activesupport 4.1.0 → 4.1.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c936ce5651934fea6a06f172e8292e7b8fb4d23f
-  data.tar.gz: ffed9ceb345137266ba5654dc932f1b701912f3f
+  metadata.gz: 54422272f221596ea76d050a34d6b83f1f1ae6c9
+  data.tar.gz: a05f3b1deef3c7cd943ec76a3e5a66b0987b5b93
 SHA512:
-  metadata.gz: d97b61358252646f0bd110a609de014a449d5a0567c583a8a0b350134fa652c0d846bfd4dac4039c385fdd28423280ef91f59369e7a73af8a16ab25d604261ea
-  data.tar.gz: d58a57c9ea281d9a9605a220e62206b7a3d0059d28844213c2d0cc1b9256180a8854ecb2efb73711e296b9349c2b1254f49dafc25b6a52cfe37d3e4ddd23d4be
+  metadata.gz: 0c2db7529fd5bc8dc419715c51b865b637e650d76802b40087127893bd3b37defe381608442a7f539dd4a06293cf852b28635b8bac87afbc01aff4ddd6bebf85
+  data.tar.gz: 99497a90dae4da6b174fe25984d1bc362b410b1a5025421774f51c4fcd1162453fd2d58a6a8dd881bd342c576a068618f0c63f14d137d5346fab49424f89c5f5

