activestorage 7.0.0.rc3 → 7.0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e315b41277b62cc064dd97bfde10fbd93e832afafc5fca1674221b56215422e
-  data.tar.gz: d15f735afe301059a83535bc79755e26f0b8d512218db54f96646354cc0e90a2
+  metadata.gz: 3d9df0f86c676632d14361aeb9d1ac834834c5888d601084408f8c07c8b52c56
+  data.tar.gz: f635cc43298bc0574332bd15442ad5b2922dc243773100b215badfdd54dbc5a7
 SHA512:
-  metadata.gz: 5880af2744d950125bb7a555d9e0c62170bcb37d4fa464207f14a59d0f9dad6c2db702442196eed57824ae9469855eca1582f8e05d822153a0d762e97bba854d
-  data.tar.gz: 511a9174035ee239e44bcae22ec0b6ea27032dbd3fe9a084c2ca5d96c710747af08566f69b7c2b7f82e0738b00fafffd93ab6f1d133efba28038e1181c0c43bc
+  metadata.gz: f41a19838f26239a1739f1c2c977fbbf16d037eac381701b2cff6650a0704bc955835c31aa0a3be02fe061329f21c3a0b9199ed2ca8758a94af00cbecd953470
+  data.tar.gz: 7fae947ad43e2995c637ee3b6304702ebfc797de47fd99ddb4101e21edf6b7e026f47518bf56d0ebfdf058a324b63e8f734026d03f1e49399a81607cc5642888

data/CHANGELOG.md

@@ -1,3 +1,40 @@
+## Rails 7.0.2.1 (February 11, 2022) ##
+
+*   No changes.
+
+
+## Rails 7.0.2 (February 08, 2022) ##
+
+*   Revert the ability to pass `service_name` param to `DirectUploadsController` which was introduced
+    in 7.0.0.
+
+    That change caused a lot of problems to upgrade Rails applications so we decided to remove it
+    while in work in a more backwards compatible implementation.
+
+    *Gannon McGibbon*
+
+*   Allow applications to opt out of precompiling Active Storage JavaScript assets.
+
+    *jlestavel*
+
+
+## Rails 7.0.1 (January 06, 2022) ##
+
+*   No changes.
+
+
+## Rails 7.0.0 (December 15, 2021) ##
+
+*   Support transforming empty-ish `has_many_attached` value into `[]` (e.g. `[""]`).
+
+    ```ruby
+    @user.highlights = [""]
+    @user.highlights # => []
+    ```
+
+    *Sean Doyle*
+
+
 ## Rails 7.0.0.rc3 (December 14, 2021) ##
 
 *   No changes.
@@ -5,6 +42,10 @@
 
 ## Rails 7.0.0.rc2 (December 14, 2021) ##
 
+*   No changes.
+
+## Rails 7.0.0.rc1 (December 06, 2021) ##
+
 *   `Add ActiveStorage::Blob.compose` to concatenate multiple blobs.
 
     *Gannon McGibbon*

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2017-2021 David Heinemeier Hansson, Basecamp
+Copyright (c) 2017-2022 David Heinemeier Hansson, Basecamp
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/app/assets/javascripts/activestorage.esm.js

@@ -508,7 +508,7 @@ function toArray(value) {
 }
 
 class BlobRecord {
-  constructor(file, checksum, url, directUploadToken, attachmentName) {
+  constructor(file, checksum, url) {
     this.file = file;
     this.attributes = {
       filename: file.name,
@@ -516,8 +516,6 @@ class BlobRecord {
       byte_size: file.size,
       checksum: checksum
     };
-    this.directUploadToken = directUploadToken;
-    this.attachmentName = attachmentName;
     this.xhr = new XMLHttpRequest;
     this.xhr.open("POST", url, true);
     this.xhr.responseType = "json";
@@ -545,9 +543,7 @@ class BlobRecord {
   create(callback) {
     this.callback = callback;
     this.xhr.send(JSON.stringify({
-      blob: this.attributes,
-      direct_upload_token: this.directUploadToken,
-      attachment_name: this.attachmentName
+      blob: this.attributes
     }));
   }
   requestDidLoad(event) {
@@ -608,12 +604,10 @@ class BlobUpload {
 let id = 0;
 
