activesupport 6.1.4.1 → 6.1.7.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +139 -1
- data/MIT-LICENSE +1 -1
- data/lib/active_support/core_ext/digest/uuid.rb +1 -0
- data/lib/active_support/core_ext/string/output_safety.rb +32 -0
- data/lib/active_support/core_ext/time/calculations.rb +2 -0
- data/lib/active_support/core_ext/uri.rb +1 -1
- data/lib/active_support/current_attributes.rb +1 -0
- data/lib/active_support/dependencies/zeitwerk_integration.rb +4 -1
- data/lib/active_support/deprecation.rb +1 -1
- data/lib/active_support/digest.rb +2 -0
- data/lib/active_support/duration.rb +4 -3
- data/lib/active_support/encrypted_file.rb +8 -9
- data/lib/active_support/execution_wrapper.rb +16 -13
- data/lib/active_support/gem_version.rb +2 -2
- data/lib/active_support/inflector/methods.rb +1 -2
- data/lib/active_support/multibyte/unicode.rb +2 -2
- data/lib/active_support/per_thread_registry.rb +1 -0
- data/lib/active_support/railtie.rb +1 -1
- data/lib/active_support/reloader.rb +1 -1
- data/lib/active_support/tagged_logging.rb +1 -1
- data/lib/active_support/testing/assertions.rb +1 -1
- data/lib/active_support/values/time_zone.rb +2 -0
- data/lib/active_support.rb +1 -1
- metadata +10 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d11e7add09b8c7e3de38aa8b0f5a2f6e82920e1a933dbe470eb1436541f9413
|
4
|
+
data.tar.gz: 75a53790ba8b139edd4744c4e20cdbc75c185e5a6737b6f5ffb01da9fcbcec84
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 766b6574b39a45ef1d1030249546e0561a93a51212c615c61b5619f2d722c750b27164bf6635e699eb1157533fc5e73de87abc89e0e9e18a544868cf87a9ca1e
|
7
|
+
data.tar.gz: 765934ca6dc427f1ad29dc81cb4450f7e0fff58178837e7369761006eb9cc5d72d2acc548c5245a6828a10b0403367da4ab6b3529525885fca353ec9bbcd1454
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,141 @@
|
|
1
|
+
## Rails 6.1.7.10 (October 23, 2024) ##
|
2
|
+
|
3
|
+
* No changes.
|
4
|
+
|
5
|
+
|
6
|
+
## Rails 6.1.7.9 (October 15, 2024) ##
|
7
|
+
|
8
|
+
* No changes.
|
9
|
+
|
10
|
+
|
11
|
+
## Rails 6.1.7.8 (June 04, 2024) ##
|
12
|
+
|
13
|
+
* No changes.
|
14
|
+
|
15
|
+
|
16
|
+
## Rails 6.1.7.7 (February 21, 2024) ##
|
17
|
+
|
18
|
+
* No changes.
|
19
|
+
|
20
|
+
|
21
|
+
## Rails 6.1.7.6 (August 22, 2023) ##
|
22
|
+
|
23
|
+
* No changes.
|
24
|
+
|
25
|
+
|
26
|
+
## Rails 6.1.7.5 (August 22, 2023) ##
|
27
|
+
|
28
|
+
* Use a temporary file for storing unencrypted files while editing
|
29
|
+
|
30
|
+
[CVE-2023-38037]
|
31
|
+
|
32
|
+
|
33
|
+
## Rails 6.1.7.4 (June 26, 2023) ##
|
34
|
+
|
35
|
+
* No changes.
|
36
|
+
|
37
|
+
|
38
|
+
## Rails 6.1.7.3 (March 13, 2023) ##
|
39
|
+
|
40
|
+
* Implement SafeBuffer#bytesplice
|
41
|
+
|
42
|
+
[CVE-2023-28120]
|
43
|
+
|
44
|
+
|
45
|
+
## Rails 6.1.7.2 (January 24, 2023) ##
|
46
|
+
|
47
|
+
* No changes.
|
48
|
+
|
49
|
+
|
50
|
+
## Rails 6.1.7.1 (January 17, 2023) ##
|
51
|
+
|
52
|
+
* Avoid regex backtracking in Inflector.underscore
|
53
|
+
|
54
|
+
[CVE-2023-22796]
|
55
|
+
|
56
|
+
|
57
|
+
## Rails 6.1.7 (September 09, 2022) ##
|
58
|
+
|
59
|
+
* No changes.
|
60
|
+
|
61
|
+
|
62
|
+
## Rails 6.1.6.1 (July 12, 2022) ##
|
63
|
+
|
64
|
+
* No changes.