data/CHANGELOG.md

@@ -1,3 +1,212 @@
+## Rails 4.1.11 (June 16, 2015) ##
+
+*   Fix XSS vulnerability in `ActiveSupport::JSON.encode` method.
+
+    CVE-2015-3226.
+
+    *Rafael Mendonça França*
+
+*   Fix denial of service vulnerability in the XML processing.
+
+    CVE-2015-3227.
+
+    *Aaron Patterson*
+
+
+## Rails 4.1.10 (March 19, 2015) ##
+
+*   Fixed a roundtrip problem with AS::SafeBuffer where primitive-like strings
+    will be dumped as primitives:
+
+    Before:
+
+       YAML.load ActiveSupport::SafeBuffer.new("Hello").to_yaml  # => "Hello"
+       YAML.load ActiveSupport::SafeBuffer.new("true").to_yaml   # => true
+       YAML.load ActiveSupport::SafeBuffer.new("false").to_yaml  # => false
+       YAML.load ActiveSupport::SafeBuffer.new("1").to_yaml      # => 1
+       YAML.load ActiveSupport::SafeBuffer.new("1.1").to_yaml    # => 1.1
+
+     After:
+
+       YAML.load ActiveSupport::SafeBuffer.new("Hello").to_yaml  # => "Hello"
+       YAML.load ActiveSupport::SafeBuffer.new("true").to_yaml   # => "true"
+       YAML.load ActiveSupport::SafeBuffer.new("false").to_yaml  # => "false"
+       YAML.load ActiveSupport::SafeBuffer.new("1").to_yaml      # => "1"
+       YAML.load ActiveSupport::SafeBuffer.new("1.1").to_yaml    # => "1.1"
+
+    *Godfrey Chan*
+
+*   Replace fixed `:en` with `I18n.default_locale` in `Duration#inspect`.
+
+    *Dominik Masur*
+
+*   Add missing time zone definitions for Russian Federation and sync them
+    with `zone.tab` file from tzdata version 2014j (latest).
+
+    *Andrey Novikov*
+
+
+## Rails 4.1.9 (January 6, 2015) ##
+
+*   No changes.
+
+
+## Rails 4.1.8 (November 16, 2014) ##
+
+*   `Method` objects now report themselves as not `duplicable?`. This allows
+    hashes and arrays containing `Method` objects to be `deep_dup`ed.
+
+    *Peter Jaros*
+
+
+## Rails 4.1.7.1 (November 19, 2014) ##
+
+*   No changes.
+
+
+## Rails 4.1.7 (October 29, 2014) ##
+
+*   No changes.
+
+
+## Rails 4.1.6 (September 11, 2014) ##
+
+*   Fix DateTime comparison with DateTime::Infinity object.
+
+    *Rafael Mendonça França*
+
+*   Fixed a compatibility issue with the `Oj` gem when cherry-picking the file
+    `active_support/core_ext/object/json` without requiring `active_support/json`.
+
+    Fixes #16131.
+
+    *Godfrey Chan*
+
+*   Make Dependencies pass a name to NameError error.
+
+    *arthurnn*, *Yuki Nishijima*
+
+*   Fixed precision error in NumberHelper when using Rationals.
+
+    before:
+        ActiveSupport::NumberHelper.number_to_rounded Rational(1000, 3), precision: 2
+        #=> "330.00"
+    after:
+        ActiveSupport::NumberHelper.number_to_rounded Rational(1000, 3), precision: 2
+        #=> "333.33"
+
+    See #15379.
+
+    *Juanjo Bazán*
+
+
+## Rails 4.1.5 (August 18, 2014) ##
+
+*   No changes.
+
+
+## Rails 4.1.4 (July 2, 2014) ##
+
+*   No changes.
+
+
+## Rails 4.1.3 (July 2, 2014) ##
+
+*   No changes.
+
+
+## Rails 4.1.2 (June 26, 2014) ##
+
+*   `Hash#deep_transform_keys` and `Hash#deep_transform_keys!` now transform hashes
+    in nested arrays.  This change also applies to `Hash#deep_stringify_keys`,
+    `Hash#deep_stringify_keys!`, `Hash#deep_symbolize_keys` and
+    `Hash#deep_symbolize_keys!`.
+
+    *OZAWA Sakuro*
+
+*   Fixed `ActiveSupport::Subscriber` so that no duplicate subscriber is created
+    when a subscriber method is redefined.
+
+    *Dennis Schön*
+
+*   Fixed an issue when using
+    `ActiveSupport::NumberHelper::NumberToDelimitedConverter` to
+    convert a value that is an `ActiveSupport::SafeBuffer` introduced
+    in 2da9d67.
+
+    For more info see #15064.
+
+    *Mark J. Titorenko*
+
+*   Fixed backward compatibility isues introduced in 326e652.
+
+    Empty Hash or Array should not present in serialization result.
+
+        {a: []}.to_query # => ""
+        {a: {}}.to_query # => ""
+
+    For more info see #14948.
+
+    *Bogdan Gusiev*
+*   Fixed `ActiveSupport::Duration#eql?` so that `1.second.eql?(1.second)` is
+    true.
+
+    This fixes the current situation of:
+
+        1.second.eql?(1.second) #=> false
+
+    `eql?` also requires that the other object is an `ActiveSupport::Duration`.
+    This requirement makes `ActiveSupport::Duration`'s behavior consistent with
+    the behavior of Ruby's numeric types:
+
+        1.eql?(1.0) #=> false
+        1.0.eql?(1) #=> false
+
+        1.second.eql?(1) #=> false (was true)
+        1.eql?(1.second) #=> false
+
+        { 1 => "foo", 1.0 => "bar" }
+        #=> { 1 => "foo", 1.0 => "bar" }
+
+        { 1 => "foo", 1.second => "bar" }
+        # now => { 1 => "foo", 1.second => "bar" }
+        # was => { 1 => "bar" }
+
+    And though the behavior of these hasn't changed, for reference:
+
+        1 == 1.0 #=> true
+        1.0 == 1 #=> true
+
+        1 == 1.second #=> true
+        1.second == 1 #=> true
+
+    *Emily Dobervich*
+
+*   `ActiveSupport::SafeBuffer#prepend` acts like `String#prepend` and modifies
+    instance in-place, returning self. `ActiveSupport::SafeBuffer#prepend!` is
+    deprecated.
+
+    *Pavel Pravosud*
+
+*   `HashWithIndifferentAccess` better respects `#to_hash` on objects it's
+    given. In particular `#update`, `#merge`, `#replace` all accept objects
+    which respond to `#to_hash`, even if those objects are not Hashes directly.
+
+    Currently, if `HashWithIndifferentAccess.new` is given a non-Hash (even if
+    it responds to `#to_hash`) that object is treated as the default value,
+    rather than the initial keys and value. Changing that could break existing
+    code, so it will be updated in the next minor version.
+
+    *Peter Jaros*
+
+
+## Rails 4.1.1 (May 6, 2014) ##
+
+*   No changes.
+
+
+## Rails 4.1.0 (April 8, 2014) ##
+
 *   Added `Object#presence_in` to simplify value whitelisting.
 
