activesupport 6.1.4.4 → 6.1.6.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activesupport might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +58 -1
- data/MIT-LICENSE +1 -1
- data/lib/active_support/core_ext/digest/uuid.rb +1 -0
- data/lib/active_support/core_ext/string/output_safety.rb +28 -0
- data/lib/active_support/core_ext/time/calculations.rb +2 -0
- data/lib/active_support/core_ext/uri.rb +1 -1
- data/lib/active_support/dependencies/zeitwerk_integration.rb +4 -1
- data/lib/active_support/deprecation.rb +1 -1
- data/lib/active_support/digest.rb +2 -0
- data/lib/active_support/duration.rb +4 -3
- data/lib/active_support/execution_wrapper.rb +16 -13
- data/lib/active_support/gem_version.rb +2 -2
- data/lib/active_support/multibyte/unicode.rb +2 -2
- data/lib/active_support/per_thread_registry.rb +1 -0
- data/lib/active_support/railtie.rb +1 -1
- data/lib/active_support/reloader.rb +1 -1
- data/lib/active_support/tagged_logging.rb +1 -1
- data/lib/active_support/testing/assertions.rb +1 -1
- data/lib/active_support/values/time_zone.rb +2 -0
- data/lib/active_support.rb +1 -1
- metadata +10 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b457aace5d72669ba3ed04ec9ed826dbc1828773d8e0236edd8928f4a360b4e9
|
4
|
+
data.tar.gz: 73a7333915bea522eec6f1361b4db6b177f78cb14a3741ec6834e3521855e77f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7479b00d0759dfb5517b187d3f57e18b0408876efe999b5bfc02425936422f0f624dcec8403be2519d0f8baee1452657a9ec70517cb404c4c1d75118e29ca2d4
|
7
|
+
data.tar.gz: f14ce57aac4745c7ec3ddaa166fc3ff840f88c2763709801fe3338ee76cf9e4e3d6821e6c11d083cb26b3763c825c94beb241c41268e69d336df29712f31bf2a
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,60 @@
|
|
1
|
+
## Rails 6.1.6.1 (July 12, 2022) ##
|
2
|
+
|
3
|
+
* No changes.
|
4
|
+
|
5
|
+
|
6
|
+
## Rails 6.1.5.1 (April 26, 2022) ##
|
7
|
+
|
8
|
+
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
|
9
|
+
|
10
|
+
Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
|
11
|
+
in names of tags and names of attributes, following the specification of XML.
|
12
|
+
|
13
|
+
*Álvaro Martín Fraguas*
|
14
|
+
|
15
|
+
## Rails 6.1.5 (March 09, 2022) ##
|
16
|
+
|
17
|
+
* Fix `ActiveSupport::Duration.build` to support negative values.
|
18
|
+
|
19
|
+
The algorithm to collect the `parts` of the `ActiveSupport::Duration`
|
20
|
+
ignored the sign of the `value` and accumulated incorrect part values. This
|
21
|
+
impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but
|
22
|
+
not `ActiveSupport::Duration#eql?` (which is dependent on `value`).
|
23
|
+
|
24
|
+
*Caleb Buxton*, *Braden Staudacher*
|
25
|
+
|
26
|
+
* `Time#change` and methods that call it (eg. `Time#advance`) will now
|
27
|
+
return a `Time` with the timezone argument provided, if the caller was
|
28
|
+
initialized with a timezone argument.
|
29
|
+
|
30
|
+
Fixes [#42467](https://github.com/rails/rails/issues/42467).
|
31
|
+
|
32
|
+
*Alex Ghiculescu*
|
33
|
+
|
34
|
+
* Clone to keep extended Logger methods for tagged logger.
|
35
|
+
|
36
|
+
*Orhan Toy*
|
37
|
+
|
38
|
+
* `assert_changes` works on including `ActiveSupport::Assertions` module.
|
39
|
+
|
40
|
+
*Pedro Medeiros*
|
41
|
+
|
42
|
+
|
43
|
+
## Rails 6.1.4.7 (March 08, 2022) ##
|
44
|
+
|
45
|
+
* No changes.
