage 6.0.2.1 → 6.0.3.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activestorage might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +19 -0
- data/README.md +1 -1
- data/app/assets/javascripts/activestorage.js +1 -1
- data/app/controllers/active_storage/direct_uploads_controller.rb +1 -1
- data/app/javascript/activestorage/blob_record.js +1 -1
- data/app/models/active_storage/blob/identifiable.rb +1 -1
- data/app/models/active_storage/preview.rb +6 -2
- data/lib/active_storage/attached/changes/create_one.rb +1 -1
- data/lib/active_storage/attached/model.rb +4 -0
- data/lib/active_storage/gem_version.rb +2 -2
- data/lib/active_storage/previewer/video_previewer.rb +15 -7
- data/lib/active_storage/service.rb +2 -2
- data/lib/active_storage/service/disk_service.rb +4 -4
- data/lib/active_storage/service/gcs_service.rb +1 -1
- data/lib/active_storage/service/s3_service.rb +2 -1
- metadata +16 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0201be845342ab029ab19a48aed55dc8e254a87611f32632df72c334ed071535
|
4
|
+
data.tar.gz: 5b9f381db489cc918100e89ca125a0c91a0b8a02e950674e044732934ee14fbe
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e5c89181fc7520514424d9b925ca7396a0bb867cc9a84ea3158c595dc3ad7f4306960c7aafbe3a1f7fbde00b8683a400847dd58c325e20630c665c4387fe0ccb
|
7
|
+
data.tar.gz: 9273fdc303351ea90cdf9c888742336305c908f93469076d531879223d8329daf7bd1b340edf687bd53dba3a11111d58ae158ec4c469fcb94933aaa5e1e538a0
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,22 @@
|
|
1
|
+
## Rails 6.0.3.2 (June 17, 2020) ##
|
2
|
+
|
3
|
+
* No changes.
|
4
|
+
|
5
|
+
|
6
|
+
## Rails 6.0.3.1 (May 18, 2020) ##
|
7
|
+
|
8
|
+
* [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
|
9
|
+
|
10
|
+
## Rails 6.0.3 (May 06, 2020) ##
|
11
|
+
|
12
|
+
* No changes.
|
13
|
+
|
14
|
+
|
15
|
+
## Rails 6.0.2.2 (March 19, 2020) ##
|
16
|
+
|
17
|
+
* No changes.
|
18
|
+
|
19
|
+
|
1
20
|
## Rails 6.0.2.1 (December 18, 2019) ##
|
2
21
|
|
3
22
|
* No changes.
|
data/README.md
CHANGED
@@ -159,4 +159,4 @@ Bug reports for the Ruby on Rails project can be filed here:
|
|
159
159
|
|
160
160
|
Feature requests should be discussed on the rails-core mailing list here:
|
161
161
|
|
162
|
-
* https://
|
162
|
+
* https://discuss.rubyonrails.org/c/rubyonrails-core
|
@@ -5,7 +5,7 @@
|
|
5
5
|
# the blob that was created up front.
|
6
6
|
class ActiveStorage::DirectUploadsController < ActiveStorage::BaseController
|
7
7
|
def create
|
8
|
-
blob = ActiveStorage::Blob.create_before_direct_upload!(blob_args)
|
8
|
+
blob = ActiveStorage::Blob.create_before_direct_upload!(**blob_args)
|
9
9
|
render json: direct_upload_json(blob)
|
10
10
|
end
|
11
11
|
|
@@ -59,7 +59,7 @@ class ActiveStorage::Preview
|
|
59
59
|
# a stable URL that redirects to the short-lived URL returned by this method.
|
60
60
|
def service_url(**options)
|
61
61
|
if processed?
|
62
|
-
variant.service_url(options)
|
62
|
+
variant.service_url(**options)
|
63
63
|
else
|
64
64
|
raise UnprocessedError
|
65
65
|
end
|
@@ -71,7 +71,11 @@ class ActiveStorage::Preview
|
|
71
71
|
end
|
72
72
|
|
73
73
|
def process
|
74
|
-
previewer.preview
|
74
|
+
previewer.preview do |attachable|
|
75
|
+
ActiveRecord::Base.connected_to(role: ActiveRecord::Base.writing_role) do
|
76
|
+
image.attach(attachable)
|
77
|
+
end
|
78
|
+
end
|
75
79
|
end
|
76
80
|
|
77
81
|
def variant
|
@@ -58,7 +58,7 @@ module ActiveStorage
|
|
58
58
|
filename: attachable.original_filename,
|
59
59
|
content_type: attachable.content_type
|
60
60
|
when Hash
|
61
|
-
ActiveStorage::Blob.build_after_unfurling(attachable)
|
61
|
+
ActiveStorage::Blob.build_after_unfurling(**attachable)
|
62
62
|
when String
|
63
63
|
ActiveStorage::Blob.find_signed(attachable)
|
64
64
|
else
|
@@ -2,8 +2,20 @@
|
|
2
2
|
|
3
3
|
module ActiveStorage
|
4
4
|
class Previewer::VideoPreviewer < Previewer
|
5
|
-
|
6
|
-
blob
|
5
|
+
class << self
|
6
|
+
def accept?(blob)
|
7
|
+
blob.video? && ffmpeg_exists?
|
8
|
+
end
|
9
|
+
|
10
|
+
def ffmpeg_exists?
