activesupport 6.1.4.1 → 7.0.8.3

data/lib/active_support/key_generator.rb

@@ -9,24 +9,41 @@ module ActiveSupport
   # This lets Rails applications have a single secure secret, but avoid reusing that
   # key in multiple incompatible contexts.
   class KeyGenerator
+    class << self
+      def hash_digest_class=(klass)
+        if klass.kind_of?(Class) && klass < OpenSSL::Digest
+          @hash_digest_class = klass
+        else
+          raise ArgumentError, "#{klass} is expected to be an OpenSSL::Digest subclass"
+        end
+      end
+
+      def hash_digest_class
+        @hash_digest_class ||= OpenSSL::Digest::SHA1
+      end
+    end
+
     def initialize(secret, options = {})
       @secret = secret
       # The default iterations are higher than required for our key derivation uses
       # on the off chance someone uses this for password storage
       @iterations = options[:iterations] || 2**16
+      # Also allow configuration here so people can use this to build a rotation
+      # scheme when switching the digest class.
+      @hash_digest_class = options[:hash_digest_class] || self.class.hash_digest_class
     end
 
-    # Returns a derived key suitable for use.  The default key_size is chosen
+    # Returns a derived key suitable for use.  The default +key_size+ is chosen
     # to be compatible with the default settings of ActiveSupport::MessageVerifier.
-    # i.e. OpenSSL::Digest::SHA1#block_length
+    # i.e. <tt>OpenSSL::Digest::SHA1#block_length</tt>
     def generate_key(salt, key_size = 64)
-      OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)
+      OpenSSL::PKCS5.pbkdf2_hmac(@secret, salt, @iterations, key_size, @hash_digest_class.new)
     end
   end
 
   # CachingKeyGenerator is a wrapper around KeyGenerator which allows users to avoid
-  # re-executing the key generation process when it's called using the same salt and
-  # key_size.
+  # re-executing the key generation process when it's called using the same +salt+ and
+  # +key_size+.
   class CachingKeyGenerator
     def initialize(key_generator)
       @key_generator = key_generator

data/lib/active_support/lazy_load_hooks.rb

@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
 module ActiveSupport
-  # lazy_load_hooks allows Rails to lazily load a lot of components and thus
+  # LazyLoadHooks allows Rails to lazily load a lot of components and thus
   # making the app boot faster. Because of this feature now there is no need to
   # require <tt>ActiveRecord::Base</tt> at boot time purely to apply
   # configuration. Instead a hook is registered that applies configuration once
   # <tt>ActiveRecord::Base</tt> is loaded. Here <tt>ActiveRecord::Base</tt> is
   # used as example but this feature can be applied elsewhere too.
   #
-  # Here is an example where +on_load+ method is called to register a hook.
+  # Here is an example where on_load method is called to register a hook.
   #
   #   initializer 'active_record.initialize_timezone' do
   #     ActiveSupport.on_load(:active_record) do
@@ -18,10 +18,26 @@ module ActiveSupport
   #   end
   #
   # When the entirety of +ActiveRecord::Base+ has been
-  # evaluated then +run_load_hooks+ is invoked. The very last line of
+  # evaluated then run_load_hooks is invoked. The very last line of
   # +ActiveRecord::Base+ is:
   #
   #   ActiveSupport.run_load_hooks(:active_record, ActiveRecord::Base)
+  #
+  # run_load_hooks will then execute all the hooks that were registered
+  # with the on_load method. In the case of the above example, it will
+  # execute the block of code that is in the +initializer+.
+  #
+  # Registering a hook that has already run results in that hook executing
+  # immediately. This allows hooks to be nested for code that relies on
+  # multiple lazily loaded components:
+  #
+  #   initializer "action_text.renderer" do
+  #     ActiveSupport.on_load(:action_controller_base) do
+  #       ActiveSupport.on_load(:action_text_content) do
+  #         self.default_renderer = Class.new(ActionController::Base).renderer
+  #       end
+  #     end
+  #   end
   module LazyLoadHooks
     def self.extended(base) # :nodoc:
       base.class_eval do
@@ -32,7 +48,8 @@ module ActiveSupport
     end
 
     # Declares a block that will be executed when a Rails component is fully
-    # loaded.
+    # loaded. If the component has already loaded, the block is executed
+    # immediately.
     #
     # Options:
     #
@@ -46,6 +63,13 @@ module ActiveSupport
       @load_hooks[name] << [block, options]
     end
 