|
65
|
+
|
66
|
+
|
67
|
+
## Rails 6.1.6 (May 09, 2022) ##
|
68
|
+
|
69
|
+
* No changes.
|
70
|
+
|
71
|
+
|
72
|
+
## Rails 6.1.5.1 (April 26, 2022) ##
|
73
|
+
|
74
|
+
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
|
75
|
+
|
76
|
+
Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
|
77
|
+
in names of tags and names of attributes, following the specification of XML.
|
78
|
+
|
79
|
+
*Álvaro Martín Fraguas*
|
80
|
+
|
81
|
+
## Rails 6.1.5 (March 09, 2022) ##
|
82
|
+
|
83
|
+
* Fix `ActiveSupport::Duration.build` to support negative values.
|
84
|
+
|
85
|
+
The algorithm to collect the `parts` of the `ActiveSupport::Duration`
|
86
|
+
ignored the sign of the `value` and accumulated incorrect part values. This
|
87
|
+
impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but
|
88
|
+
not `ActiveSupport::Duration#eql?` (which is dependent on `value`).
|
89
|
+
|
90
|
+
*Caleb Buxton*, *Braden Staudacher*
|
91
|
+
|
92
|
+
* `Time#change` and methods that call it (eg. `Time#advance`) will now
|
93
|
+
return a `Time` with the timezone argument provided, if the caller was
|
94
|
+
initialized with a timezone argument.
|
95
|
+
|
96
|
+
Fixes [#42467](https://github.com/rails/rails/issues/42467).
|
97
|
+
|
98
|
+
*Alex Ghiculescu*
|
99
|
+
|
100
|
+
* Clone to keep extended Logger methods for tagged logger.
|
101
|
+
|
102
|
+
*Orhan Toy*
|
103
|
+
|
104
|
+
* `assert_changes` works on including `ActiveSupport::Assertions` module.
|
105
|
+
|
106
|
+
*Pedro Medeiros*
|
107
|
+
|
108
|
+
|
109
|
+
## Rails 6.1.4.7 (March 08, 2022) ##
|
110
|
+
|
111
|
+
* No changes.
|
112
|
+
|
113
|
+
|
114
|
+
## Rails 6.1.4.6 (February 11, 2022) ##
|
115
|
+
|
116
|
+
* Fix Reloader method signature to work with the new Executor signature
|
117
|
+
|
118
|
+
|
119
|
+
## Rails 6.1.4.5 (February 11, 2022) ##
|
120
|
+
|
121
|
+
* No changes.
|
122
|
+
|
123
|
+
|
124
|
+
## Rails 6.1.4.4 (December 15, 2021) ##
|
125
|
+
|
126
|
+
* No changes.
|
127
|
+
|
128
|
+
|
129
|
+
## Rails 6.1.4.3 (December 14, 2021) ##
|
130
|
+
|
131
|
+
* No changes.
|
132
|
+
|
133
|
+
|
134
|
+
## Rails 6.1.4.2 (December 14, 2021) ##
|
135
|
+
|
136
|
+
* No changes.
|
137
|
+
|
138
|
+
|
1
139
|
## Rails 6.1.4.1 (August 19, 2021) ##
|
2
140
|
|
3
141
|
* No changes.
|
@@ -278,7 +416,7 @@
|
|
278
416
|
|
279
417
|
*Max Gurewitz*
|
280
418
|
|
281
|
-
* `URI.parser` is deprecated and will be removed in Rails
|
419
|
+
* `URI.parser` is deprecated and will be removed in Rails 7.0. Use
|
282
420
|
`URI::DEFAULT_PARSER` instead.
|
283
421
|
|
284
422
|
*Jean Boussier*
|
data/MIT-LICENSE
CHANGED
@@ -11,6 +11,14 @@ class ERB
|
|
11
11
|
HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]+));)/
|
12
12
|
JSON_ESCAPE_REGEXP = /[\u2028\u2029&><]/u
|
13
13
|
|
14
|
+
# Following XML requirements: https://www.w3.org/TR/REC-xml/#NT-Name
|
15
|
+
TAG_NAME_START_REGEXP_SET = "@:A-Z_a-z\u{C0}-\u{D6}\u{D8}-\u{F6}\u{F8}-\u{2FF}\u{370}-\u{37D}\u{37F}-\u{1FFF}" \
|
16
|
+
"\u{200C}-\u{200D}\u{2070}-\u{218F}\u{2C00}-\u{2FEF}\u{3001}-\u{D7FF}\u{F900}-\u{FDCF}" \
|
17
|
+
"\u{FDF0}-\u{FFFD}\u{10000}-\u{EFFFF}"
|
18
|
+
TAG_NAME_START_REGEXP = /[^#{TAG_NAME_START_REGEXP_SET}]/
|
19
|
+
TAG_NAME_FOLLOWING_REGEXP = /[^#{TAG_NAME_START_REGEXP_SET}\-.0-9\u{B7}\u{0300}-\u{036F}\u{203F}-\u{2040}]/
|
20
|
+
TAG_NAME_REPLACEMENT_CHAR = "_"
