activestorage 5.2.6.3 → 5.2.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 13b52cd35b6dc01b7589a2c6a666628f0dd9022a7003be3b4ccb461854aa8f54
-  data.tar.gz: c5b000e97cc5c5da0800bb963892f20857841d1a6c1d1d41224c7053b340aaaa
+  metadata.gz: 221e253595145d3f877c7f1c72422ab97989ba9cba8cb7a5c14f20d8589b0240
+  data.tar.gz: 32de8686073e333e7f0a4177acc3aba161e5bbd59d90597e42ad49ca7ec55af9
 SHA512:
-  metadata.gz: 81552bc85fb46cac27886e71abd1434d0e184e8eb6f679642e6cc2589c6c8e1f72aea689ab169407a6467bc03d2a846ed77d36c6ea4ee55102d451fc9be1ade8
-  data.tar.gz: 907cc0d61bf68b93edecfd2caabc06656a5a31b7a64931c98342005ddf8976a0c33d412e376da464f1453a738156efa8769449ffd554f14c08d20bd853329cd6
+  metadata.gz: 5617c40e89b030ed1e8b3a05a57ab954a572e40b27f6aade9e4046ae23f7ff298a9f40b1d1ecb31ec7e9cd3717186d6cc7e6ceb939a3967bcd3ab70533e431c9
+  data.tar.gz: 39a0968e43f9d8a1763c3120a83b3ae8cc82b9c2d78b1a0a5503da4818296f0cf5abad84fd57733bd1eac61f321b0a288d99c2aff058d3f37fb0cd453fc423ff

data/CHANGELOG.md

@@ -1,10 +1,18 @@
+## Rails 5.2.7 (March 10, 2022) ##
+
+*   Fix `ActiveStorage.supported_image_processing_methods` and
+    `ActiveStorage.unsupported_image_processing_arguments` that were not being applied.
+
+    *Rafael Mendonça França*
+
+
 ## Rails 5.2.6.3 (March 08, 2022) ##
 
 *   Added image transformation validation via configurable allow-list.
-    
+
     Variant now offers a configurable allow-list for
     transformation methods in addition to a configurable deny-list for arguments.
-    
+
     [CVE-2022-21831]
 
 

data/app/models/active_storage/variation.rb

@@ -23,298 +23,6 @@ class ActiveStorage::Variation
   class UnsupportedImageProcessingMethod < StandardError; end
   class UnsupportedImageProcessingArgument < StandardError; end
 