 class DirectUpload {
-  constructor(file, url, serviceName, attachmentName, delegate) {
+  constructor(file, url, delegate) {
     this.id = ++id;
     this.file = file;
     this.url = url;
-    this.serviceName = serviceName;
-    this.attachmentName = attachmentName;
     this.delegate = delegate;
   }
   create(callback) {
@@ -622,7 +616,7 @@ class DirectUpload {
         callback(error);
         return;
       }
-      const blob = new BlobRecord(this.file, checksum, this.url, this.serviceName, this.attachmentName);
+      const blob = new BlobRecord(this.file, checksum, this.url);
       notify(this.delegate, "directUploadWillCreateBlobWithXHR", blob.xhr);
       blob.create((error => {
         if (error) {
@@ -653,7 +647,7 @@ class DirectUploadController {
   constructor(input, file) {
     this.input = input;
     this.file = file;
-    this.directUpload = new DirectUpload(this.file, this.url, this.directUploadToken, this.attachmentName, this);
+    this.directUpload = new DirectUpload(this.file, this.url, this);
     this.dispatch("initialize");
   }
   start(callback) {
@@ -684,12 +678,6 @@ class DirectUploadController {
   get url() {
     return this.input.getAttribute("data-direct-upload-url");
   }
-  get directUploadToken() {
-    return this.input.getAttribute("data-direct-upload-token");
-  }
-  get attachmentName() {
-    return this.input.getAttribute("data-direct-upload-attachment-name");
-  }
   dispatch(name, detail = {}) {
     detail.file = this.file;
     detail.id = this.directUpload.id;

data/app/assets/javascripts/activestorage.js

@@ -503,7 +503,7 @@
     }
   }
   class BlobRecord {
-    constructor(file, checksum, url, directUploadToken, attachmentName) {
+    constructor(file, checksum, url) {
       this.file = file;
       this.attributes = {
         filename: file.name,
@@ -511,8 +511,6 @@
         byte_size: file.size,
         checksum: checksum
       };
-      this.directUploadToken = directUploadToken;
-      this.attachmentName = attachmentName;
       this.xhr = new XMLHttpRequest;
       this.xhr.open("POST", url, true);
       this.xhr.responseType = "json";
@@ -540,9 +538,7 @@
     create(callback) {
       this.callback = callback;
       this.xhr.send(JSON.stringify({
-        blob: this.attributes,
-        direct_upload_token: this.directUploadToken,
-        attachment_name: this.attachmentName
+        blob: this.attributes
       }));
     }
     requestDidLoad(event) {
@@ -600,12 +596,10 @@
   }
   let id = 0;
   class DirectUpload {
-    constructor(file, url, serviceName, attachmentName, delegate) {
+    constructor(file, url, delegate) {
       this.id = ++id;
       this.file = file;
       this.url = url;
-      this.serviceName = serviceName;
-      this.attachmentName = attachmentName;
       this.delegate = delegate;
     }
     create(callback) {
@@ -614,7 +608,7 @@
           callback(error);
           return;
         }
-        const blob = new BlobRecord(this.file, checksum, this.url, this.serviceName, this.attachmentName);
+        const blob = new BlobRecord(this.file, checksum, this.url);
         notify(this.delegate, "directUploadWillCreateBlobWithXHR", blob.xhr);
         blob.create((error => {
           if (error) {
@@ -643,7 +637,7 @@
     constructor(input, file) {
       this.input = input;
       this.file = file;
-      this.directUpload = new DirectUpload(this.file, this.url, this.directUploadToken, this.attachmentName, this);
+      this.directUpload = new DirectUpload(this.file, this.url, this);
       this.dispatch("initialize");
     }
     start(callback) {
@@ -674,12 +668,6 @@
     get url() {
       return this.input.getAttribute("data-direct-upload-url");
     }
-    get directUploadToken() {
-      return this.input.getAttribute("data-direct-upload-token");
-    }
-    get attachmentName() {
-      return this.input.getAttribute("data-direct-upload-attachment-name");
-    }
     dispatch(name, detail = {}) {
       detail.file = this.file;
       detail.id = this.directUpload.id;

data/app/controllers/active_storage/blobs/proxy_controller.rb

@@ -5,7 +5,7 @@
 # WARNING: All Active Storage controllers are publicly accessible by default. The
 # generated URLs are hard to guess, but permanent by design. If your files
 # require a higher level of protection consider implementing
-# {Authenticated Controllers}[https://edgeguides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
+# {Authenticated Controllers}[https://guides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
 class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
   include ActiveStorage::SetBlob
 
