activesupport 5.1.7 → 6.1.7

data/lib/active_support/core_ext/string/inflections.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/inflector/methods"
 require "active_support/inflector/transliterate"
 
@@ -28,6 +30,8 @@ class String
   #   'apple'.pluralize(2)         # => "apples"
   #   'ley'.pluralize(:es)         # => "leyes"
   #   'ley'.pluralize(1, :es)      # => "ley"
+  #
+  # See ActiveSupport::Inflector.pluralize.
   def pluralize(count = nil, locale = :en)
     locale = count if count.is_a?(Symbol)
     if count == 1
@@ -51,28 +55,34 @@ class String
   #   'the blue mailmen'.singularize # => "the blue mailman"
   #   'CamelOctopi'.singularize      # => "CamelOctopus"
   #   'leyes'.singularize(:es)       # => "ley"
+  #
+  # See ActiveSupport::Inflector.singularize.
   def singularize(locale = :en)
     ActiveSupport::Inflector.singularize(self, locale)
   end
 
   # +constantize+ tries to find a declared constant with the name specified
   # in the string. It raises a NameError when the name is not in CamelCase
-  # or is not initialized.  See ActiveSupport::Inflector.constantize
+  # or is not initialized.
   #
   #   'Module'.constantize  # => Module
   #   'Class'.constantize   # => Class
   #   'blargle'.constantize # => NameError: wrong constant name blargle
+  #
+  # See ActiveSupport::Inflector.constantize.
   def constantize
     ActiveSupport::Inflector.constantize(self)
   end
 
   # +safe_constantize+ tries to find a declared constant with the name specified
   # in the string. It returns +nil+ when the name is not in CamelCase
-  # or is not initialized.  See ActiveSupport::Inflector.safe_constantize
+  # or is not initialized.
   #
   #   'Module'.safe_constantize  # => Module
   #   'Class'.safe_constantize   # => Class
   #   'blargle'.safe_constantize # => nil
+  #
+  # See ActiveSupport::Inflector.safe_constantize.
   def safe_constantize
     ActiveSupport::Inflector.safe_constantize(self)
   end
@@ -86,12 +96,18 @@ class String
   #   'active_record'.camelize(:lower)        # => "activeRecord"
   #   'active_record/errors'.camelize         # => "ActiveRecord::Errors"
   #   'active_record/errors'.camelize(:lower) # => "activeRecord::Errors"
+  #
+  # +camelize+ is also aliased as +camelcase+.
+  #
+  # See ActiveSupport::Inflector.camelize.
   def camelize(first_letter = :upper)
     case first_letter
     when :upper
       ActiveSupport::Inflector.camelize(self, true)
     when :lower
       ActiveSupport::Inflector.camelize(self, false)
+    else
+      raise ArgumentError, "Invalid option, use either :upper or :lower."
     end
   end
   alias_method :camelcase, :camelize
@@ -100,12 +116,19 @@ class String
   # a nicer looking title. +titleize+ is meant for creating pretty output. It is not
   # used in the Rails internals.
   #
+  # The trailing '_id','Id'.. can be kept and capitalized by setting the
+  # optional parameter +keep_id_suffix+ to true.
+  # By default, this parameter is false.
+  #
+  #   'man from the boondocks'.titleize                       # => "Man From The Boondocks"
+  #   'x-men: the last stand'.titleize                        # => "X Men: The Last Stand"
+  #   'string_ending_with_id'.titleize(keep_id_suffix: true)  # => "String Ending With Id"
+  #
   # +titleize+ is also aliased as +titlecase+.
   #
-  #   'man from the boondocks'.titleize # => "Man From The Boondocks"
-  #   'x-men: the last stand'.titleize  # => "X Men: The Last Stand"
-  def titleize
-    ActiveSupport::Inflector.titleize(self)
+  # See ActiveSupport::Inflector.titleize.
+  def titleize(keep_id_suffix: false)
+    ActiveSupport::Inflector.titleize(self, keep_id_suffix: keep_id_suffix)
   end
   alias_method :titlecase, :titleize
 