|
21
|
+
|
14
22
|
# A utility method for escaping HTML tag characters.
|
15
23
|
# This method is also aliased as <tt>h</tt>.
|
16
24
|
#
|
@@ -115,6 +123,26 @@ class ERB
|
|
115
123
|
end
|
116
124
|
|
117
125
|
module_function :json_escape
|
126
|
+
|
127
|
+
# A utility method for escaping XML names of tags and names of attributes.
|
128
|
+
#
|
129
|
+
# xml_name_escape('1 < 2 & 3')
|
130
|
+
# # => "1___2___3"
|
131
|
+
#
|
132
|
+
# It follows the requirements of the specification: https://www.w3.org/TR/REC-xml/#NT-Name
|
133
|
+
def xml_name_escape(name)
|
134
|
+
name = name.to_s
|
135
|
+
return "" if name.blank?
|
136
|
+
|
137
|
+
starting_char = name[0].gsub(TAG_NAME_START_REGEXP, TAG_NAME_REPLACEMENT_CHAR)
|
138
|
+
|
139
|
+
return starting_char if name.size == 1
|
140
|
+
|
141
|
+
following_chars = name[1..-1].gsub(TAG_NAME_FOLLOWING_REGEXP, TAG_NAME_REPLACEMENT_CHAR)
|
142
|
+
|
143
|
+
starting_char + following_chars
|
144
|
+
end
|
145
|
+
module_function :xml_name_escape
|
118
146
|
end
|
119
147
|
end
|
120
148
|
|
@@ -188,6 +216,10 @@ module ActiveSupport #:nodoc:
|
|
188
216
|
end
|
189
217
|
alias << concat
|
190
218
|
|
219
|
+
def bytesplice(*args, value)
|
220
|
+
super(*args, implicit_html_escape_interpolated_argument(value))
|
221
|
+
end
|
222
|
+
|
191
223
|
def insert(index, value)
|
192
224
|
super(index, html_escape_interpolated_argument(value))
|
193
225
|
end
|
@@ -160,6 +160,8 @@ class Time
|
|
160
160
|
::Time.new(new_year, new_month, new_day, new_hour, new_min, new_sec, new_offset)
|
161
161
|
elsif utc?
|
162
162
|
::Time.utc(new_year, new_month, new_day, new_hour, new_min, new_sec)
|
163
|
+
elsif zone&.respond_to?(:utc_to_local)
|
164
|
+
::Time.new(new_year, new_month, new_day, new_hour, new_min, new_sec, zone)
|
163
165
|
elsif zone
|
164
166
|
::Time.local(new_year, new_month, new_day, new_hour, new_min, new_sec)
|
165
167
|
else
|
@@ -20,7 +20,7 @@ module URI
|
|
20
20
|
class << self
|
21
21
|
def parser
|
22
22
|
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
23
|
-
URI.parser is deprecated and will be removed in Rails
|
23
|
+
URI.parser is deprecated and will be removed in Rails 7.0.
|
24
24
|
Use `URI::DEFAULT_PARSER` instead.
|
25
25
|
MSG
|
26
26
|
URI::DEFAULT_PARSER
|
@@ -89,7 +89,10 @@ module ActiveSupport
|
|
89
89
|
end
|
90
90
|
|
91
91
|
Rails.autoloaders.main.enable_reloading if enable_reloading
|
92
|
-
|
92
|
+
|
93
|
+
# Order matters.
|
94
|
+
Rails.autoloaders.once.setup
|
95
|
+
Rails.autoloaders.main.setup
|
93
96
|
end
|
94
97
|
|
95
98
|
def autoload_once?(autoload_path)
|
@@ -38,7 +38,7 @@ module ActiveSupport
|
|
38
38
|
# and the second is a library name.
|
39
39
|
#
|
40
40
|
# ActiveSupport::Deprecation.new('2.0', 'MyLibrary')
|
41
|
-
def initialize(deprecation_horizon = "
|
41
|
+
def initialize(deprecation_horizon = "7.0", gem_name = "Rails")