@@ -17,7 +17,7 @@ class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
         response.headers["Accept-Ranges"] = "bytes"
         response.headers["Content-Length"] = @blob.byte_size.to_s
 
-        send_blob_stream @blob
+        send_blob_stream @blob, disposition: params[:disposition]
       end
     end
   end

data/app/controllers/active_storage/blobs/redirect_controller.rb

@@ -5,7 +5,7 @@
 # WARNING: All Active Storage controllers are publicly accessible by default. The
 # generated URLs are hard to guess, but permanent by design. If your files
 # require a higher level of protection consider implementing
-# {Authenticated Controllers}[https://edgeguides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
+# {Authenticated Controllers}[https://guides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
 class ActiveStorage::Blobs::RedirectController < ActiveStorage::BaseController
   include ActiveStorage::SetBlob
 

data/app/controllers/active_storage/direct_uploads_controller.rb

@@ -4,10 +4,8 @@
 # When the client-side upload is completed, the signed_blob_id can be submitted as part of the form to reference
 # the blob that was created up front.
 class ActiveStorage::DirectUploadsController < ActiveStorage::BaseController
-  include ActiveStorage::DirectUploadToken
-
   def create
-    blob = ActiveStorage::Blob.create_before_direct_upload!(**blob_args.merge(service_name: verified_service_name))
+    blob = ActiveStorage::Blob.create_before_direct_upload!(**blob_args)
     render json: direct_upload_json(blob)
   end
 
@@ -16,10 +14,6 @@ class ActiveStorage::DirectUploadsController < ActiveStorage::BaseController
       params.require(:blob).permit(:filename, :byte_size, :checksum, :content_type, metadata: {}).to_h.symbolize_keys
     end
 
-    def verified_service_name
-      ActiveStorage::DirectUploadToken.verify_direct_upload_token(params[:direct_upload_token], params[:attachment_name], session)
-    end
-
     def direct_upload_json(blob)
       blob.as_json(root: false, methods: :signed_id).merge(direct_upload: {
         url: blob.service_url_for_direct_upload,

data/app/controllers/active_storage/representations/proxy_controller.rb

@@ -5,11 +5,11 @@
 # WARNING: All Active Storage controllers are publicly accessible by default. The
 # generated URLs are hard to guess, but permanent by design. If your files
 # require a higher level of protection consider implementing
-# {Authenticated Controllers}[https://edgeguides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
+# {Authenticated Controllers}[https://guides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
 class ActiveStorage::Representations::ProxyController < ActiveStorage::Representations::BaseController
   def show
     http_cache_forever public: true do
-      send_blob_stream @representation.image
+      send_blob_stream @representation.image, disposition: params[:disposition]
     end
   end
 end

data/app/controllers/active_storage/representations/redirect_controller.rb

@@ -5,7 +5,7 @@
 # WARNING: All Active Storage controllers are publicly accessible by default. The
 # generated URLs are hard to guess, but permanent by design. If your files
 # require a higher level of protection consider implementing
-# {Authenticated Controllers}[https://edgeguides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
+# {Authenticated Controllers}[https://guides.rubyonrails.org/active_storage_overview.html#authenticated-controllers].
 class ActiveStorage::Representations::RedirectController < ActiveStorage::Representations::BaseController
   def show
     expires_in ActiveStorage.service_urls_expire_in

data/app/javascript/activestorage/blob_record.js

@@ -1,19 +1,16 @@
 import { getMetaValue } from "./helpers"
 
 export class BlobRecord {
-  constructor(file, checksum, url, directUploadToken, attachmentName) {
+  constructor(file, checksum, url) {
     this.file = file
 
     this.attributes = {
       filename: file.name,
       content_type: file.type || "application/octet-stream",
       byte_size: file.size,
-      checksum: checksum,
+      checksum: checksum
     }
 