-  SUPPORTED_IMAGE_PROCESSING_METHODS = [
-   "adaptive_blur",
-   "adaptive_resize",
-   "adaptive_sharpen",
-   "adjoin",
-   "affine",
-   "alpha",
-   "annotate",
-   "antialias",
-   "append",
-   "apply",
-   "attenuate",
-   "authenticate",
-   "auto_gamma",
-   "auto_level",
-   "auto_orient",
-   "auto_threshold",
-   "backdrop",
-   "background",
-   "bench",
-   "bias",
-   "bilateral_blur",
-   "black_point_compensation",
-   "black_threshold",
-   "blend",
-   "blue_primary",
-   "blue_shift",
-   "blur",
-   "border",
-   "bordercolor",
-   "borderwidth",
-   "brightness_contrast",
-   "cache",
-   "canny",
-   "caption",
-   "channel",
-   "channel_fx",
-   "charcoal",
-   "chop",
-   "clahe",
-   "clamp",
-   "clip",
-   "clip_path",
-   "clone",
-   "clut",
-   "coalesce",
-   "colorize",
-   "colormap",
-   "color_matrix",
-   "colors",
-   "colorspace",
-   "colourspace",
-   "color_threshold",
-   "combine",
-   "combine_options",
-   "comment",
-   "compare",
-   "complex",
-   "compose",
-   "composite",
-   "compress",
-   "connected_components",
-   "contrast",
-   "contrast_stretch",
-   "convert",
-   "convolve",
-   "copy",
-   "crop",
-   "cycle",
-   "deconstruct",
-   "define",
-   "delay",
-   "delete",
-   "density",
-   "depth",
-   "descend",
-   "deskew",
-   "despeckle",
-   "direction",
-   "displace",
-   "dispose",
-   "dissimilarity_threshold",
-   "dissolve",
-   "distort",
-   "dither",
-   "draw",
-   "duplicate",
-   "edge",
-   "emboss",
-   "encoding",
-   "endian",
-   "enhance",
-   "equalize",
-   "evaluate",
-   "evaluate_sequence",
-   "extent",
-   "extract",
-   "family",
-   "features",
-   "fft",
-   "fill",
-   "filter",
-   "flatten",
-   "flip",
-   "floodfill",
-   "flop",
-   "font",
-   "foreground",
-   "format",
-   "frame",
-   "function",
-   "fuzz",
-   "fx",
-   "gamma",
-   "gaussian_blur",
-   "geometry",
-   "gravity",
-   "grayscale",
-   "green_primary",
-   "hald_clut",
-   "highlight_color",
-   "hough_lines",
-   "iconGeometry",
-   "iconic",
-   "identify",
-   "ift",
-   "illuminant",
-   "immutable",
-   "implode",
-   "insert",
-   "intensity",
-   "intent",
-   "interlace",
-   "interline_spacing",
-   "interpolate",
-   "interpolative_resize",
-   "interword_spacing",
-   "kerning",
-   "kmeans",
-   "kuwahara",
-   "label",
-   "lat",
-   "layers",
-   "level",
-   "level_colors",
-   "limit",
-   "limits",
-   "linear_stretch",
-   "linewidth",
-   "liquid_rescale",
-   "list",
-   "loader",
-   "log",
-   "loop",
-   "lowlight_color",
-   "magnify",
-   "map",
-   "mattecolor",
-   "median",
-   "mean_shift",
-   "metric",
-   "mode",
-   "modulate",
-   "moments",
-   "monitor",
-   "monochrome",
-   "morph",
-   "morphology",
-   "mosaic",
-   "motion_blur",
-   "name",
-   "negate",
-   "noise",
-   "normalize",
-   "opaque",
-   "ordered_dither",
-   "orient",
-   "page",
-   "paint",
-   "pause",
-   "perceptible",
-   "ping",
-   "pointsize",
-   "polaroid",
-   "poly",
-   "posterize",
-   "precision",
-   "preview",
-   "process",
-   "quality",
-   "quantize",
-   "quiet",
-   "radial_blur",
-   "raise",
-   "random_threshold",
-   "range_threshold",
-   "red_primary",
-   "regard_warnings",
-   "region",
-   "remote",
-   "render",
-   "repage",
-   "resample",
-   "resize",
-   "resize_to_fill",
-   "resize_to_fit",
-   "resize_to_limit",
-   "resize_and_pad",
-   "respect_parentheses",
-   "reverse",
-   "roll",
-   "rotate",
-   "sample",
-   "sampling_factor",
-   "saver",
-   "scale",
-   "scene",
-   "screen",
-   "seed",
-   "segment",
-   "selective_blur",
-   "separate",
-   "sepia_tone",
-   "shade",
-   "shadow",
-   "shared_memory",
-   "sharpen",
-   "shave",
-   "shear",
-   "sigmoidal_contrast",
-   "silent",
-   "similarity_threshold",
-   "size",
-   "sketch",
-   "smush",
-   "snaps",
-   "solarize",
-   "sort_pixels",
-   "sparse_color",
-   "splice",
-   "spread",
-   "statistic",
-   "stegano",
-   "stereo",
-   "storage_type",
-   "stretch",
-   "strip",
-   "stroke",
-   "strokewidth",
-   "style",
-   "subimage_search",
-   "swap",
-   "swirl",
-   "synchronize",
-   "taint",
-   "text_font",
-   "threshold",
-   "thumbnail",
-   "tile_offset",
-   "tint",
-   "title",
-   "transform",
-   "transparent",
-   "transparent_color",
-   "transpose",
-   "transverse",
-   "treedepth",
-   "trim",
-   "type",
-   "undercolor",
-   "unique_colors",
-   "units",
-   "unsharp",
-   "update",
-   "valid_image",
-   "view",
-   "vignette",
-   "virtual_pixel",
-   "visual",
-   "watermark",
-   "wave",
-   "wavelet_denoise",
-   "weight",
-   "white_balance",
-   "white_point",
-   "white_threshold",
-   "window",
-   "window_group",
-  ].concat(ActiveStorage.supported_image_processing_methods)
-
-  UNSUPPORTED_IMAGE_PROCESSING_ARGUMENTS = ActiveStorage.unsupported_image_processing_arguments
-
   class << self
     # Returns a Variation instance based on the given variator. If the variator is a Variation, it is
     # returned unmodified. If it is a String, it is passed to ActiveStorage::Variation.decode. Otherwise,
@@ -388,7 +96,7 @@ class ActiveStorage::Variation
     def validate_transformation(name, argument)
       method_name = name.to_s.gsub("-","_")
 