+    # Executes all blocks registered to +name+ via on_load, using +base+ as the
+    # evaluation context.
+    #
+    #   ActiveSupport.run_load_hooks(:active_record, ActiveRecord::Base)
+    #
+    # In the case of the above example, it will execute all hooks registered
+    # for +:active_record+ within the class +ActiveRecord::Base+.
     def run_load_hooks(name, base = Object)
       @loaded[name] << base
       @load_hooks[name].each do |hook, options|

data/lib/active_support/locale/en.yml

@@ -55,7 +55,7 @@ en:
     # Used in NumberHelper.number_to_currency()
     currency:
       format:
-        # Where is the currency sign? %u is the currency unit, %n the number (default: $5.00)
+        # Where is the currency sign? %u is the currency unit, %n is the number (default: $5.00)
         format: "%u%n"
         unit: "$"
         # These six are to override number.format and are optional

data/lib/active_support/log_subscriber/test_helper.rb

@@ -27,13 +27,13 @@ module ActiveSupport
     #
     # All you need to do is to ensure that your log subscriber is added to
     # Rails::Subscriber, as in the second line of the code above. The test
-    # helpers are responsible for setting up the queue, subscriptions and
+    # helpers are responsible for setting up the queue and subscriptions, and
     # turning colors in logs off.
     #
     # The messages are available in the @logger instance, which is a logger with
     # limited powers (it actually does not send anything to your output), and
     # you can collect them doing @logger.logged(level), where level is the level
-    # used in logging, like info, debug, warn and so on.
+    # used in logging, like info, debug, warn, and so on.
     module TestHelper
       def setup # :nodoc:
         @logger   = MockLogger.new

data/lib/active_support/log_subscriber.rb

@@ -6,7 +6,7 @@ require "active_support/subscriber"
 
 module ActiveSupport
   # <tt>ActiveSupport::LogSubscriber</tt> is an object set to consume
-  # <tt>ActiveSupport::Notifications</tt> with the sole purpose of logging them.
+  # ActiveSupport::Notifications with the sole purpose of logging them.
   # The log subscriber dispatches notifications to a registered object based
   # on its given namespace.
   #
@@ -36,7 +36,7 @@ module ActiveSupport
   # it will properly dispatch the event
   # (<tt>ActiveSupport::Notifications::Event</tt>) to the sql method.
   #
-  # Being an <tt>ActiveSupport::Notifications</tt> consumer,
+  # Being an ActiveSupport::Notifications consumer,
   # <tt>ActiveSupport::LogSubscriber</tt> exposes a simple interface to check if
   # instrumented code raises an exception. It is common to log a different
   # message in case of an error, and this can be achieved by extending
@@ -114,9 +114,13 @@ module ActiveSupport
     def finish(name, id, payload)
       super if logger
     rescue => e
-      if logger
-        logger.error "Could not log #{name.inspect} event. #{e.class}: #{e.message} #{e.backtrace}"
-      end
+      log_exception(name, e)
+    end
+
+    def publish_event(event)
+      super if logger
+    rescue => e
+      log_exception(event.name, e)
     end
 
   private
@@ -138,5 +142,11 @@ module ActiveSupport
       bold  = bold ? BOLD : ""
       "#{bold}#{color}#{text}#{CLEAR}"
     end
+
+    def log_exception(name, e)
+      if logger
+        logger.error "Could not log #{name.inspect} event. #{e.class}: #{e.message} #{e.backtrace}"
+      end
+    end
   end
 end

data/lib/active_support/logger_thread_safe_level.rb

@@ -9,10 +9,6 @@ module ActiveSupport
   module LoggerThreadSafeLevel # :nodoc:
     extend ActiveSupport::Concern
 
-    included do
-      cattr_accessor :local_levels, default: Concurrent::Map.new(initial_capacity: 2), instance_accessor: false
-    end
-
     Logger::Severity.constants.each do |severity|
       class_eval(<<-EOT, __FILE__, __LINE__ + 1)
         def #{severity.downcase}?                # def debug?
@@ -21,25 +17,20 @@ module ActiveSupport
       EOT
     end
 