-    this.directUploadToken = directUploadToken
-    this.attachmentName = attachmentName
-
     this.xhr = new XMLHttpRequest
     this.xhr.open("POST", url, true)
     this.xhr.responseType = "json"
@@ -46,11 +43,7 @@ export class BlobRecord {
 
   create(callback) {
     this.callback = callback
-    this.xhr.send(JSON.stringify({
-      blob: this.attributes,
-      direct_upload_token: this.directUploadToken,
-      attachment_name: this.attachmentName
-    }))
+    this.xhr.send(JSON.stringify({ blob: this.attributes }))
   }
 
   requestDidLoad(event) {

data/app/javascript/activestorage/direct_upload.js

@@ -5,12 +5,10 @@ import { BlobUpload } from "./blob_upload"
 let id = 0
 
 export class DirectUpload {
-  constructor(file, url, serviceName, attachmentName, delegate) {
+  constructor(file, url, delegate) {
     this.id = ++id
     this.file = file
     this.url = url
-    this.serviceName = serviceName
-    this.attachmentName = attachmentName
     this.delegate = delegate
   }
 
@@ -21,7 +19,7 @@ export class DirectUpload {
         return
       }
 
-      const blob = new BlobRecord(this.file, checksum, this.url, this.serviceName, this.attachmentName)
+      const blob = new BlobRecord(this.file, checksum, this.url)
       notify(this.delegate, "directUploadWillCreateBlobWithXHR", blob.xhr)
 
       blob.create(error => {

data/app/javascript/activestorage/direct_upload_controller.js

@@ -5,7 +5,7 @@ export class DirectUploadController {
   constructor(input, file) {
     this.input = input
     this.file = file
-    this.directUpload = new DirectUpload(this.file, this.url, this.directUploadToken, this.attachmentName, this)
+    this.directUpload = new DirectUpload(this.file, this.url, this)
     this.dispatch("initialize")
   }
 
@@ -41,14 +41,6 @@ export class DirectUploadController {
     return this.input.getAttribute("data-direct-upload-url")
   }
 
-  get directUploadToken() {
-    return this.input.getAttribute("data-direct-upload-token")
-  }
-
-  get attachmentName() {
-    return this.input.getAttribute("data-direct-upload-attachment-name")
-  }
-
   dispatch(name, detail = {}) {
     detail.file = this.file
     detail.id = this.directUpload.id

data/app/models/active_storage/variant.rb

@@ -4,7 +4,7 @@
 # These variants are used to create thumbnails, fixed-size avatars, or any other derivative image from the
 # original.
 #
-# Variants rely on {ImageProcessing}[https://github.com/janko-m/image_processing] gem for the actual transformations
+# Variants rely on {ImageProcessing}[https://github.com/janko/image_processing] gem for the actual transformations
 # of the file, so you must add <tt>gem "image_processing"</tt> to your Gemfile if you wish to use variants. By
 # default, images will be processed with {ImageMagick}[http://imagemagick.org] using the
 # {MiniMagick}[https://github.com/minimagick/minimagick] gem, but you can also switch to the
@@ -46,9 +46,9 @@
 #
 # Visit the following links for a list of available ImageProcessing commands and ImageMagick/libvips operations:
 #
-# * {ImageProcessing::MiniMagick}[https://github.com/janko-m/image_processing/blob/master/doc/minimagick.md#methods]
+# * {ImageProcessing::MiniMagick}[https://github.com/janko/image_processing/blob/master/doc/minimagick.md#methods]
 # * {ImageMagick reference}[https://www.imagemagick.org/script/mogrify.php]
-# * {ImageProcessing::Vips}[https://github.com/janko-m/image_processing/blob/master/doc/vips.md#methods]
+# * {ImageProcessing::Vips}[https://github.com/janko/image_processing/blob/master/doc/vips.md#methods]
 # * {ruby-vips reference}[http://www.rubydoc.info/gems/ruby-vips/Vips/Image]
 class ActiveStorage::Variant
   attr_reader :blob, :variation

data/app/models/active_storage/variation.rb

@@ -10,7 +10,7 @@ require "mini_mime"
 #
 #   ActiveStorage::Variation.new(resize_to_limit: [100, 100], colourspace: "b-w", rotate: "-90", saver: { trim: true })
 #
-# The options map directly to {ImageProcessing}[https://github.com/janko-m/image_processing] commands.
+# The options map directly to {ImageProcessing}[https://github.com/janko/image_processing] commands.
 class ActiveStorage::Variation
   attr_reader :transformations
 