     Before:

data/lib/active_support/cache/strategy/local_cache.rb

@@ -1,5 +1,6 @@
 require 'active_support/core_ext/object/duplicable'
 require 'active_support/core_ext/string/inflections'
+require 'active_support/per_thread_registry'
 
 module ActiveSupport
   module Cache

data/lib/active_support/cache.rb

@@ -624,7 +624,7 @@ module ActiveSupport
       # Check if the entry is expired. The +expires_in+ parameter can override
       # the value set when the entry was created.
       def expired?
-        convert_version_4beta1_entry! if defined?(@value)
+        convert_version_4beta1_entry! if defined?(@v)
         @expires_in && @created_at + @expires_in <= Time.now.to_f
       end
 

data/lib/active_support/callbacks.rb

@@ -117,24 +117,24 @@ module ActiveSupport
       ENDING = End.new
 
       class Before
-        def self.build(next_callback, user_callback, user_conditions, chain_config, filter)
+        def self.build(callback_sequence, user_callback, user_conditions, chain_config, filter)
           halted_lambda = chain_config[:terminator]
 
           if chain_config.key?(:terminator) && user_conditions.any?
-            halting_and_conditional(next_callback, user_callback, user_conditions, halted_lambda, filter)
+            halting_and_conditional(callback_sequence, user_callback, user_conditions, halted_lambda, filter)
           elsif chain_config.key? :terminator
-            halting(next_callback, user_callback, halted_lambda, filter)
+            halting(callback_sequence, user_callback, halted_lambda, filter)
           elsif user_conditions.any?
-            conditional(next_callback, user_callback, user_conditions)
+            conditional(callback_sequence, user_callback, user_conditions)
           else
-            simple next_callback, user_callback
+            simple callback_sequence, user_callback
           end
         end
 
         private
 
-        def self.halting_and_conditional(next_callback, user_callback, user_conditions, halted_lambda, filter)
-          lambda { |env|
+        def self.halting_and_conditional(callback_sequence, user_callback, user_conditions, halted_lambda, filter)
+          callback_sequence.before do |env|
             target = env.target
             value  = env.value
             halted = env.halted
@@ -146,12 +146,13 @@ module ActiveSupport
                 target.send :halted_callback_hook, filter
               end
             end
-            next_callback.call env
-          }
+
+            env
+          end
         end
 
-        def self.halting(next_callback, user_callback, halted_lambda, filter)
-          lambda { |env|
+        def self.halting(callback_sequence, user_callback, halted_lambda, filter)
+          callback_sequence.before do |env|
             target = env.target
             value  = env.value
             halted = env.halted
@@ -163,56 +164,58 @@ module ActiveSupport
                 target.send :halted_callback_hook, filter
               end
             end
-            next_callback.call env
-          }
+
+            env
+          end
         end
 
-        def self.conditional(next_callback, user_callback, user_conditions)
-          lambda { |env|
+        def self.conditional(callback_sequence, user_callback, user_conditions)
+          callback_sequence.before do |env|
             target = env.target
             value  = env.value
 
             if user_conditions.all? { |c| c.call(target, value) }
               user_callback.call target, value
             end
-            next_callback.call env
-          }
+
+            env
+          end
         end
 