-      unless SUPPORTED_IMAGE_PROCESSING_METHODS.any? { |method| method_name == method }
+      unless ActiveStorage.supported_image_processing_methods.any? { |method| method_name == method }
         raise UnsupportedImageProcessingMethod, <<~ERROR.squish
           One or more of the provided transformation methods is not supported.
         ERROR
@@ -406,7 +114,7 @@ class ActiveStorage::Variation
     end
 
     def validate_arg_string(argument)
-      if UNSUPPORTED_IMAGE_PROCESSING_ARGUMENTS.any? { |bad_arg| argument.to_s.downcase.include?(bad_arg) }; raise UnsupportedImageProcessingArgument end
+      if ActiveStorage.unsupported_image_processing_arguments.any? { |bad_arg| argument.to_s.downcase.include?(bad_arg) }; raise UnsupportedImageProcessingArgument end
     end
 
     def validate_arg_array(argument)

data/lib/active_storage/engine.rb

@@ -51,20 +51,6 @@ module ActiveStorage
       application/pdf
     )
 
-    default_unsupported_image_processing_arguments = %w(
-      -debug
-      -display
-      -distribute-cache
-      -help
-      -path
-      -print
-      -set
-      -verbose
-      -version
-      -write
-      -write-mask
-    )
-
     config.eager_load_namespaces << ActiveStorage
 
     initializer "active_storage.configs" do
@@ -75,8 +61,20 @@ module ActiveStorage
         ActiveStorage.analyzers  = app.config.active_storage.analyzers || []
         ActiveStorage.paths      = app.config.active_storage.paths || {}
 
-        ActiveStorage.supported_image_processing_methods = app.config.active_storage.supported_image_processing_methods || []
-        ActiveStorage.unsupported_image_processing_arguments = app.config.active_storage.unsupported_image_processing_arguments || default_unsupported_image_processing_arguments
+        ActiveStorage.supported_image_processing_methods += app.config.active_storage.supported_image_processing_methods || []
+        ActiveStorage.unsupported_image_processing_arguments = app.config.active_storage.unsupported_image_processing_arguments || %w(
+          -debug
+          -display
+          -distribute-cache
+          -help
+          -path
+          -print
+          -set
+          -verbose
+          -version
+          -write
+          -write-mask
+        )
         ActiveStorage.variable_content_types = app.config.active_storage.variable_content_types || []
         ActiveStorage.content_types_to_serve_as_binary = app.config.active_storage.content_types_to_serve_as_binary || []
         ActiveStorage.content_types_allowed_inline = app.config.active_storage.content_types_allowed_inline || []

data/lib/active_storage/gem_version.rb

@@ -9,8 +9,8 @@ module ActiveStorage
   module VERSION
     MAJOR = 5
     MINOR = 2
-    TINY  = 6
-    PRE   = "3"
+    TINY  = 7
+    PRE   = nil
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/active_storage.rb