-    def local_log_id
-      Fiber.current.__id__
-    end
-
     def local_level
-      self.class.local_levels[local_log_id]
+      IsolatedExecutionState[:logger_thread_safe_level]
     end
 
     def local_level=(level)
       case level
       when Integer
-        self.class.local_levels[local_log_id] = level
       when Symbol
-        self.class.local_levels[local_log_id] = Logger::Severity.const_get(level.to_s.upcase)
+        level = Logger::Severity.const_get(level.to_s.upcase)
       when nil
-        self.class.local_levels.delete(local_log_id)
       else
         raise ArgumentError, "Invalid log level: #{level.inspect}"
       end
+      IsolatedExecutionState[:logger_thread_safe_level] = level
     end
 
     def level
@@ -56,7 +47,7 @@ module ActiveSupport
 
     # Redefined to check severity against #level, and thus the thread-local level, rather than +@level+.
     # FIXME: Remove when the minimum Ruby version supports overriding Logger#level.
-    def add(severity, message = nil, progname = nil, &block) #:nodoc:
+    def add(severity, message = nil, progname = nil, &block) # :nodoc:
       severity ||= UNKNOWN
       progname ||= @progname
 

data/lib/active_support/message_encryptor.rb

@@ -13,7 +13,7 @@ module ActiveSupport
   # The cipher text and initialization vector are base64 encoded and returned
   # to you.
   #
-  # This can be used in situations similar to the <tt>MessageVerifier</tt>, but
+  # This can be used in situations similar to the MessageVerifier, but
   # where you don't want users to be able to determine the value of the payload.
   #
   #   len   = ActiveSupport::MessageEncryptor.key_len
@@ -23,6 +23,12 @@ module ActiveSupport
   #   encrypted_data = crypt.encrypt_and_sign('my secret data')                   # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..."
   #   crypt.decrypt_and_verify(encrypted_data)                                    # => "my secret data"
   #
+  # The +decrypt_and_verify+ method will raise an
+  # <tt>ActiveSupport::MessageEncryptor::InvalidMessage</tt> exception if the data
+  # provided cannot be decrypted or verified.
+  #
+  #   crypt.decrypt_and_verify('not encrypted data') # => ActiveSupport::MessageEncryptor::InvalidMessage
+  #
   # === Confining messages to a specific purpose
   #
   # By default any message can be used throughout your app. But they can also be
@@ -84,7 +90,7 @@ module ActiveSupport
     cattr_accessor :use_authenticated_message_encryption, instance_accessor: false, default: false
 
     class << self
-      def default_cipher #:nodoc:
+      def default_cipher # :nodoc:
         if use_authenticated_message_encryption
           "aes-256-gcm"
         else
@@ -93,7 +99,7 @@ module ActiveSupport
       end
     end
 
-    module NullSerializer #:nodoc:
+    module NullSerializer # :nodoc:
       def self.load(value)
         value
       end
@@ -103,7 +109,7 @@ module ActiveSupport
       end
     end
 
-    module NullVerifier #:nodoc:
+    module NullVerifier # :nodoc:
       def self.verify(value)
         value
       end
@@ -119,10 +125,10 @@ module ActiveSupport
     # Initialize a new MessageEncryptor. +secret+ must be at least as long as
     # the cipher key size. For the default 'aes-256-gcm' cipher, this is 256
     # bits. If you are using a user-entered secret, you can generate a suitable
-    # key by using <tt>ActiveSupport::KeyGenerator</tt> or a similar key
+    # key by using ActiveSupport::KeyGenerator or a similar key
     # derivation function.
     #
-    # First additional parameter is used as the signature key for +MessageVerifier+.
+    # First additional parameter is used as the signature key for MessageVerifier.
     # This allows you to specify keys to encrypt and sign data.
     #
     #    ActiveSupport::MessageEncryptor.new('secret', 'signature_secret')

