activesupport 5.2.2 → 5.2.4.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 28ba8a573798735113cf64c0bd1ffd7e2bddb6b81be4b9feca484a4543f59c66
-  data.tar.gz: ca185b08c32e2ce148c0ea786ad508ecd7385878cfe6f442d81115d72dbd4d7b
+  metadata.gz: 9eaca090b97477eb47dc519cdd74b4aceb3bc6c9d7f1f9c81b86a5cd000979fc
+  data.tar.gz: 1841fae4b6c08dba4845202e96f28096e289da5a2a19fe98cdfb1456361bd72e
 SHA512:
-  metadata.gz: ea921839a1a4dcf213a4a057a08e869ec41e557d6602f719537edfd1293cf4115e58e7e3b00133386116197d093ac06c011b903fa69d604abebe92a7c488ea94
-  data.tar.gz: 017ee32c83d1456e7050c2b4770635375240ce7aa36433edf27a8f525b7b23cf1cc930e19f28b0f77e633b8430b22a5f3a6000a186985ee1fabf72e87c4ad3d5
+  metadata.gz: c0d5e35f172cec406ddb9dfec8c552c9d67d20519dab0cc9422f65ecc32c55a4cc750e82cb17ca12e381ade6051b64ba48f30f85165172fc50a9796206cc0a83
+  data.tar.gz: b3de3b8b17d0c886ec898dd7c1d1c7585f29e55bbd05186a2eeeb5e96ee43a7b05ba44be337ecc2a0413a37432ecfe7e887c41f06e4a82d1abac5b542472dcf7

data/CHANGELOG.md

@@ -1,3 +1,89 @@
+## Rails 5.2.4.5 (February 10, 2021) ##
+
+*   No changes.
+
+
+## Rails 5.2.4.4 (September 09, 2020) ##
+
+*   No changes.
+
+
+## Rails 5.2.4.3 (May 18, 2020) ##
+
+*   [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
+
+*   [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
+
+## Rails 5.2.4.1 (December 18, 2019) ##
+
+*   No changes.
+
+
+## Rails 5.2.4 (November 27, 2019) ##
+
+*   Make ActiveSupport::Logger Fiber-safe. Fixes #36752.
+
+    Use `Fiber.current.__id__` in `ActiveSupport::Logger#local_level=` in order
+    to make log level local to Ruby Fibers in addition to Threads.
+
+    Example:
+
+        logger = ActiveSupport::Logger.new(STDOUT)
+        logger.level = 1
+        p "Main is debug? #{logger.debug?}"
+
+        Fiber.new {
+          logger.local_level = 0
+          p "Thread is debug? #{logger.debug?}"
+        }.resume
+
+        p "Main is debug? #{logger.debug?}"
+
+    Before:
+
+        Main is debug? false
+        Thread is debug? true
+        Main is debug? true
+
+    After:
+
+        Main is debug? false
+        Thread is debug? true
+        Main is debug? false
+
+    *Alexander Varnin*
+
+
+## Rails 5.2.3 (March 27, 2019) ##
+
+*   Add `ActiveSupport::HashWithIndifferentAccess#assoc`.
+
+    `assoc` can now be called with either a string or a symbol.
+
+    *Stefan Schüßler*
+
+*   Fix `String#safe_constantize` throwing a `LoadError` for incorrectly cased constant references.
+
+    *Keenan Brock*
+
+*   Allow Range#=== and Range#cover? on Range
+
+    `Range#cover?` can now accept a range argument like `Range#include?` and
+    `Range#===`. `Range#===` works correctly on Ruby 2.6. `Range#include?` is moved
+    into a new file, with these two methods.
+
+    *utilum*
+
+*   If the same block is `included` multiple times for a Concern, an exception is no longer raised.
+
+    *Mark J. Titorenko*, *Vlad Bokov*
+
+
+## Rails 5.2.2.1 (March 11, 2019) ##
+
+*   No changes.
+
+
 ## Rails 5.2.2 (December 04, 2018) ##
 
 *   Fix bug where `#to_options` for `ActiveSupport::HashWithIndifferentAccess`

data/lib/active_support/cache/mem_cache_store.rb

@@ -7,7 +7,6 @@ rescue LoadError => e
   raise e
 end
 
-require "active_support/core_ext/marshal"
 require "active_support/core_ext/array/extract_options"
 
 module ActiveSupport
@@ -28,14 +27,6 @@ module ActiveSupport
       # Provide support for raw values in the local cache strategy.
       module LocalCacheWithRaw # :nodoc:
         private
-          def read_entry(key, options)
-            entry = super
-            if options[:raw] && local_cache && entry
-              entry = deserialize_entry(entry.value)
-            end
-            entry
-          end
-
           def write_entry(key, entry, options)
             if options[:raw] && local_cache
               raw_entry = Entry.new(entry.value.to_s)
@@ -189,9 +180,8 @@ module ActiveSupport
           key
         end
 