|
11
|
+
return @ffmpeg_exists if defined?(@ffmpeg_exists)
|
12
|
+
|
13
|
+
@ffmpeg_exists = system(ffmpeg_path, "-version", out: File::NULL, err: File::NULL)
|
14
|
+
end
|
15
|
+
|
16
|
+
def ffmpeg_path
|
17
|
+
ActiveStorage.paths[:ffmpeg] || "ffmpeg"
|
18
|
+
end
|
7
19
|
end
|
8
20
|
|
9
21
|
def preview
|
@@ -16,11 +28,7 @@ module ActiveStorage
|
|
16
28
|
|
17
29
|
private
|
18
30
|
def draw_relevant_frame_from(file, &block)
|
19
|
-
draw ffmpeg_path, "-i", file.path, "-y", "-vframes", "1", "-f", "image2", "-", &block
|
20
|
-
end
|
21
|
-
|
22
|
-
def ffmpeg_path
|
23
|
-
ActiveStorage.paths[:ffmpeg] || "ffmpeg"
|
31
|
+
draw self.class.ffmpeg_path, "-i", file.path, "-y", "-vframes", "1", "-f", "image2", "-", &block
|
24
32
|
end
|
25
33
|
end
|
26
34
|
end
|
@@ -82,8 +82,8 @@ module ActiveStorage
|
|
82
82
|
raise NotImplementedError
|
83
83
|
end
|
84
84
|
|
85
|
-
def open(*args, &block)
|
86
|
-
ActiveStorage::Downloader.new(self).open(*args, &block)
|
85
|
+
def open(*args, **options, &block)
|
86
|
+
ActiveStorage::Downloader.new(self).open(*args, **options, &block)
|
87
87
|
end
|
88
88
|
|
89
89
|
# Delete the file at the +key+.
|
@@ -80,8 +80,8 @@ module ActiveStorage
|
|
80
80
|
disposition: content_disposition,
|
81
81
|
content_type: content_type
|
82
82
|
},
|
83
|
-
|
84
|
-
purpose: :blob_key
|
83
|
+
expires_in: expires_in,
|
84
|
+
purpose: :blob_key
|
85
85
|
)
|
86
86
|
|
87
87
|
current_uri = URI.parse(current_host)
|
@@ -109,8 +109,8 @@ module ActiveStorage
|
|
109
109
|
content_length: content_length,
|
110
110
|
checksum: checksum
|
111
111
|
},
|
112
|
-
|
113
|
-
purpose: :blob_token
|
112
|
+
expires_in: expires_in,
|
113
|
+
purpose: :blob_token
|
114
114
|
)
|
115
115
|
|
116
116
|
generated_url = url_helpers.update_rails_disk_service_url(verified_token_with_expiration, host: current_host)
|
@@ -81,7 +81,8 @@ module ActiveStorage
|
|
81
81
|
def url_for_direct_upload(key, expires_in:, content_type:, content_length:, checksum:)
|
82
82
|
instrument :url, key: key do |payload|
|
83
83
|
generated_url = object_for(key).presigned_url :put, expires_in: expires_in.to_i,
|
84
|
-
content_type: content_type, content_length: content_length, content_md5: checksum
|
84
|
+
content_type: content_type, content_length: content_length, content_md5: checksum,
|
85
|
+
whitelist_headers: ['content-length']
|
85
86
|
|
86
87
|
payload[:url] = generated_url
|
87
88
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: activestorage
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.0.2
|
4
|
+
version: 6.0.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-06-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: actionpack
|
@@ -16,42 +16,42 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 6.0.2
|
19
|
+
version: 6.0.3.2
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 6.0.2
|
26
|
+
version: 6.0.3.2
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: activejob
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 6.0.2
|
33
|
+
version: 6.0.3.2
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 6.0.2
|
40
|
+
version: 6.0.3.2
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: activerecord
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
45
|
- - '='
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 6.0.2
|
47
|
+
version: 6.0.3.2
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - '='
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 6.0.2
|
54
|
+
version: 6.0.3.2
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: marcel
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -151,11 +151,11 @@ licenses:
|
|
151
151
|
- MIT
|
152
152
|
metadata:
|
153
153
|
bug_tracker_uri: https://github.com/rails/rails/issues
|
154
|
-
changelog_uri: https://github.com/rails/rails/blob/v6.0.2
|
155
|
-
documentation_uri: https://api.rubyonrails.org/v6.0.2
|
156
|
-
mailing_list_uri: https://
|
157
|
-
source_code_uri: https://github.com/rails/rails/tree/v6.0.2
|
158
|
-
post_install_message:
|
154
|
+
changelog_uri: https://github.com/rails/rails/blob/v6.0.3.2/activestorage/CHANGELOG.md
|
155
|
+
documentation_uri: https://api.rubyonrails.org/v6.0.3.2/
|
156
|
+
mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
|
157
|
+
source_code_uri: https://github.com/rails/rails/tree/v6.0.3.2/activestorage
|
158
|
+
post_install_message:
|
159
159
|
rdoc_options: []
|
160
160
|
require_paths:
|
161
161
|
- lib
|
@@ -170,8 +170,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
170
170
|
- !ruby/object:Gem::Version
|
171
171
|
version: '0'
|
172
172
|
requirements: []
|
173
|
-
rubygems_version: 3.
|
174
|
-
signing_key:
|
173
|
+
rubygems_version: 3.1.2
|
174
|
+
signing_key:
|
175
175
|
specification_version: 4
|
176
176
|
summary: Local and cloud file storage framework.
|
177
177
|
test_files: []
|