|
46
|
+
|
47
|
+
|
48
|
+
## Rails 6.1.4.6 (February 11, 2022) ##
|
49
|
+
|
50
|
+
* Fix Reloader method signature to work with the new Executor signature
|
51
|
+
|
52
|
+
|
53
|
+
## Rails 6.1.4.5 (February 11, 2022) ##
|
54
|
+
|
55
|
+
* No changes.
|
56
|
+
|
57
|
+
|
1
58
|
## Rails 6.1.4.4 (December 15, 2021) ##
|
2
59
|
|
3
60
|
* No changes.
|
@@ -293,7 +350,7 @@
|
|
293
350
|
|
294
351
|
*Max Gurewitz*
|
295
352
|
|
296
|
-
* `URI.parser` is deprecated and will be removed in Rails
|
353
|
+
* `URI.parser` is deprecated and will be removed in Rails 7.0. Use
|
297
354
|
`URI::DEFAULT_PARSER` instead.
|
298
355
|
|
299
356
|
*Jean Boussier*
|
data/MIT-LICENSE
CHANGED
@@ -11,6 +11,14 @@ class ERB
|
|
11
11
|
HTML_ESCAPE_ONCE_REGEXP = /["><']|&(?!([a-zA-Z]+|(#\d+)|(#[xX][\dA-Fa-f]+));)/
|
12
12
|
JSON_ESCAPE_REGEXP = /[\u2028\u2029&><]/u
|
13
13
|
|
14
|
+
# Following XML requirements: https://www.w3.org/TR/REC-xml/#NT-Name
|
15
|
+
TAG_NAME_START_REGEXP_SET = "@:A-Z_a-z\u{C0}-\u{D6}\u{D8}-\u{F6}\u{F8}-\u{2FF}\u{370}-\u{37D}\u{37F}-\u{1FFF}" \
|
16
|
+
"\u{200C}-\u{200D}\u{2070}-\u{218F}\u{2C00}-\u{2FEF}\u{3001}-\u{D7FF}\u{F900}-\u{FDCF}" \
|
17
|
+
"\u{FDF0}-\u{FFFD}\u{10000}-\u{EFFFF}"
|
18
|
+
TAG_NAME_START_REGEXP = /[^#{TAG_NAME_START_REGEXP_SET}]/
|
19
|
+
TAG_NAME_FOLLOWING_REGEXP = /[^#{TAG_NAME_START_REGEXP_SET}\-.0-9\u{B7}\u{0300}-\u{036F}\u{203F}-\u{2040}]/
|
20
|
+
TAG_NAME_REPLACEMENT_CHAR = "_"
|
21
|
+
|
14
22
|
# A utility method for escaping HTML tag characters.
|
15
23
|
# This method is also aliased as <tt>h</tt>.
|
16
24
|
#
|
@@ -115,6 +123,26 @@ class ERB
|
|
115
123
|
end
|
116
124
|
|
117
125
|
module_function :json_escape
|
126
|
+
|
127
|
+
# A utility method for escaping XML names of tags and names of attributes.
|
128
|
+
#
|
129
|
+
# xml_name_escape('1 < 2 & 3')
|
130
|
+
# # => "1___2___3"
|
131
|
+
#
|
132
|
+
# It follows the requirements of the specification: https://www.w3.org/TR/REC-xml/#NT-Name
|
133
|
+
def xml_name_escape(name)
|
134
|
+
name = name.to_s
|
135
|
+
return "" if name.blank?
|
136
|
+
|
137
|
+
starting_char = name[0].gsub(TAG_NAME_START_REGEXP, TAG_NAME_REPLACEMENT_CHAR)
|
138
|
+
|
139
|
+
return starting_char if name.size == 1
|
140
|
+
|
141
|
+
following_chars = name[1..-1].gsub(TAG_NAME_FOLLOWING_REGEXP, TAG_NAME_REPLACEMENT_CHAR)
|
142
|
+
|
143
|
+
starting_char + following_chars
|
144
|
+
end
|
145
|
+
module_function :xml_name_escape
|
118
146
|
end
|
119
147
|
end
|
120
148
|
|
@@ -160,6 +160,8 @@ class Time
|
|
160
160
|
::Time.new(new_year, new_month, new_day, new_hour, new_min, new_sec, new_offset)
|
161
161
|
elsif utc?
