activesupport 5.2.4 → 5.2.4.5
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activesupport might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +21 -0
- data/lib/active_support/cache/mem_cache_store.rb +2 -12
- data/lib/active_support/cache/redis_cache_store.rb +16 -11
- data/lib/active_support/gem_version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9eaca090b97477eb47dc519cdd74b4aceb3bc6c9d7f1f9c81b86a5cd000979fc
|
4
|
+
data.tar.gz: 1841fae4b6c08dba4845202e96f28096e289da5a2a19fe98cdfb1456361bd72e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c0d5e35f172cec406ddb9dfec8c552c9d67d20519dab0cc9422f65ecc32c55a4cc750e82cb17ca12e381ade6051b64ba48f30f85165172fc50a9796206cc0a83
|
7
|
+
data.tar.gz: b3de3b8b17d0c886ec898dd7c1d1c7585f29e55bbd05186a2eeeb5e96ee43a7b05ba44be337ecc2a0413a37432ecfe7e887c41f06e4a82d1abac5b542472dcf7
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,24 @@
|
|
1
|
+
## Rails 5.2.4.5 (February 10, 2021) ##
|
2
|
+
|
3
|
+
* No changes.
|
4
|
+
|
5
|
+
|
6
|
+
## Rails 5.2.4.4 (September 09, 2020) ##
|
7
|
+
|
8
|
+
* No changes.
|
9
|
+
|
10
|
+
|
11
|
+
## Rails 5.2.4.3 (May 18, 2020) ##
|
12
|
+
|
13
|
+
* [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
|
14
|
+
|
15
|
+
* [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
|
16
|
+
|
17
|
+
## Rails 5.2.4.1 (December 18, 2019) ##
|
18
|
+
|
19
|
+
* No changes.
|
20
|
+
|
21
|
+
|
1
22
|
## Rails 5.2.4 (November 27, 2019) ##
|
2
23
|
|
3
24
|
* Make ActiveSupport::Logger Fiber-safe. Fixes #36752.
|
@@ -7,7 +7,6 @@ rescue LoadError => e
|
|
7
7
|
raise e
|
8
8
|
end
|
9
9
|
|
10
|
-
require "active_support/core_ext/marshal"
|
11
10
|
require "active_support/core_ext/array/extract_options"
|
12
11
|
|
13
12
|
module ActiveSupport
|
@@ -28,14 +27,6 @@ module ActiveSupport
|
|
28
27
|
# Provide support for raw values in the local cache strategy.
|
29
28
|
module LocalCacheWithRaw # :nodoc:
|
30
29
|
private
|
31
|
-
def read_entry(key, options)
|
32
|
-
entry = super
|
33
|
-
if options[:raw] && local_cache && entry
|
34
|
-
entry = deserialize_entry(entry.value)
|
35
|
-
end
|
36
|
-
entry
|
37
|
-
end
|
38
|
-
|
39
30
|
def write_entry(key, entry, options)
|
40
31
|
if options[:raw] && local_cache
|
41
32
|
raw_entry = Entry.new(entry.value.to_s)
|
@@ -189,9 +180,8 @@ module ActiveSupport
|
|
189
180
|
key
|
190
181
|
end
|
191
182
|
|
192
|
-
def deserialize_entry(
|
193
|
-
if
|
194
|
-
entry = Marshal.load(raw_value) rescue raw_value
|
183
|
+
def deserialize_entry(entry)
|
184
|
+
if entry
|
195
185
|
entry.is_a?(Entry) ? entry : Entry.new(entry)
|
196
186
|
end
|
197
187
|
end
|
@@ -70,14 +70,6 @@ module ActiveSupport
|
|
70
70
|
# Support raw values in the local cache strategy.
|
71
71
|
module LocalCacheWithRaw # :nodoc:
|
72
72
|
private
|
73
|
-
def read_entry(key, options)
|
74
|
-
entry = super
|
75
|
-
if options[:raw] && local_cache && entry
|
76
|
-
entry = deserialize_entry(entry.value)
|
77
|
-
end
|
78
|
-
entry
|
79
|
-
end
|
80
|
-
|
81
73
|
def write_entry(key, entry, options)
|
82
74
|
if options[:raw] && local_cache
|
83
75
|
raw_entry = Entry.new(serialize_entry(entry, raw: true))
|
@@ -328,7 +320,8 @@ module ActiveSupport
|
|
328
320
|
# Read an entry from the cache.
|
329
321
|
def read_entry(key, options = nil)
|
330
322
|
failsafe :read_entry do
|
331
|
-
|
323
|
+
raw = options&.fetch(:raw, false)
|
324
|
+
deserialize_entry(redis.with { |c| c.get(key) }, raw: raw)
|
332
325
|
end
|
333
326
|
end
|
334
327
|
|
@@ -343,6 +336,7 @@ module ActiveSupport
|
|
343
336
|
def read_multi_mget(*names)
|
344
337
|
options = names.extract_options!
|
345
338
|
options = merged_options(options)
|
339
|
+
raw = options&.fetch(:raw, false)
|
346
340
|
|
347
341
|
keys = names.map { |name| normalize_key(name, options) }
|
348
342
|
|
@@ -352,7 +346,7 @@ module ActiveSupport
|
|
352
346
|
|
353
347
|
names.zip(values).each_with_object({}) do |(name, value), results|
|
354
348
|
if value
|
355
|
-
entry = deserialize_entry(value)
|
349
|
+
entry = deserialize_entry(value, raw: raw)
|
356
350
|
unless entry.nil? || entry.expired? || entry.mismatched?(normalize_version(name, options))
|
357
351
|
results[name] = entry.value
|
358
352
|
end
|
@@ -421,9 +415,20 @@ module ActiveSupport
|
|
421
415
|
end
|
422
416
|
end
|
423
417
|
|
424
|
-
def deserialize_entry(serialized_entry)
|
418
|
+
def deserialize_entry(serialized_entry, raw:)
|
425
419
|
if serialized_entry
|
426
420
|
entry = Marshal.load(serialized_entry) rescue serialized_entry
|
421
|
+
|
422
|
+
written_raw = serialized_entry.equal?(entry)
|
423
|
+
if raw != written_raw
|
424
|
+
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
425
|
+
Using a different value for the raw option when reading and writing
|
426
|
+
to a cache key is deprecated for :redis_cache_store and Rails 6.0
|
427
|
+
will stop automatically detecting the format when reading to avoid
|
428
|
+
marshal loading untrusted raw strings.
|
429
|
+
MSG
|
430
|
+
end
|
431
|
+
|
427
432
|
entry.is_a?(Entry) ? entry : Entry.new(entry)
|
428
433
|
end
|
429
434
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: activesupport
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.2.4
|
4
|
+
version: 5.2.4.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-02-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: i18n
|
@@ -333,8 +333,8 @@ homepage: http://rubyonrails.org
|
|
333
333
|
licenses:
|
334
334
|
- MIT
|
335
335
|
metadata:
|
336
|
-
source_code_uri: https://github.com/rails/rails/tree/v5.2.4/activesupport
|
337
|
-
changelog_uri: https://github.com/rails/rails/blob/v5.2.4/activesupport/CHANGELOG.md
|
336
|
+
source_code_uri: https://github.com/rails/rails/tree/v5.2.4.5/activesupport
|
337
|
+
changelog_uri: https://github.com/rails/rails/blob/v5.2.4.5/activesupport/CHANGELOG.md
|
338
338
|
post_install_message:
|
339
339
|
rdoc_options:
|
340
340
|
- "--encoding"
|