@@ -115,6 +138,8 @@ class String
   #
   #   'ActiveModel'.underscore         # => "active_model"
   #   'ActiveModel::Errors'.underscore # => "active_model/errors"
+  #
+  # See ActiveSupport::Inflector.underscore.
   def underscore
     ActiveSupport::Inflector.underscore(self)
   end
@@ -122,6 +147,8 @@ class String
   # Replaces underscores with dashes in the string.
   #
   #   'puni_puni'.dasherize # => "puni-puni"
+  #
+  # See ActiveSupport::Inflector.dasherize.
   def dasherize
     ActiveSupport::Inflector.dasherize(self)
   end
@@ -133,6 +160,8 @@ class String
   #   '::Inflections'.demodulize                         # => "Inflections"
   #   ''.demodulize                                      # => ''
   #
+  # See ActiveSupport::Inflector.demodulize.
+  #
   # See also +deconstantize+.
   def demodulize
     ActiveSupport::Inflector.demodulize(self)
@@ -146,6 +175,8 @@ class String
   #   '::String'.deconstantize    # => ""
   #   ''.deconstantize            # => ""
   #
+  # See ActiveSupport::Inflector.deconstantize.
+  #
   # See also +demodulize+.
   def deconstantize
     ActiveSupport::Inflector.deconstantize(self)
@@ -153,6 +184,11 @@ class String
 
   # Replaces special characters in a string so that it may be used as part of a 'pretty' URL.
   #
+  # If the optional parameter +locale+ is specified,
+  # the word will be parameterized as a word of that language.
+  # By default, this parameter is set to <tt>nil</tt> and it will use
+  # the configured <tt>I18n.locale</tt>.
+  #
   #   class Person
   #     def to_param
   #       "#{id}-#{name.parameterize}"
@@ -165,7 +201,7 @@ class String
   #   <%= link_to(@person.name, person_path) %>
   #   # => <a href="/person/1-donald-e-knuth">Donald E. Knuth</a>
   #
-  # To preserve the case of the characters in a string, use the `preserve_case` argument.
+  # To preserve the case of the characters in a string, use the +preserve_case+ argument.
   #
   #   class Person
   #     def to_param
@@ -178,8 +214,10 @@ class String
   #
   #   <%= link_to(@person.name, person_path) %>
   #   # => <a href="/person/1-Donald-E-Knuth">Donald E. Knuth</a>
-  def parameterize(separator: "-", preserve_case: false)
-    ActiveSupport::Inflector.parameterize(self, separator: separator, preserve_case: preserve_case)
+  #
+  # See ActiveSupport::Inflector.parameterize.
+  def parameterize(separator: "-", preserve_case: false, locale: nil)
+    ActiveSupport::Inflector.parameterize(self, separator: separator, preserve_case: preserve_case, locale: locale)
   end
 
   # Creates the name of a table like Rails does for models to table names. This method
@@ -188,6 +226,8 @@ class String
   #   'RawScaledScorer'.tableize # => "raw_scaled_scorers"
   #   'ham_and_egg'.tableize     # => "ham_and_eggs"
   #   'fancyCategory'.tableize   # => "fancy_categories"
+  #
+  # See ActiveSupport::Inflector.tableize.
   def tableize
     ActiveSupport::Inflector.tableize(self)
   end
@@ -198,11 +238,13 @@ class String
   #
   #   'ham_and_eggs'.classify # => "HamAndEgg"
   #   'posts'.classify        # => "Post"
+  #
+  # See ActiveSupport::Inflector.classify.
   def classify
     ActiveSupport::Inflector.classify(self)
   end
 
-  # Capitalizes the first word, turns underscores into spaces, and strips a
+  # Capitalizes the first word, turns underscores into spaces, and (by default)strips a
   # trailing '_id' if present.
   # Like +titleize+, this is meant for creating pretty output.
   #
@@ -210,12 +252,19 @@ class String
   # optional parameter +capitalize+ to false.
   # By default, this parameter is true.
   #
-  #   'employee_salary'.humanize              # => "Employee salary"
-  #   'author_id'.humanize                    # => "Author"
-  #   'author_id'.humanize(capitalize: false) # => "author"
-  #   '_id'.humanize                          # => "Id"
-  def humanize(options = {})
-    ActiveSupport::Inflector.humanize(self, options)
+  # The trailing '_id' can be kept and capitalized by setting the
+  # optional parameter +keep_id_suffix+ to true.
+  # By default, this parameter is false.
+  #
+  #   'employee_salary'.humanize                    # => "Employee salary"
+  #   'author_id'.humanize                          # => "Author"
+  #   'author_id'.humanize(capitalize: false)       # => "author"
+  #   '_id'.humanize                                # => "Id"
+  #   'author_id'.humanize(keep_id_suffix: true)    # => "Author Id"
+  #
+  # See ActiveSupport::Inflector.humanize.
+  def humanize(capitalize: true, keep_id_suffix: false)
+    ActiveSupport::Inflector.humanize(self, capitalize: capitalize, keep_id_suffix: keep_id_suffix)
   end
 
