activesupport 4.1.14 → 4.1.14.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activesupport might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9ca631df4ed97b4a20192f871de32719d8c478ac
4
- data.tar.gz: 9e2890ca8182e3a55da4061be0c87ecd5515a104
3
+ metadata.gz: af4674cf0e9c1dffb648e7eea1ee78a010964830
4
+ data.tar.gz: ed2df818a8e607aa96d1fe3c9c8629a070f33ae6
5
5
  SHA512:
6
- metadata.gz: 2c7589b28c83158a846a732141b7846a1877ab2c2eb34e0471ced7e3fd75c1961ce6a6640d060d448ba0694408625ec638004aab0d0a83c212786f417e2a63ce
7
- data.tar.gz: bfb267d2ab2c24695ad27e426138b3d850c96bf159f8ca89b30fb4354aea5432b26aec338994e9aca57978f208e5f69e79995501c958c20ee273ba3ae23beb9a
6
+ metadata.gz: 8d7301a93af6e2b7b016a1e8e46962d0754b71d54a9dcd1d74f33a78ff8882e1387dad714266d3dc6ef48a1eb57596d8b4cf0a6d3ebf4e4e1d15f7f04d74b13c
7
+ data.tar.gz: 85396f4c6cb6e6f4aaf75ea71cc8f1925375fa10edf04e2c9c065aca782bfab507a5867da985ee1bdb2a268613d180079a42bd86ccf92ce15fd67b3453b7b3da
@@ -768,7 +768,7 @@ module ActiveSupport
768
768
  end
769
769
 
770
770
  names.each do |name|
771
- class_attribute "_#{name}_callbacks"
771
+ class_attribute "_#{name}_callbacks", instance_writer: false
772
772
  set_callbacks name, CallbackChain.new(name, options)
773
773
  end
774
774
  end
@@ -8,7 +8,7 @@ module ActiveSupport
8
8
  MAJOR = 4
9
9
  MINOR = 1
10
10
  TINY = 14
11
- PRE = nil
11
+ PRE = "1"
12
12
 
13
13
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
14
14
  end
@@ -0,0 +1,27 @@
1
+ require 'digest'
2
+
3
+ module ActiveSupport
4
+ module SecurityUtils
5
+ # Constant time string comparison.
6
+ #
7
+ # The values compared should be of fixed length, such as strings
8
+ # that have already been processed by HMAC. This should not be used
9
+ # on variable length plaintext strings because it could leak length info
10
+ # via timing attacks.
11
+ def secure_compare(a, b)
12
+ return false unless a.bytesize == b.bytesize
13
+
14
+ l = a.unpack "C#{a.bytesize}"
15
+
16
+ res = 0
17
+ b.each_byte { |byte| res |= byte ^ l.shift }
18
+ res == 0
19
+ end
20
+ module_function :secure_compare
21
+
22
+ def variable_size_secure_compare(a, b) # :nodoc:
23
+ secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b))
24
+ end
25
+ module_function :variable_size_secure_compare
26
+ end
27
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.1.14
4
+ version: 4.1.14.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-12 00:00:00.000000000 Z
11
+ date: 2016-01-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: i18n
@@ -289,6 +289,7 @@ files:
289
289
  - lib/active_support/rails.rb
290
290
  - lib/active_support/railtie.rb
291
291
  - lib/active_support/rescuable.rb
292
+ - lib/active_support/security_utils.rb
292
293
  - lib/active_support/string_inquirer.rb
293
294
  - lib/active_support/subscriber.rb
294
295
  - lib/active_support/tagged_logging.rb
@@ -336,7 +337,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
336
337
  version: '0'
337
338
  requirements: []
338
339
  rubyforge_project:
339
- rubygems_version: 2.4.5.1
340
+ rubygems_version: 2.5.1
340
341
  signing_key:
341
342
  specification_version: 4
342
343
  summary: A toolkit of support libraries and Ruby core extensions extracted from the