|
162
162
|
::Time.utc(new_year, new_month, new_day, new_hour, new_min, new_sec)
|
163
|
+
elsif zone&.respond_to?(:utc_to_local)
|
164
|
+
::Time.new(new_year, new_month, new_day, new_hour, new_min, new_sec, zone)
|
163
165
|
elsif zone
|
164
166
|
::Time.local(new_year, new_month, new_day, new_hour, new_min, new_sec)
|
165
167
|
else
|
@@ -20,7 +20,7 @@ module URI
|
|
20
20
|
class << self
|
21
21
|
def parser
|
22
22
|
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
23
|
-
URI.parser is deprecated and will be removed in Rails
|
23
|
+
URI.parser is deprecated and will be removed in Rails 7.0.
|
24
24
|
Use `URI::DEFAULT_PARSER` instead.
|
25
25
|
MSG
|
26
26
|
URI::DEFAULT_PARSER
|
@@ -89,7 +89,10 @@ module ActiveSupport
|
|
89
89
|
end
|
90
90
|
|
91
91
|
Rails.autoloaders.main.enable_reloading if enable_reloading
|
92
|
-
|
92
|
+
|
93
|
+
# Order matters.
|
94
|
+
Rails.autoloaders.once.setup
|
95
|
+
Rails.autoloaders.main.setup
|
93
96
|
end
|
94
97
|
|
95
98
|
def autoload_once?(autoload_path)
|
@@ -38,7 +38,7 @@ module ActiveSupport
|
|
38
38
|
# and the second is a library name.
|
39
39
|
#
|
40
40
|
# ActiveSupport::Deprecation.new('2.0', 'MyLibrary')
|
41
|
-
def initialize(deprecation_horizon = "
|
41
|
+
def initialize(deprecation_horizon = "7.0", gem_name = "Rails")
|
42
42
|
self.gem_name = gem_name
|
43
43
|
self.deprecation_horizon = deprecation_horizon
|
44
44
|
# By default, warnings are not silenced and debugging is off.
|
@@ -186,17 +186,18 @@ module ActiveSupport
|
|
186
186
|
end
|
187
187
|
|
188
188
|
parts = {}
|
189
|
-
|
189
|
+
remainder_sign = value <=> 0
|
190
|
+
remainder = value.round(9).abs
|
190
191
|
|
191
192
|
PARTS.each do |part|
|
192
193
|
unless part == :seconds
|
193
194
|
part_in_seconds = PARTS_IN_SECONDS[part]
|
194
|
-
parts[part] = remainder.div(part_in_seconds)
|
195
|
+
parts[part] = remainder.div(part_in_seconds) * remainder_sign
|
195
196
|
remainder %= part_in_seconds
|
196
197
|
end
|
197
198
|
end unless value == 0
|
198
199
|
|
199
|
-
parts[:seconds] = remainder
|
200
|
+
parts[:seconds] = remainder * remainder_sign
|
200
201
|
|
201
202
|
new(value, parts)
|
202
203
|
end
|
@@ -63,18 +63,21 @@ module ActiveSupport
|
|
63
63
|
# after the work has been performed.
|
64
64
|
#
|
65
65
|
# Where possible, prefer +wrap+.
|
66
|
-
def self.run!
|
67
|
-
if
|
68
|
-
|
66
|
+
def self.run!(reset: false)
|
67
|
+
if reset
|
68
|
+
lost_instance = active.delete(Thread.current)
|
69
|
+
lost_instance&.complete!
|
69
70
|
else
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
71
|
+
return Null if active?
|
72
|
+
end
|
73
|
+
|
74
|
+
new.tap do |instance|
|
75
|
+
success = nil
|
76
|
+
begin
|
77
|
+
instance.run!