   # Converts just the first character to uppercase.
@@ -223,6 +272,8 @@ class String
   #   'what a Lovely Day'.upcase_first # => "What a Lovely Day"
   #   'w'.upcase_first                 # => "W"
   #   ''.upcase_first                  # => ""
+  #
+  # See ActiveSupport::Inflector.upcase_first.
   def upcase_first
     ActiveSupport::Inflector.upcase_first(self)
   end
@@ -234,6 +285,8 @@ class String
   #   'Message'.foreign_key        # => "message_id"
   #   'Message'.foreign_key(false) # => "messageid"
   #   'Admin::Post'.foreign_key    # => "post_id"
+  #
+  # See ActiveSupport::Inflector.foreign_key.
   def foreign_key(separate_class_name_and_id_with_underscore = true)
     ActiveSupport::Inflector.foreign_key(self, separate_class_name_and_id_with_underscore)
   end

data/lib/active_support/core_ext/string/inquiry.rb

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
+
 require "active_support/string_inquirer"
+require "active_support/environment_inquirer"
 
 class String
   # Wraps the current string in the <tt>ActiveSupport::StringInquirer</tt> class,

data/lib/active_support/core_ext/string/multibyte.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/multibyte"
 
 class String
@@ -9,11 +11,14 @@ class String
   # encapsulates the original string. A Unicode safe version of all the String methods are defined on this proxy
   # class. If the proxy class doesn't respond to a certain method, it's forwarded to the encapsulated string.
   #
-  #   >> "lj".upcase
-  #   => "lj"
   #   >> "lj".mb_chars.upcase.to_s
   #   => "LJ"
   #
+  # NOTE: Ruby 2.4 and later support native Unicode case mappings:
+  #
+  #   >> "lj".upcase
+  #   => "LJ"
+  #
   # == Method chaining
   #
   # All the methods on the Chars proxy which normally return a string will return a Chars object. This allows
@@ -42,9 +47,9 @@ class String
   #   iso_str.is_utf8?   # => false
   def is_utf8?
     case encoding
-    when Encoding::UTF_8
+    when Encoding::UTF_8, Encoding::US_ASCII
       valid_encoding?
-    when Encoding::ASCII_8BIT, Encoding::US_ASCII
+    when Encoding::ASCII_8BIT
       dup.force_encoding(Encoding::UTF_8).valid_encoding?
     else
       false

data/lib/active_support/core_ext/string/output_safety.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 require "erb"
-require "active_support/core_ext/kernel/singleton_class"
+require "active_support/core_ext/module/redefine_method"
 require "active_support/multibyte/unicode"
 
 class ERB
@@ -9,25 +11,29 @@ class ERB
     HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]+));)/
     JSON_ESCAPE_REGEXP = /[\u2028\u2029&><]/u
 
+    # Following XML requirements: https://www.w3.org/TR/REC-xml/#NT-Name
+    TAG_NAME_START_REGEXP_SET = "@:A-Z_a-z\u{C0}-\u{D6}\u{D8}-\u{F6}\u{F8}-\u{2FF}\u{370}-\u{37D}\u{37F}-\u{1FFF}" \
+                                "\u{200C}-\u{200D}\u{2070}-\u{218F}\u{2C00}-\u{2FEF}\u{3001}-\u{D7FF}\u{F900}-\u{FDCF}" \
+                                "\u{FDF0}-\u{FFFD}\u{10000}-\u{EFFFF}"
+    TAG_NAME_START_REGEXP = /[^#{TAG_NAME_START_REGEXP_SET}]/
+    TAG_NAME_FOLLOWING_REGEXP = /[^#{TAG_NAME_START_REGEXP_SET}\-.0-9\u{B7}\u{0300}-\u{036F}\u{203F}-\u{2040}]/
+    TAG_NAME_REPLACEMENT_CHAR = "_"
+
     # A utility method for escaping HTML tag characters.
     # This method is also aliased as <tt>h</tt>.
     #
-    # In your ERB templates, use this method to escape any unsafe content. For example:
-    #   <%= h @person.name %>
-    #
     #   puts html_escape('is a > 0 & a < 10?')
     #   # => is a &gt; 0 &amp; a &lt; 10?
     def html_escape(s)
       unwrapped_html_escape(s).html_safe
     end
 