data/lib/active_support/message_verifier.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "openssl"
 require "base64"
 require "active_support/core_ext/object/blank"
 require "active_support/security_utils"
@@ -68,8 +69,8 @@ module ActiveSupport
   # return the original value. But messages can be set to expire at a given
   # time with +:expires_in+ or +:expires_at+.
   #
-  #   @verifier.generate(parcel, expires_in: 1.month)
-  #   @verifier.generate(doowad, expires_at: Time.now.end_of_year)
+  #   @verifier.generate("parcel", expires_in: 1.month)
+  #   @verifier.generate("doowad", expires_at: Time.now.end_of_year)
   #
   # Then the messages can be verified and returned up to the expire time.
   # Thereafter, the +verified+ method returns +nil+ while +verify+ raises
@@ -78,8 +79,8 @@ module ActiveSupport
   # === Rotating keys
   #
   # MessageVerifier also supports rotating out old configurations by falling
-  # back to a stack of verifiers. Call +rotate+ to build and add a verifier to
-  # so either +verified+ or +verify+ will also try verifying with the fallback.
+  # back to a stack of verifiers. Call +rotate+ to build and add a verifier so
+  # either +verified+ or +verify+ will also try verifying with the fallback.
   #
   # By default any rotated verifiers use the values of the primary
   # verifier unless specified otherwise.
@@ -103,10 +104,13 @@ module ActiveSupport
 
     class InvalidSignature < StandardError; end
 
+    SEPARATOR = "--" # :nodoc:
+    SEPARATOR_LENGTH = SEPARATOR.length # :nodoc:
+
     def initialize(secret, digest: nil, serializer: nil)
       raise ArgumentError, "Secret should not be nil." unless secret
       @secret = secret
-      @digest = digest || "SHA1"
+      @digest = digest&.to_s || "SHA1"
       @serializer = serializer || Marshal
     end
 
@@ -120,10 +124,8 @@ module ActiveSupport
     #   tampered_message = signed_message.chop # editing the message invalidates the signature
     #   verifier.valid_message?(tampered_message) # => false
     def valid_message?(signed_message)
-      return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.blank?
-
-      data, digest = signed_message.split("--")
-      data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
+      data, digest = get_data_and_digest_from(signed_message)
+      digest_matches_data?(digest, data)
     end
 
     # Decodes the signed message using the +MessageVerifier+'s secret.
@@ -148,9 +150,9 @@ module ActiveSupport
     #   incompatible_message = "test--dad7b06c94abba8d46a15fafaef56c327665d5ff"
     #   verifier.verified(incompatible_message) # => TypeError: incompatible marshal file format
     def verified(signed_message, purpose: nil, **)
-      if valid_message?(signed_message)
+      data, digest = get_data_and_digest_from(signed_message)
+      if digest_matches_data?(digest, data)
         begin
-          data = signed_message.split("--")[0]
           message = Messages::Metadata.verify(decode(data), purpose)
           @serializer.load(message) if message
         rescue ArgumentError => argument_error
@@ -185,7 +187,7 @@ module ActiveSupport
     #   verifier.generate 'a private message' # => "BAhJIhRwcml2YXRlLW1lc3NhZ2UGOgZFVA==--e2d724331ebdee96a10fb99b089508d1c72bd772"
     def generate(value, expires_at: nil, expires_in: nil, purpose: nil)
       data = encode(Messages::Metadata.wrap(@serializer.dump(value), expires_at: expires_at, expires_in: expires_in, purpose: purpose))
-      "#{data}--#{generate_digest(data)}"
+      "#{data}#{SEPARATOR}#{generate_digest(data)}"
     end
 
     private
@@ -198,8 +200,38 @@ module ActiveSupport
       end
 
       def generate_digest(data)
-        require "openssl" unless defined?(OpenSSL)
-        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
+        OpenSSL::HMAC.hexdigest(@digest, @secret, data)
+      end
+
+      def digest_length_in_hex
+        # In hexadecimal (AKA base16) it takes 4 bits to represent a character,
+        # hence we multiply the digest's length (in bytes) by 8 to get it in
+        # bits and divide by 4 to get its number of characters it hex. Well, 8
+        # divided by 4 is 2.
+        @digest_length_in_hex ||= OpenSSL::Digest.new(@digest).digest_length * 2
+      end
+
+      def separator_index_for(signed_message)
+        index = signed_message.length - digest_length_in_hex - SEPARATOR_LENGTH
+        return if index.negative? || signed_message[index, SEPARATOR_LENGTH] != SEPARATOR
+
+        index
+      end
+
+      def get_data_and_digest_from(signed_message)
+        return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.empty?
+
+        separator_index = separator_index_for(signed_message)
+        return if separator_index.nil?
+
+        data = signed_message[0...separator_index]
+        digest = signed_message[separator_index + SEPARATOR_LENGTH..-1]
+
+        [data, digest]
+      end
+
+      def digest_matches_data?(digest, data)
+        data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
       end
   end
 end