-        def deserialize_entry(raw_value)
-          if raw_value
-            entry = Marshal.load(raw_value) rescue raw_value
+        def deserialize_entry(entry)
+          if entry
             entry.is_a?(Entry) ? entry : Entry.new(entry)
           end
         end

data/lib/active_support/cache/redis_cache_store.rb

@@ -70,14 +70,6 @@ module ActiveSupport
       # Support raw values in the local cache strategy.
       module LocalCacheWithRaw # :nodoc:
         private
-          def read_entry(key, options)
-            entry = super
-            if options[:raw] && local_cache && entry
-              entry = deserialize_entry(entry.value)
-            end
-            entry
-          end
-
           def write_entry(key, entry, options)
             if options[:raw] && local_cache
               raw_entry = Entry.new(serialize_entry(entry, raw: true))
@@ -328,7 +320,8 @@ module ActiveSupport
         # Read an entry from the cache.
         def read_entry(key, options = nil)
           failsafe :read_entry do
-            deserialize_entry redis.with { |c| c.get(key) }
+            raw = options&.fetch(:raw, false)
+            deserialize_entry(redis.with { |c| c.get(key) }, raw: raw)
           end
         end
 
@@ -343,6 +336,7 @@ module ActiveSupport
         def read_multi_mget(*names)
           options = names.extract_options!
           options = merged_options(options)
+          raw = options&.fetch(:raw, false)
 
           keys = names.map { |name| normalize_key(name, options) }
 
@@ -352,7 +346,7 @@ module ActiveSupport
 
           names.zip(values).each_with_object({}) do |(name, value), results|
             if value
-              entry = deserialize_entry(value)
+              entry = deserialize_entry(value, raw: raw)
               unless entry.nil? || entry.expired? || entry.mismatched?(normalize_version(name, options))
                 results[name] = entry.value
               end
@@ -421,9 +415,20 @@ module ActiveSupport
           end
         end
 
-        def deserialize_entry(serialized_entry)
+        def deserialize_entry(serialized_entry, raw:)
           if serialized_entry
             entry = Marshal.load(serialized_entry) rescue serialized_entry
+
+            written_raw = serialized_entry.equal?(entry)
+            if raw != written_raw
+              ActiveSupport::Deprecation.warn(<<-MSG.squish)
+                Using a different value for the raw option when reading and writing
+                to a cache key is deprecated for :redis_cache_store and Rails 6.0
+                will stop automatically detecting the format when reading to avoid
+                marshal loading untrusted raw strings.
+              MSG
+            end
+
             entry.is_a?(Entry) ? entry : Entry.new(entry)
           end
         end

data/lib/active_support/concern.rb

@@ -125,9 +125,13 @@ module ActiveSupport
 
     def included(base = nil, &block)
       if base.nil?
-        raise MultipleIncludedBlocks if instance_variable_defined?(:@_included_block)
-
-        @_included_block = block
+        if instance_variable_defined?(:@_included_block)
+          if @_included_block.source_location != block.source_location
+            raise MultipleIncludedBlocks
+          end
+        else
+          @_included_block = block
+        end
       else
         super
       end

data/lib/active_support/core_ext/digest.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/digest/uuid"

data/lib/active_support/core_ext/range.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require "active_support/core_ext/range/conversions"
-require "active_support/core_ext/range/include_range"
+require "active_support/core_ext/range/compare_range"
 require "active_support/core_ext/range/include_time_with_zone"
 require "active_support/core_ext/range/overlaps"
 require "active_support/core_ext/range/each"