-    # Aliasing twice issues a warning "discarding old...". Remove first to avoid it.
-    remove_method(:h)
+    silence_redefinition_of_method :h
     alias h html_escape
 
     module_function :h
 
-    singleton_class.send(:remove_method, :html_escape)
+    singleton_class.silence_redefinition_of_method :html_escape
     module_function :html_escape
 
     # HTML escapes strings but doesn't wrap them with an ActiveSupport::SafeBuffer.
@@ -86,7 +92,7 @@ class ERB
     # use inside HTML attributes.
     #
     # If your JSON is being used downstream for insertion into the DOM, be aware of
-    # whether or not it is being inserted via +html()+. Most jQuery plugins do this.
+    # whether or not it is being inserted via <tt>html()</tt>. Most jQuery plugins do this.
     # If that is the case, be sure to +html_escape+ or +sanitize+ any user-generated
     # content returned by your JSON.
     #
@@ -117,6 +123,26 @@ class ERB
     end
 
     module_function :json_escape
+
+    # A utility method for escaping XML names of tags and names of attributes.
+    #
+    #   xml_name_escape('1 < 2 & 3')
+    #   # => "1___2___3"
+    #
+    # It follows the requirements of the specification: https://www.w3.org/TR/REC-xml/#NT-Name
+    def xml_name_escape(name)
+      name = name.to_s
+      return "" if name.blank?
+
+      starting_char = name[0].gsub(TAG_NAME_START_REGEXP, TAG_NAME_REPLACEMENT_CHAR)
+
+      return starting_char if name.size == 1
+
+      following_chars = name[1..-1].gsub(TAG_NAME_FOLLOWING_REGEXP, TAG_NAME_REPLACEMENT_CHAR)
+
+      starting_char + following_chars
+    end
+    module_function :xml_name_escape
   end
 end
 
@@ -135,10 +161,13 @@ end
 module ActiveSupport #:nodoc:
   class SafeBuffer < String
     UNSAFE_STRING_METHODS = %w(
-      capitalize chomp chop delete downcase gsub lstrip next reverse rstrip
-      slice squeeze strip sub succ swapcase tr tr_s upcase
+      capitalize chomp chop delete delete_prefix delete_suffix
+      downcase lstrip next reverse rstrip scrub slice squeeze strip
+      succ swapcase tr tr_s unicode_normalize upcase
     )
 
+    UNSAFE_STRING_METHODS_WITH_BACKREF = %w(gsub sub)
+
     alias_method :original_concat, :concat
     private :original_concat
 
@@ -150,15 +179,13 @@ module ActiveSupport #:nodoc:
     end
 
     def [](*args)
-      if args.size < 2
-        super
-      elsif html_safe?
-        new_safe_buffer = super
+      if html_safe?
+        new_string = super
 
-        if new_safe_buffer
-          new_safe_buffer.instance_variable_set :@html_safe, true
-        end
+        return unless new_string
 
+        new_safe_buffer = new_string.is_a?(SafeBuffer) ? new_string : SafeBuffer.new(new_string)
+        new_safe_buffer.instance_variable_set :@html_safe, true
         new_safe_buffer
       else
         to_str[*args]
@@ -189,18 +216,41 @@ module ActiveSupport #:nodoc:
     end
     alias << concat
 
+    def insert(index, value)
+      super(index, html_escape_interpolated_argument(value))
+    end
+
     def prepend(value)
       super(html_escape_interpolated_argument(value))
     end
 
+    def replace(value)
+      super(html_escape_interpolated_argument(value))
+    end
+
+    def []=(*args)
+      if args.length == 3
+        super(args[0], args[1], html_escape_interpolated_argument(args[2]))
+      else
+        super(args[0], html_escape_interpolated_argument(args[1]))
+      end
+    end
+
     def +(other)
       dup.concat(other)
     end
 
+    def *(*)
+      new_string = super
+      new_safe_buffer = new_string.is_a?(SafeBuffer) ? new_string : SafeBuffer.new(new_string)
+      new_safe_buffer.instance_variable_set(:@html_safe, @html_safe)
+      new_safe_buffer
+    end
+
     def %(args)
       case args
       when Hash
-        escaped_args = Hash[args.map { |k, arg| [k, html_escape_interpolated_argument(arg)] }]
+        escaped_args = args.transform_values { |arg| html_escape_interpolated_argument(arg) }
       else
         escaped_args = Array(args).map { |arg| html_escape_interpolated_argument(arg) }
       end
@@ -239,11 +289,45 @@ module ActiveSupport #:nodoc:
       end
     end
 