@@ -50,6 +50,294 @@ module ActiveStorage
   mattr_accessor :content_types_to_serve_as_binary, default: []
   mattr_accessor :content_types_allowed_inline, default: []
   mattr_accessor :binary_content_type, default: "application/octet-stream"
-  mattr_accessor :supported_image_processing_methods, default: []
+  mattr_accessor :supported_image_processing_methods, default: [
+    "adaptive_blur",
+    "adaptive_resize",
+    "adaptive_sharpen",
+    "adjoin",
+    "affine",
+    "alpha",
+    "annotate",
+    "antialias",
+    "append",
+    "apply",
+    "attenuate",
+    "authenticate",
+    "auto_gamma",
+    "auto_level",
+    "auto_orient",
+    "auto_threshold",
+    "backdrop",
+    "background",
+    "bench",
+    "bias",
+    "bilateral_blur",
+    "black_point_compensation",
+    "black_threshold",
+    "blend",
+    "blue_primary",
+    "blue_shift",
+    "blur",
+    "border",
+    "bordercolor",
+    "borderwidth",
+    "brightness_contrast",
+    "cache",
+    "canny",
+    "caption",
+    "channel",
+    "channel_fx",
+    "charcoal",
+    "chop",
+    "clahe",
+    "clamp",
+    "clip",
+    "clip_path",
+    "clone",
+    "clut",
+    "coalesce",
+    "colorize",
+    "colormap",
+    "color_matrix",
+    "colors",
+    "colorspace",
+    "colourspace",
+    "color_threshold",
+    "combine",
+    "combine_options",
+    "comment",
+    "compare",
+    "complex",
+    "compose",
+    "composite",
+    "compress",
+    "connected_components",
+    "contrast",
+    "contrast_stretch",
+    "convert",
+    "convolve",
+    "copy",
+    "crop",
+    "cycle",
+    "deconstruct",
+    "define",
+    "delay",
+    "delete",
+    "density",
+    "depth",
+    "descend",
+    "deskew",
+    "despeckle",
+    "direction",
+    "displace",
+    "dispose",
+    "dissimilarity_threshold",
+    "dissolve",
+    "distort",
+    "dither",
+    "draw",
+    "duplicate",
+    "edge",
+    "emboss",
+    "encoding",
+    "endian",
+    "enhance",
+    "equalize",
+    "evaluate",
+    "evaluate_sequence",
+    "extent",
+    "extract",
+    "family",
+    "features",
+    "fft",
+    "fill",
+    "filter",
+    "flatten",
+    "flip",
+    "floodfill",
+    "flop",
+    "font",
+    "foreground",
+    "format",
+    "frame",
+    "function",
+    "fuzz",
+    "fx",
+    "gamma",
+    "gaussian_blur",
+    "geometry",
+    "gravity",
+    "grayscale",
+    "green_primary",
+    "hald_clut",
+    "highlight_color",
+    "hough_lines",
+    "iconGeometry",
+    "iconic",
+    "identify",
+    "ift",
+    "illuminant",
+    "immutable",
+    "implode",
+    "insert",
+    "intensity",
+    "intent",
+    "interlace",
+    "interline_spacing",
+    "interpolate",
+    "interpolative_resize",
+    "interword_spacing",
+    "kerning",
+    "kmeans",
+    "kuwahara",
+    "label",
+    "lat",
+    "layers",
+    "level",
+    "level_colors",
+    "limit",
+    "limits",
+    "linear_stretch",
+    "linewidth",
+    "liquid_rescale",
+    "list",
+    "loader",
+    "log",
+    "loop",
+    "lowlight_color",
+    "magnify",
+    "map",
+    "mattecolor",
+    "median",
+    "mean_shift",
+    "metric",
+    "mode",
+    "modulate",
+    "moments",
+    "monitor",
+    "monochrome",
+    "morph",
+    "morphology",
+    "mosaic",
+    "motion_blur",
+    "name",
+    "negate",
+    "noise",
+    "normalize",
+    "opaque",
+    "ordered_dither",