-        def self.simple(next_callback, user_callback)
-          lambda { |env|
+        def self.simple(callback_sequence, user_callback)
+          callback_sequence.before do |env|
             user_callback.call env.target, env.value
-            next_callback.call env
-          }
+
+            env
+          end
         end
       end
 
       class After
-        def self.build(next_callback, user_callback, user_conditions, chain_config)
+        def self.build(callback_sequence, user_callback, user_conditions, chain_config)
           if chain_config[:skip_after_callbacks_if_terminated]
             if chain_config.key?(:terminator) && user_conditions.any?
-              halting_and_conditional(next_callback, user_callback, user_conditions)
+              halting_and_conditional(callback_sequence, user_callback, user_conditions)
             elsif chain_config.key?(:terminator)
-              halting(next_callback, user_callback)
+              halting(callback_sequence, user_callback)
             elsif user_conditions.any?
-              conditional next_callback, user_callback, user_conditions
+              conditional callback_sequence, user_callback, user_conditions
             else
-              simple next_callback, user_callback
+              simple callback_sequence, user_callback
             end
           else
             if user_conditions.any?
-              conditional next_callback, user_callback, user_conditions
+              conditional callback_sequence, user_callback, user_conditions
             else
-              simple next_callback, user_callback
+              simple callback_sequence, user_callback
             end
           end
         end
 
         private
 
-        def self.halting_and_conditional(next_callback, user_callback, user_conditions)
-          lambda { |env|
-            env = next_callback.call env
+        def self.halting_and_conditional(callback_sequence, user_callback, user_conditions)
+          callback_sequence.after do |env|
             target = env.target
             value  = env.value
             halted = env.halted
@@ -220,117 +223,119 @@ module ActiveSupport
             if !halted && user_conditions.all? { |c| c.call(target, value) }
               user_callback.call target, value
             end
+
             env
-          }
+          end
         end
 
-        def self.halting(next_callback, user_callback)
-          lambda { |env|
-            env = next_callback.call env
+        def self.halting(callback_sequence, user_callback)
+          callback_sequence.after do |env|
             unless env.halted
               user_callback.call env.target, env.value
             end
+
             env
-          }
+          end
         end
 
-        def self.conditional(next_callback, user_callback, user_conditions)
-          lambda { |env|
-            env = next_callback.call env
+        def self.conditional(callback_sequence, user_callback, user_conditions)
+          callback_sequence.after do |env|
             target = env.target
             value  = env.value
 
             if user_conditions.all? { |c| c.call(target, value) }
               user_callback.call target, value
             end
+
             env
-          }
+          end
         end
 
-        def self.simple(next_callback, user_callback)
-          lambda { |env|
-            env = next_callback.call env
+        def self.simple(callback_sequence, user_callback)
+          callback_sequence.after do |env|
             user_callback.call env.target, env.value
+
             env
-          }
+          end
         end
       end
 
       class Around
-        def self.build(next_callback, user_callback, user_conditions, chain_config)
+        def self.build(callback_sequence, user_callback, user_conditions, chain_config)
           if chain_config.key?(:terminator) && user_conditions.any?
-            halting_and_conditional(next_callback, user_callback, user_conditions)
+            halting_and_conditional(callback_sequence, user_callback, user_conditions)
           elsif chain_config.key? :terminator
-            halting(next_callback, user_callback)
+            halting(callback_sequence, user_callback)
           elsif user_conditions.any?
-            conditional(next_callback, user_callback, user_conditions)
+            conditional(callback_sequence, user_callback, user_conditions)
           else
-            simple(next_callback, user_callback)
+            simple(callback_sequence, user_callback)
           end
         end
 
         private
 
-        def self.halting_and_conditional(next_callback, user_callback, user_conditions)
-          lambda { |env|
+        def self.halting_and_conditional(callback_sequence, user_callback, user_conditions)
+          callback_sequence.around do |env, &run|
             target = env.target
             value  = env.value
             halted = env.halted
 
             if !halted && user_conditions.all? { |c| c.call(target, value) }
               user_callback.call(target, value) {
-                env = next_callback.call env
+                env = run.call env
                 env.value
               }
+
               env
             else
-              next_callback.call env
+              run.call env
             end
-          }
+          end
         end
 