data/lib/active_support/core_ext/range/compare_range.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module ActiveSupport
+  module CompareWithRange #:nodoc:
+    # Extends the default Range#=== to support range comparisons.
+    #  (1..5) === (1..5) # => true
+    #  (1..5) === (2..3) # => true
+    #  (1..5) === (2..6) # => false
+    #
+    # The native Range#=== behavior is untouched.
+    #  ('a'..'f') === ('c') # => true
+    #  (5..9) === (11) # => false
+    def ===(value)
+      if value.is_a?(::Range)
+        # 1...10 includes 1..9 but it does not include 1..10.
+        operator = exclude_end? && !value.exclude_end? ? :< : :<=
+        super(value.first) && value.last.send(operator, last)
+      else
+        super
+      end
+    end
+
+    # Extends the default Range#include? to support range comparisons.
+    #  (1..5).include?(1..5) # => true
+    #  (1..5).include?(2..3) # => true
+    #  (1..5).include?(2..6) # => false
+    #
+    # The native Range#include? behavior is untouched.
+    #  ('a'..'f').include?('c') # => true
+    #  (5..9).include?(11) # => false
+    def include?(value)
+      if value.is_a?(::Range)
+        # 1...10 includes 1..9 but it does not include 1..10.
+        operator = exclude_end? && !value.exclude_end? ? :< : :<=
+        super(value.first) && value.last.send(operator, last)
+      else
+        super
+      end
+    end
+
+    # Extends the default Range#cover? to support range comparisons.
+    #  (1..5).cover?(1..5) # => true
+    #  (1..5).cover?(2..3) # => true
+    #  (1..5).cover?(2..6) # => false
+    #
+    # The native Range#cover? behavior is untouched.
+    #  ('a'..'f').cover?('c') # => true
+    #  (5..9).cover?(11) # => false
+    def cover?(value)
+      if value.is_a?(::Range)
+        # 1...10 covers 1..9 but it does not cover 1..10.
+        operator = exclude_end? && !value.exclude_end? ? :< : :<=
+        super(value.first) && value.last.send(operator, last)
+      else
+        super
+      end
+    end
+  end
+end
+
+Range.prepend(ActiveSupport::CompareWithRange)

data/lib/active_support/core_ext/range/include_range.rb

@@ -1,25 +1,3 @@
 # frozen_string_literal: true
 
-module ActiveSupport
-  module IncludeWithRange #:nodoc:
-    # Extends the default Range#include? to support range comparisons.
-    #  (1..5).include?(1..5) # => true
-    #  (1..5).include?(2..3) # => true
-    #  (1..5).include?(2..6) # => false
-    #
-    # The native Range#include? behavior is untouched.
-    #  ('a'..'f').include?('c') # => true
-    #  (5..9).include?(11) # => false
-    def include?(value)
-      if value.is_a?(::Range)
-        # 1...10 includes 1..9 but it does not include 1..10.
-        operator = exclude_end? && !value.exclude_end? ? :< : :<=
-        super(value.first) && value.last.send(operator, last)
-      else
-        super
-      end
-    end
-  end
-end
-
-Range.prepend(ActiveSupport::IncludeWithRange)
+require "active_support/core_ext/range/compare_range"

data/lib/active_support/deprecation/method_wrappers.rb

@@ -53,27 +53,37 @@ module ActiveSupport
         options = method_names.extract_options!
         deprecator = options.delete(:deprecator) || self
         method_names += options.keys
+        mod = Module.new
 
         method_names.each do |method_name|
-          aliased_method, punctuation = method_name.to_s.sub(/([?!=])$/, ""), $1
-          with_method = "#{aliased_method}_with_deprecation#{punctuation}"
-          without_method = "#{aliased_method}_without_deprecation#{punctuation}"
+          if target_module.method_defined?(method_name) || target_module.private_method_defined?(method_name)
+            aliased_method, punctuation = method_name.to_s.sub(/([?!=])$/, ""), $1
+            with_method = "#{aliased_method}_with_deprecation#{punctuation}"
+            without_method = "#{aliased_method}_without_deprecation#{punctuation}"
 
-          target_module.send(:define_method, with_method) do |*args, &block|
-            deprecator.deprecation_warning(method_name, options[method_name])
-            send(without_method, *args, &block)
-          end
+            target_module.send(:define_method, with_method) do |*args, &block|
+              deprecator.deprecation_warning(method_name, options[method_name])
+              send(without_method, *args, &block)
+            end
 
-          target_module.send(:alias_method, without_method, method_name)
-          target_module.send(:alias_method, method_name, with_method)
+            target_module.send(:alias_method, without_method, method_name)
+            target_module.send(:alias_method, method_name, with_method)
 
-          case
-          when target_module.protected_method_defined?(without_method)
-            target_module.send(:protected, method_name)
-          when target_module.private_method_defined?(without_method)
-            target_module.send(:private, method_name)
+            case
+            when target_module.protected_method_defined?(without_method)
+              target_module.send(:protected, method_name)
+            when target_module.private_method_defined?(without_method)
+              target_module.send(:private, method_name)
+            end
+          else
+            mod.send(:define_method, method_name) do |*args, &block|
+              deprecator.deprecation_warning(method_name, options[method_name])
+              super(*args, &block)
+            end
           end
         end
+
+        target_module.prepend(mod) unless mod.instance_methods(false).empty?
       end
     end
   end

data/lib/active_support/gem_version.rb

@@ -9,8 +9,8 @@ module ActiveSupport
   module VERSION
     MAJOR = 5
     MINOR = 2
-    TINY  = 2
-    PRE   = nil
+    TINY  = 4
+    PRE   = "5"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/active_support/hash_with_indifferent_access.rb