-    private
+    UNSAFE_STRING_METHODS_WITH_BACKREF.each do |unsafe_method|
+      if unsafe_method.respond_to?(unsafe_method)
+        class_eval <<-EOT, __FILE__, __LINE__ + 1
+          def #{unsafe_method}(*args, &block)             # def gsub(*args, &block)
+            if block                                      #   if block
+              to_str.#{unsafe_method}(*args) { |*params|  #     to_str.gsub(*args) { |*params|
+                set_block_back_references(block, $~)      #       set_block_back_references(block, $~)
+                block.call(*params)                       #       block.call(*params)
+              }                                           #     }
+            else                                          #   else
+              to_str.#{unsafe_method}(*args)              #     to_str.gsub(*args)
+            end                                           #   end
+          end                                             # end
+
+          def #{unsafe_method}!(*args, &block)            # def gsub!(*args, &block)
+            @html_safe = false                            #   @html_safe = false
+            if block                                      #   if block
+              super(*args) { |*params|                    #     super(*args) { |*params|
+                set_block_back_references(block, $~)      #       set_block_back_references(block, $~)
+                block.call(*params)                       #       block.call(*params)
+              }                                           #     }
+            else                                          #   else
+              super                                       #     super
+            end                                           #   end
+          end                                             # end
+        EOT
+      end
+    end
 
+    private
       def html_escape_interpolated_argument(arg)
         (!html_safe? || arg.html_safe?) ? arg : CGI.escapeHTML(arg.to_s)
       end
+
+      def set_block_back_references(block, match_data)
+        block.binding.eval("proc { |m| $~ = m }").call(match_data)
+      rescue ArgumentError
+        # Can't create binding from C level Proc
+      end
   end
 end
 
@@ -251,7 +335,7 @@ class String
   # Marks a string as trusted safe. It will be inserted into HTML with no
   # additional escaping performed. It is your responsibility to ensure that the
   # string contains no malicious content. This method is equivalent to the
-  # `raw` helper in views. It is recommended that you use `sanitize` instead of
+  # +raw+ helper in views. It is recommended that you use +sanitize+ instead of
   # this method. It should never be called on user input.
   def html_safe
     ActiveSupport::SafeBuffer.new(self)

data/lib/active_support/core_ext/string/starts_ends_with.rb

@@ -1,4 +1,6 @@
+# frozen_string_literal: true
+
 class String
-  alias_method :starts_with?, :start_with?
-  alias_method :ends_with?, :end_with?
+  alias :starts_with? :start_with?
+  alias :ends_with? :end_with?
 end

data/lib/active_support/core_ext/string/strip.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class String
   # Strips indentation in heredocs.
   #
@@ -18,6 +20,8 @@ class String
   # Technically, it looks for the least indented non-empty line
   # in the whole string, and removes that amount of leading whitespace.
   def strip_heredoc
-    gsub(/^#{scan(/^[ \t]*(?=\S)/).min}/, "".freeze)
+    gsub(/^#{scan(/^[ \t]*(?=\S)/).min}/, "").tap do |stripped|
+      stripped.freeze if frozen?
+    end
   end
 end

data/lib/active_support/core_ext/string/zones.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/core_ext/string/conversions"
 require "active_support/core_ext/time/zones"
 

data/lib/active_support/core_ext/string.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/core_ext/string/conversions"
 require "active_support/core_ext/string/filters"
 require "active_support/core_ext/string/multibyte"

data/lib/active_support/core_ext/symbol/starts_ends_with.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class Symbol
+  def start_with?(*prefixes)
+    to_s.start_with?(*prefixes)
+  end unless method_defined?(:start_with?)
+
+  def end_with?(*suffixes)
+    to_s.end_with?(*suffixes)
+  end unless method_defined?(:end_with?)
+
+  alias :starts_with? :start_with?
+  alias :ends_with? :end_with?
+end

data/lib/active_support/core_ext/symbol.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/symbol/starts_ends_with"

data/lib/active_support/core_ext/time/acts_like.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/core_ext/object/acts_like"
 
 class Time