-        def self.halting(next_callback, user_callback)
-          lambda { |env|
+        def self.halting(callback_sequence, user_callback)
+          callback_sequence.around do |env, &run|
             target = env.target
             value  = env.value
 
-            unless env.halted
+            if env.halted
+              run.call env
+            else
               user_callback.call(target, value) {
-                env = next_callback.call env
+                env = run.call env
                 env.value
               }
               env
-            else
-              next_callback.call env
             end
-          }
+          end
         end
 
-        def self.conditional(next_callback, user_callback, user_conditions)
-          lambda { |env|
+        def self.conditional(callback_sequence, user_callback, user_conditions)
+          callback_sequence.around do |env, &run|
             target = env.target
             value  = env.value
 
             if user_conditions.all? { |c| c.call(target, value) }
               user_callback.call(target, value) {
-                env = next_callback.call env
+                env = run.call env
                 env.value
               }
               env
             else
-              next_callback.call env
+              run.call env
             end
-          }
+          end
         end
 
-        def self.simple(next_callback, user_callback)
-          lambda { |env|
+        def self.simple(callback_sequence, user_callback)
+          callback_sequence.around do |env, &run|
             user_callback.call(env.target, env.value) {
-              env = next_callback.call env
+              env = run.call env
               env.value
             }
             env
-          }
+          end
         end
       end
     end
@@ -382,17 +387,17 @@ module ActiveSupport
       end
 
       # Wraps code with filter
-      def apply(next_callback)
+      def apply(callback_sequence)
         user_conditions = conditions_lambdas
         user_callback = make_lambda @filter
 
         case kind
         when :before
-          Filters::Before.build(next_callback, user_callback, user_conditions, chain_config, @filter)
+          Filters::Before.build(callback_sequence, user_callback, user_conditions, chain_config, @filter)
         when :after
-          Filters::After.build(next_callback, user_callback, user_conditions, chain_config)
+          Filters::After.build(callback_sequence, user_callback, user_conditions, chain_config)
         when :around
-          Filters::Around.build(next_callback, user_callback, user_conditions, chain_config)
+          Filters::Around.build(callback_sequence, user_callback, user_conditions, chain_config)
         end
       end
 
@@ -464,6 +469,42 @@ module ActiveSupport
       end
     end
 
+    # Execute before and after filters in a sequence instead of
+    # chaining them with nested lambda calls, see:
+    # https://github.com/rails/rails/issues/18011
+    class CallbackSequence
+      def initialize(&call)
+        @call = call
+        @before = []
+        @after = []
+      end
+
+      def before(&before)
+        @before.unshift(before)
+        self
+      end
+
+      def after(&after)
+        @after.push(after)
+        self
+      end
+
+      def around(&around)
+        CallbackSequence.new do |*args|
+          around.call(*args) {
+            self.call(*args)
+          }
+        end
+      end
+
+      def call(*args)
+        @before.each { |b| b.call(*args) }
+        value = @call.call(*args)
+        @after.each { |a| a.call(*args) }
+        value
+      end
+    end
+
     # An Array with a compile method.
     class CallbackChain #:nodoc:#
       include Enumerable
@@ -508,8 +549,9 @@ module ActiveSupport
 
       def compile
         @callbacks || @mutex.synchronize do
-          @callbacks ||= @chain.reverse.inject(Filters::ENDING) do |chain, callback|
-            callback.apply chain
+          final_sequence = CallbackSequence.new { |env| Filters::ENDING.call(env) }
+          @callbacks ||= @chain.reverse.inject(final_sequence) do |callback_sequence, callback|
+            callback.apply callback_sequence
           end
         end
       end