|
42
42
|
self.gem_name = gem_name
|
43
43
|
self.deprecation_horizon = deprecation_horizon
|
44
44
|
# By default, warnings are not silenced and debugging is off.
|
@@ -186,17 +186,18 @@ module ActiveSupport
|
|
186
186
|
end
|
187
187
|
|
188
188
|
parts = {}
|
189
|
-
|
189
|
+
remainder_sign = value <=> 0
|
190
|
+
remainder = value.round(9).abs
|
190
191
|
|
191
192
|
PARTS.each do |part|
|
192
193
|
unless part == :seconds
|
193
194
|
part_in_seconds = PARTS_IN_SECONDS[part]
|
194
|
-
parts[part] = remainder.div(part_in_seconds)
|
195
|
+
parts[part] = remainder.div(part_in_seconds) * remainder_sign
|
195
196
|
remainder %= part_in_seconds
|
196
197
|
end
|
197
198
|
end unless value == 0
|
198
199
|
|
199
|
-
parts[:seconds] = remainder
|
200
|
+
parts[:seconds] = remainder * remainder_sign
|
200
201
|
|
201
202
|
new(value, parts)
|
202
203
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require "pathname"
|
4
|
-
require "
|
4
|
+
require "tempfile"
|
5
5
|
require "active_support/message_encryptor"
|
6
6
|
|
7
7
|
module ActiveSupport
|
@@ -69,17 +69,16 @@ module ActiveSupport
|
|
69
69
|
|
70
70
|
private
|
71
71
|
def writing(contents)
|
72
|
-
|
73
|
-
|
74
|
-
|
72
|
+
Tempfile.create(["", "-" + content_path.basename.to_s.chomp(".enc")]) do |tmp_file|
|
73
|
+
tmp_path = Pathname.new(tmp_file)
|
74
|
+
tmp_path.binwrite contents
|
75
75
|
|
76
|
-
|
76
|
+
yield tmp_path
|
77
77
|
|
78
|
-
|
78
|
+
updated_contents = tmp_path.binread
|
79
79
|
|
80
|
-
|
81
|
-
|
82
|
-
FileUtils.rm(tmp_path) if tmp_path&.exist?
|
80
|
+
write(updated_contents) if updated_contents != contents
|
81
|
+
end
|
83
82
|
end
|
84
83
|
|
85
84
|
|
@@ -63,18 +63,21 @@ module ActiveSupport
|
|
63
63
|
# after the work has been performed.
|
64
64
|
#
|
65
65
|
# Where possible, prefer +wrap+.
|
66
|
-
def self.run!
|
67
|
-
if
|
68
|
-
|
66
|
+
def self.run!(reset: false)
|
67
|
+
if reset
|
68
|
+
lost_instance = active.delete(Thread.current)
|
69
|
+
lost_instance&.complete!
|
69
70
|
else
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
71
|
+
return Null if active?
|
72
|
+
end
|
73
|
+
|
74
|
+
new.tap do |instance|
|
75
|
+
success = nil
|
76
|
+
begin
|
77
|
+
instance.run!
|
78
|
+
success = true
|
79
|
+
ensure
|
80
|
+
instance.complete! unless success
|
78
81
|
end
|
79
82
|
end
|
80
83
|
end
|
@@ -103,11 +106,11 @@ module ActiveSupport
|
|
103
106
|
self.active = Concurrent::Hash.new
|
104
107
|
|
105
108
|
def self.active? # :nodoc:
|
106
|
-
@active
|
109
|
+
@active.key?(Thread.current)
|
107
110
|
end
|
108
111
|
|
109
112
|
def run! # :nodoc:
|
110
|
-
self.class.active[Thread.current] =
|
113
|
+
self.class.active[Thread.current] = self
|
111
114
|
run_callbacks(:run)
|
112
115
|
end
|
113
116
|
|
@@ -93,8 +93,7 @@ module ActiveSupport
|
|
93
93
|
return camel_cased_word unless /[A-Z-]|::/.match?(camel_cased_word)
|
94
94
|
word = camel_cased_word.to_s.gsub("::", "/")
|
95
95
|
word.gsub!(inflections.acronyms_underscore_regex) { "#{$1 && '_' }#{$2.downcase}" }
|
96
|
-
word.gsub!(/([A-Z
|
97
|
-
word.gsub!(/([a-z\d])([A-Z])/, '\1_\2')
|
96
|
+
word.gsub!(/([A-Z])(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { ($1 || $2) << "_" }
|
98
97
|
word.tr!("-", "_")
|
99
98
|
word.downcase!