data/lib/active_support/messages/metadata.rb

@@ -3,8 +3,8 @@
 require "time"
 
 module ActiveSupport
-  module Messages #:nodoc:
-    class Metadata #:nodoc:
+  module Messages # :nodoc:
+    class Metadata # :nodoc:
       def initialize(message, expires_at = nil, purpose = nil)
         @message, @purpose = message, purpose
         @expires_at = expires_at.is_a?(String) ? parse_expires_at(expires_at) : expires_at

data/lib/active_support/multibyte/chars.rb

@@ -3,11 +3,10 @@
 require "active_support/json"
 require "active_support/core_ext/string/access"
 require "active_support/core_ext/string/behavior"
-require "active_support/core_ext/symbol/starts_ends_with"
 require "active_support/core_ext/module/delegation"
 
-module ActiveSupport #:nodoc:
-  module Multibyte #:nodoc:
+module ActiveSupport # :nodoc:
+  module Multibyte # :nodoc:
     # Chars enables you to work transparently with UTF-8 encoding in the Ruby
     # String class without having extensive knowledge about the encoding. A
     # Chars object accepts a string upon initialization and proxies String
@@ -103,7 +102,7 @@ module ActiveSupport #:nodoc:
       #
       #   'Café'.mb_chars.reverse.to_s # => 'éfaC'
       def reverse
-        chars(@wrapped_string.scan(/\X/).reverse.join)
+        chars(@wrapped_string.grapheme_clusters.reverse.join)
       end
 
       # Limits the byte size of the string to a number of bytes without breaking
@@ -126,16 +125,16 @@ module ActiveSupport #:nodoc:
 
       # Performs canonical decomposition on all the characters.
       #
-      #   'é'.length                         # => 2
-      #   'é'.mb_chars.decompose.to_s.length # => 3
+      #   'é'.length                         # => 1
+      #   'é'.mb_chars.decompose.to_s.length # => 2
       def decompose
         chars(Unicode.decompose(:canonical, @wrapped_string.codepoints.to_a).pack("U*"))
       end
 
       # Performs composition on all the characters.
       #
-      #   'é'.length                       # => 3
-      #   'é'.mb_chars.compose.to_s.length # => 2
+      #   'é'.length                       # => 1
+      #   'é'.mb_chars.compose.to_s.length # => 1
       def compose
         chars(Unicode.compose(@wrapped_string.codepoints.to_a).pack("U*"))
       end
@@ -143,9 +142,9 @@ module ActiveSupport #:nodoc:
       # Returns the number of grapheme clusters in the string.
       #
       #   'क्षि'.mb_chars.length   # => 4
-      #   'क्षि'.mb_chars.grapheme_length # => 3
+      #   'क्षि'.mb_chars.grapheme_length # => 2
       def grapheme_length
-        @wrapped_string.scan(/\X/).length
+        @wrapped_string.grapheme_clusters.length
       end
 
       # Replaces all ISO-8859-1 or CP1252 characters by their UTF-8 equivalent
@@ -157,7 +156,7 @@ module ActiveSupport #:nodoc:
         chars(Unicode.tidy_bytes(@wrapped_string, force))
       end
 
-      def as_json(options = nil) #:nodoc:
+      def as_json(options = nil) # :nodoc:
         to_s.as_json(options)
       end
 

data/lib/active_support/multibyte/unicode.rb

@@ -8,18 +8,6 @@ module ActiveSupport
       # The Unicode version that is supported by the implementation
       UNICODE_VERSION = RbConfig::CONFIG["UNICODE_VERSION"]
 
-      def default_normalization_form
-        ActiveSupport::Deprecation.warn(
-          "ActiveSupport::Multibyte::Unicode.default_normalization_form is deprecated and will be removed in Rails 6.2."
-        )
-      end
-
-      def default_normalization_form=(_)
-        ActiveSupport::Deprecation.warn(
-          "ActiveSupport::Multibyte::Unicode.default_normalization_form= is deprecated and will be removed in Rails 6.2."
-        )
-      end
-
       # Decompose composed characters to the decomposed form.
       def decompose(type, codepoints)
         if type == :compatibility

data/lib/active_support/multibyte.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-module ActiveSupport #:nodoc:
+module ActiveSupport # :nodoc:
   module Multibyte
     autoload :Chars, "active_support/multibyte/chars"
     autoload :Unicode, "active_support/multibyte/unicode"