+    "orient",
+    "page",
+    "paint",
+    "pause",
+    "perceptible",
+    "ping",
+    "pointsize",
+    "polaroid",
+    "poly",
+    "posterize",
+    "precision",
+    "preview",
+    "process",
+    "quality",
+    "quantize",
+    "quiet",
+    "radial_blur",
+    "raise",
+    "random_threshold",
+    "range_threshold",
+    "red_primary",
+    "regard_warnings",
+    "region",
+    "remote",
+    "render",
+    "repage",
+    "resample",
+    "resize",
+    "resize_to_fill",
+    "resize_to_fit",
+    "resize_to_limit",
+    "resize_and_pad",
+    "respect_parentheses",
+    "reverse",
+    "roll",
+    "rotate",
+    "sample",
+    "sampling_factor",
+    "saver",
+    "scale",
+    "scene",
+    "screen",
+    "seed",
+    "segment",
+    "selective_blur",
+    "separate",
+    "sepia_tone",
+    "shade",
+    "shadow",
+    "shared_memory",
+    "sharpen",
+    "shave",
+    "shear",
+    "sigmoidal_contrast",
+    "silent",
+    "similarity_threshold",
+    "size",
+    "sketch",
+    "smush",
+    "snaps",
+    "solarize",
+    "sort_pixels",
+    "sparse_color",
+    "splice",
+    "spread",
+    "statistic",
+    "stegano",
+    "stereo",
+    "storage_type",
+    "stretch",
+    "strip",
+    "stroke",
+    "strokewidth",
+    "style",
+    "subimage_search",
+    "swap",
+    "swirl",
+    "synchronize",
+    "taint",
+    "text_font",
+    "threshold",
+    "thumbnail",
+    "tile_offset",
+    "tint",
+    "title",
+    "transform",
+    "transparent",
+    "transparent_color",
+    "transpose",
+    "transverse",
+    "treedepth",
+    "trim",
+    "type",
+    "undercolor",
+    "unique_colors",
+    "units",
+    "unsharp",
+    "update",
+    "valid_image",
+    "view",
+    "vignette",
+    "virtual_pixel",
+    "visual",
+    "watermark",
+    "wave",
+    "wavelet_denoise",
+    "weight",
+    "white_balance",
+    "white_point",
+    "white_threshold",
+    "window",
+    "window_group",
+  ]
   mattr_accessor :unsupported_image_processing_arguments
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: activestorage
 version: !ruby/object:Gem::Version
-  version: 5.2.6.3
+  version: 5.2.7
 platform: ruby
 authors:
 - David Heinemeier Hansson
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-03-08 00:00:00.000000000 Z
+date: 2022-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.6.3
+        version: 5.2.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.6.3
+        version: 5.2.7
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.6.3
+        version: 5.2.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.6.3
+        version: 5.2.7
 - !ruby/object:Gem::Dependency
   name: marcel
   requirement: !ruby/object:Gem::Requirement
@@ -124,9 +124,9 @@ homepage: http://rubyonrails.org
 licenses:
 - MIT
 metadata:
-  source_code_uri: https://github.com/rails/rails/tree/v5.2.6.3/activestorage
-  changelog_uri: https://github.com/rails/rails/blob/v5.2.6.3/activestorage/CHANGELOG.md
-post_install_message:
+  source_code_uri: https://github.com/rails/rails/tree/v5.2.7/activestorage
+  changelog_uri: https://github.com/rails/rails/blob/v5.2.7/activestorage/CHANGELOG.md
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -142,7 +142,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key:
+signing_key: 
 specification_version: 4
 summary: Local and cloud file storage framework.
 test_files: []