data/db/update_migrate/20191206030411_create_active_storage_variant_records.rb

@@ -1,7 +1,7 @@
 class CreateActiveStorageVariantRecords < ActiveRecord::Migration[6.0]
   def change
     # Use Active Record's configured type for primary key
-    create_table :active_storage_variant_records, id: primary_key_type do |t|
+    create_table :active_storage_variant_records, id: primary_key_type, if_not_exists: true do |t|
       t.belongs_to :blob, null: false, index: false, type: blobs_primary_key_type
       t.string :variation_digest, null: false
 

data/lib/active_storage/analyzer/audio_analyzer.rb

@@ -54,7 +54,7 @@ module ActiveStorage
           end
         end
       rescue Errno::ENOENT
-        logger.info "Skipping audio analysis because FFmpeg isn't installed"
+        logger.info "Skipping audio analysis because ffprobe isn't installed"
         {}
       end
 

data/lib/active_storage/analyzer/video_analyzer.rb

@@ -133,7 +133,7 @@ module ActiveStorage
           end
         end
       rescue Errno::ENOENT
-        logger.info "Skipping video analysis because FFmpeg isn't installed"
+        logger.info "Skipping video analysis because ffprobe isn't installed"
         {}
       end
 

data/lib/active_storage/attached/model.rb

@@ -137,9 +137,11 @@ module ActiveStorage
           end
 
           def #{name}=(attachables)
+            attachables = Array(attachables).compact_blank
+
             if ActiveStorage.replace_on_assign_to_many
               attachment_changes["#{name}"] =
-                if Array(attachables).none?
+                if attachables.none?
                   ActiveStorage::Attached::Changes::DeleteMany.new("#{name}", self)
                 else
                   ActiveStorage::Attached::Changes::CreateMany.new("#{name}", self, attachables)
@@ -151,7 +153,7 @@ module ActiveStorage
                 "To append new attachables to the Active Storage association, prefer using `attach`. " \
                 "Using association setter would result in purging the existing attached attachments and replacing them with new ones."
 
-              if Array(attachables).any?
+              if attachables.any?
                 attachment_changes["#{name}"] =
                   ActiveStorage::Attached::Changes::CreateMany.new("#{name}", self, #{name}.blobs + attachables)
               end

data/lib/active_storage/engine.rb

@@ -30,6 +30,7 @@ module ActiveStorage
     config.active_storage.analyzers = [ ActiveStorage::Analyzer::ImageAnalyzer::Vips, ActiveStorage::Analyzer::ImageAnalyzer::ImageMagick, ActiveStorage::Analyzer::VideoAnalyzer, ActiveStorage::Analyzer::AudioAnalyzer ]
     config.active_storage.paths = ActiveSupport::OrderedOptions.new
     config.active_storage.queues = ActiveSupport::InheritableOptions.new
+    config.active_storage.precompile_assets = true
 
     config.active_storage.variable_content_types = %w(
       image/png
@@ -154,9 +155,23 @@ module ActiveStorage
       end
     end
 
+    initializer "action_view.configuration" do
+      config.after_initialize do |app|
+        ActiveSupport.on_load(:action_view) do
+          multiple_file_field_include_hidden = app.config.active_storage.delete(:multiple_file_field_include_hidden)
+
+          unless multiple_file_field_include_hidden.nil?
+            ActionView::Helpers::FormHelper.multiple_file_field_include_hidden = multiple_file_field_include_hidden
+          end
+        end
+      end
+    end
+
     initializer "active_storage.asset" do
-      if Rails.application.config.respond_to?(:assets)
-        Rails.application.config.assets.precompile += %w( activestorage activestorage.esm )
+      config.after_initialize do |app|
+        if app.config.respond_to?(:assets) && app.config.active_storage.precompile_assets
+          app.config.assets.precompile += %w( activestorage activestorage.esm )
+        end
       end
     end
 

data/lib/active_storage/errors.rb

@@ -26,7 +26,4 @@ module ActiveStorage
 
   # Raised when a Previewer is unable to generate a preview image.
   class PreviewError < Error; end
-
-  # Raised when direct upload fails because of the invalid token
-  class InvalidDirectUploadTokenError < Error; end
 end

data/lib/active_storage/gem_version.rb

@@ -9,8 +9,8 @@ module ActiveStorage
   module VERSION
     MAJOR = 7
     MINOR = 0
-    TINY  = 0
-    PRE   = "rc3"
+    TINY  = 2
+    PRE   = "1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/active_storage/previewer/video_previewer.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "shellwords"
+
 module ActiveStorage
   class Previewer::VideoPreviewer < Previewer
     class << self