|
100
99
|
word
|
@@ -10,13 +10,13 @@ module ActiveSupport
|
|
10
10
|
|
11
11
|
def default_normalization_form
|
12
12
|
ActiveSupport::Deprecation.warn(
|
13
|
-
"ActiveSupport::Multibyte::Unicode.default_normalization_form is deprecated and will be removed in Rails
|
13
|
+
"ActiveSupport::Multibyte::Unicode.default_normalization_form is deprecated and will be removed in Rails 7.0."
|
14
14
|
)
|
15
15
|
end
|
16
16
|
|
17
17
|
def default_normalization_form=(_)
|
18
18
|
ActiveSupport::Deprecation.warn(
|
19
|
-
"ActiveSupport::Multibyte::Unicode.default_normalization_form= is deprecated and will be removed in Rails
|
19
|
+
"ActiveSupport::Multibyte::Unicode.default_normalization_form= is deprecated and will be removed in Rails 7.0."
|
20
20
|
)
|
21
21
|
end
|
22
22
|
|
@@ -87,7 +87,7 @@ module ActiveSupport
|
|
87
87
|
if app.config.active_support.use_sha1_digests
|
88
88
|
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
89
89
|
config.active_support.use_sha1_digests is deprecated and will
|
90
|
-
be removed from Rails
|
90
|
+
be removed from Rails 7.0. Use
|
91
91
|
config.active_support.hash_digest_class = ::Digest::SHA1 instead.
|
92
92
|
MSG
|
93
93
|
ActiveSupport::Digest.hash_digest_class = ::Digest::SHA1
|
@@ -189,7 +189,7 @@ module ActiveSupport
|
|
189
189
|
error = "#{expression.inspect} didn't change"
|
190
190
|
error = "#{error}. It was already #{to}" if before == to
|
191
191
|
error = "#{message}.\n#{error}" if message
|
192
|
-
|
192
|
+
refute_equal before, after, error
|
193
193
|
|
194
194
|
unless to == UNTRACKED
|
195
195
|
error = "Expected change to #{to}\n"
|
@@ -381,6 +381,8 @@ module ActiveSupport
|
|
381
381
|
# If the string is invalid then an +ArgumentError+ will be raised unlike +parse+
|
382
382
|
# which usually returns +nil+ when given an invalid date string.
|
383
383
|
def iso8601(str)
|
384
|
+
raise ArgumentError, "invalid date" if str.nil?
|
385
|
+
|
384
386
|
parts = Date._iso8601(str)
|
385
387
|
|
386
388
|
raise ArgumentError, "invalid date" if parts.empty?
|
data/lib/active_support.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
#--
|
4
|
-
# Copyright (c) 2005-
|
4
|
+
# Copyright (c) 2005-2022 David Heinemeier Hansson
|
5
5
|
#
|
6
6
|
# Permission is hereby granted, free of charge, to any person obtaining
|
7
7
|
# a copy of this software and associated documentation files (the
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: activesupport
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.1.
|
4
|
+
version: 6.1.7.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-10-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: i18n
|
@@ -357,11 +357,12 @@ licenses:
|
|
357
357
|
- MIT
|
358
358
|
metadata:
|
359
359
|
bug_tracker_uri: https://github.com/rails/rails/issues
|
360
|
-
changelog_uri: https://github.com/rails/rails/blob/v6.1.
|
361
|
-
documentation_uri: https://api.rubyonrails.org/v6.1.
|
360
|
+
changelog_uri: https://github.com/rails/rails/blob/v6.1.7.10/activesupport/CHANGELOG.md
|
361
|
+
documentation_uri: https://api.rubyonrails.org/v6.1.7.10/
|
362
362
|
mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
|
363
|
-
source_code_uri: https://github.com/rails/rails/tree/v6.1.
|
364
|
-
|
363
|
+
source_code_uri: https://github.com/rails/rails/tree/v6.1.7.10/activesupport
|
364
|
+
rubygems_mfa_required: 'true'
|
365
|
+
post_install_message:
|
365
366
|
rdoc_options:
|
366
367
|
- "--encoding"
|
367
368
|
- UTF-8
|
@@ -378,8 +379,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
378
379
|
- !ruby/object:Gem::Version
|
379
380
|
version: '0'
|
380
381
|
requirements: []
|
381
|
-
rubygems_version: 3.
|
382
|
-
signing_key:
|
382
|
+
rubygems_version: 3.5.16
|
383
|
+
signing_key:
|
383
384
|
specification_version: 4
|
384
385
|
summary: A toolkit of support libraries and Ruby core extensions extracted from the
|
385
386
|
Rails framework.
|