@@ -163,6 +163,19 @@ module ActiveSupport
       super(convert_key(key))
     end
 
+    # Same as <tt>Hash#assoc</tt> where the key passed as argument can be
+    # either a string or a symbol:
+    #
+    #   counters = ActiveSupport::HashWithIndifferentAccess.new
+    #   counters[:foo] = 1
+    #
+    #   counters.assoc('foo') # => ["foo", 1]
+    #   counters.assoc(:foo)  # => ["foo", 1]
+    #   counters.assoc(:zoo)  # => nil
+    def assoc(key)
+      super(convert_key(key))
+    end
+
     # Same as <tt>Hash#fetch</tt> where the key passed as argument can be
     # either a string or a symbol:
     #

data/lib/active_support/inflector/methods.rb

@@ -329,6 +329,8 @@ module ActiveSupport
         e.name.to_s == camel_cased_word.to_s)
     rescue ArgumentError => e
       raise unless /not missing constant #{const_regexp(camel_cased_word)}!$/.match?(e.message)
+    rescue LoadError => e
+      raise unless /Unable to autoload constant #{const_regexp(camel_cased_word)}/.match?(e.message)
     end
 
     # Returns the suffix that should be added to a number to denote the position

data/lib/active_support/logger_thread_safe_level.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "active_support/concern"
+require "fiber"
 
 module ActiveSupport
   module LoggerThreadSafeLevel # :nodoc:
@@ -11,7 +12,7 @@ module ActiveSupport
     end
 
     def local_log_id
-      Thread.current.__id__
+      Fiber.current.__id__
     end
 
     def local_level

data/lib/active_support/notifications/fanout.rb

@@ -18,8 +18,8 @@ module ActiveSupport
         super
       end
 
-      def subscribe(pattern = nil, block = Proc.new)
-        subscriber = Subscribers.new pattern, block
+      def subscribe(pattern = nil, callable = nil, &block)
+        subscriber = Subscribers.new(pattern, callable || block)
         synchronize do
           @subscribers << subscriber
           @listeners_for.clear

data/lib/active_support/ordered_options.rb

@@ -39,7 +39,7 @@ module ActiveSupport
     end
 
     def method_missing(name, *args)
-      name_string = name.to_s
+      name_string = name.to_s.dup
       if name_string.chomp!("=")
         self[name_string] = args.first
       else

data/lib/active_support/xml_mini.rb

@@ -75,7 +75,7 @@ module ActiveSupport
             begin
               BigDecimal(number)
             rescue ArgumentError
-              BigDecimal("0")
+              BigDecimal(number.to_f.to_s)
             end
           else
             BigDecimal(number)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: activesupport
 version: !ruby/object:Gem::Version
-  version: 5.2.2
+  version: 5.2.4.5
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-12-04 00:00:00.000000000 Z
+date: 2021-02-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n
@@ -139,6 +139,7 @@ files:
 - lib/active_support/core_ext/date_time/calculations.rb
 - lib/active_support/core_ext/date_time/compatibility.rb
 - lib/active_support/core_ext/date_time/conversions.rb
+- lib/active_support/core_ext/digest.rb
 - lib/active_support/core_ext/digest/uuid.rb
 - lib/active_support/core_ext/enumerable.rb
 - lib/active_support/core_ext/file.rb
@@ -197,6 +198,7 @@ files:
 - lib/active_support/core_ext/object/try.rb
 - lib/active_support/core_ext/object/with_options.rb
 - lib/active_support/core_ext/range.rb
+- lib/active_support/core_ext/range/compare_range.rb
 - lib/active_support/core_ext/range/conversions.rb
 - lib/active_support/core_ext/range/each.rb
 - lib/active_support/core_ext/range/include_range.rb
@@ -331,8 +333,8 @@ homepage: http://rubyonrails.org
 licenses:
 - MIT
 metadata:
-  source_code_uri: https://github.com/rails/rails/tree/v5.2.2/activesupport
-  changelog_uri: https://github.com/rails/rails/blob/v5.2.2/activesupport/CHANGELOG.md
+  source_code_uri: https://github.com/rails/rails/tree/v5.2.4.5/activesupport
+  changelog_uri: https://github.com/rails/rails/blob/v5.2.4.5/activesupport/CHANGELOG.md
 post_install_message: 
 rdoc_options:
 - "--encoding"
@@ -350,8 +352,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: A toolkit of support libraries and Ruby core extensions extracted from the