data/lib/active_storage.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 #--
-# Copyright (c) 2017-2021 David Heinemeier Hansson, Basecamp
+# Copyright (c) 2017-2022 David Heinemeier Hansson, Basecamp
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -41,7 +41,6 @@ module ActiveStorage
   autoload :Service
   autoload :Previewer
   autoload :Analyzer
-  autoload :DirectUploadToken
 
   mattr_accessor :logger
   mattr_accessor :verifier

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: activestorage
 version: !ruby/object:Gem::Version
-  version: 7.0.0.rc3
+  version: 7.0.2.1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-14 00:00:00.000000000 Z
+date: 2022-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,56 +16,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
 - !ruby/object:Gem::Dependency
   name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
 - !ruby/object:Gem::Dependency
   name: activejob
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.0.rc3
+        version: 7.0.2.1
 - !ruby/object:Gem::Dependency
   name: marcel
   requirement: !ruby/object:Gem::Requirement
@@ -170,7 +170,6 @@ files:
 - lib/active_storage/attached/many.rb
 - lib/active_storage/attached/model.rb
 - lib/active_storage/attached/one.rb
-- lib/active_storage/direct_upload_token.rb
 - lib/active_storage/downloader.rb
 - lib/active_storage/engine.rb
 - lib/active_storage/errors.rb
@@ -199,10 +198,10 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v7.0.0.rc3/activestorage/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v7.0.0.rc3/
+  changelog_uri: https://github.com/rails/rails/blob/v7.0.2.1/activestorage/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v7.0.2.1/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v7.0.0.rc3/activestorage
+  source_code_uri: https://github.com/rails/rails/tree/v7.0.2.1/activestorage
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
@@ -215,11 +214,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.22
 signing_key:
 specification_version: 4
 summary: Local and cloud file storage framework.

data/lib/active_storage/direct_upload_token.rb

@@ -1,59 +0,0 @@
-# frozen_string_literal: true
-
-module ActiveStorage
-  module DirectUploadToken
-    extend self
-
-    SEPARATOR = "."
-    DIRECT_UPLOAD_TOKEN_LENGTH = 32
-
-    def generate_direct_upload_token(attachment_name, service_name, session)
-      token = direct_upload_token(session, attachment_name)
-      encode_direct_upload_token([service_name, token].join(SEPARATOR))
-    end
-
-    def verify_direct_upload_token(token, attachment_name, session)
-      raise ActiveStorage::InvalidDirectUploadTokenError if token.nil?
-
-      service_name, *token_components = decode_token(token).split(SEPARATOR)
-      decoded_token = token_components.join(SEPARATOR)
-
-      return service_name if valid_direct_upload_token?(decoded_token, attachment_name, session)
-
-      raise ActiveStorage::InvalidDirectUploadTokenError
-    end
-
-    private
-      def direct_upload_token(session, attachment_name) # :doc:
-        direct_upload_token_hmac(session, "direct_upload##{attachment_name}")
-      end
-
-      def valid_direct_upload_token?(token, attachment_name, session) # :doc:
-        correct_token = direct_upload_token(session, attachment_name)
-        ActiveSupport::SecurityUtils.fixed_length_secure_compare(token, correct_token)
-      rescue ArgumentError
-        raise ActiveStorage::InvalidDirectUploadTokenError
-      end
-
-      def direct_upload_token_hmac(session, identifier) # :doc:
-        OpenSSL::HMAC.digest(
-          OpenSSL::Digest::SHA256.new,
-          real_direct_upload_token(session),
-          identifier
-        )
-      end
-
-      def real_direct_upload_token(session) # :doc:
-        session[:_direct_upload_token] ||= SecureRandom.urlsafe_base64(DIRECT_UPLOAD_TOKEN_LENGTH, padding: false)
-        encode_direct_upload_token(session[:_direct_upload_token])
-      end
-
-      def decode_token(encoded_token) # :nodoc:
-        Base64.urlsafe_decode64(encoded_token)
-      end
-
-      def encode_direct_upload_token(raw_token) # :nodoc:
-        Base64.urlsafe_encode64(raw_token)
-      end
-  end
-end