|
78
|
+
success = true
|
79
|
+
ensure
|
80
|
+
instance.complete! unless success
|
78
81
|
end
|
79
82
|
end
|
80
83
|
end
|
@@ -103,11 +106,11 @@ module ActiveSupport
|
|
103
106
|
self.active = Concurrent::Hash.new
|
104
107
|
|
105
108
|
def self.active? # :nodoc:
|
106
|
-
@active
|
109
|
+
@active.key?(Thread.current)
|
107
110
|
end
|
108
111
|
|
109
112
|
def run! # :nodoc:
|
110
|
-
self.class.active[Thread.current] =
|
113
|
+
self.class.active[Thread.current] = self
|
111
114
|
run_callbacks(:run)
|
112
115
|
end
|
113
116
|
|
@@ -10,13 +10,13 @@ module ActiveSupport
|
|
10
10
|
|
11
11
|
def default_normalization_form
|
12
12
|
ActiveSupport::Deprecation.warn(
|
13
|
-
"ActiveSupport::Multibyte::Unicode.default_normalization_form is deprecated and will be removed in Rails
|
13
|
+
"ActiveSupport::Multibyte::Unicode.default_normalization_form is deprecated and will be removed in Rails 7.0."
|
14
14
|
)
|
15
15
|
end
|
16
16
|
|
17
17
|
def default_normalization_form=(_)
|
18
18
|
ActiveSupport::Deprecation.warn(
|
19
|
-
"ActiveSupport::Multibyte::Unicode.default_normalization_form= is deprecated and will be removed in Rails
|
19
|
+
"ActiveSupport::Multibyte::Unicode.default_normalization_form= is deprecated and will be removed in Rails 7.0."
|
20
20
|
)
|
21
21
|
end
|
22
22
|
|
@@ -87,7 +87,7 @@ module ActiveSupport
|
|
87
87
|
if app.config.active_support.use_sha1_digests
|
88
88
|
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
89
89
|
config.active_support.use_sha1_digests is deprecated and will
|
90
|
-
be removed from Rails
|
90
|
+
be removed from Rails 7.0. Use
|
91
91
|
config.active_support.hash_digest_class = ::Digest::SHA1 instead.
|
92
92
|
MSG
|
93
93
|
ActiveSupport::Digest.hash_digest_class = ::Digest::SHA1
|
@@ -189,7 +189,7 @@ module ActiveSupport
|
|
189
189
|
error = "#{expression.inspect} didn't change"
|
190
190
|
error = "#{error}. It was already #{to}" if before == to
|
191
191
|
error = "#{message}.\n#{error}" if message
|
192
|
-
|
192
|
+
refute_equal before, after, error
|
193
193
|
|
194
194
|
unless to == UNTRACKED
|
195
195
|
error = "Expected change to #{to}\n"
|
@@ -381,6 +381,8 @@ module ActiveSupport
|
|
381
381
|
# If the string is invalid then an +ArgumentError+ will be raised unlike +parse+
|
382
382
|
# which usually returns +nil+ when given an invalid date string.
|
383
383
|
def iso8601(str)
|
384
|
+
raise ArgumentError, "invalid date" if str.nil?
|
385
|
+
|
384
386
|
parts = Date._iso8601(str)
|
385
387
|
|
386
388
|
raise ArgumentError, "invalid date" if parts.empty?
|
data/lib/active_support.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
#--
|
4
|
-
# Copyright (c) 2005-
|
4
|
+
# Copyright (c) 2005-2022 David Heinemeier Hansson
|
5
5
|
#
|
6
6
|
# Permission is hereby granted, free of charge, to any person obtaining
|
7
7
|
# a copy of this software and associated documentation files (the
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: activesupport
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.1.
|
4
|
+
version: 6.1.6.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-07-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: i18n
|
@@ -357,11 +357,12 @@ licenses:
|
|
357
357
|
- MIT
|
358
358
|
metadata:
|
359
359
|
bug_tracker_uri: https://github.com/rails/rails/issues
|
360
|
-
changelog_uri: https://github.com/rails/rails/blob/v6.1.
|
361
|
-
documentation_uri: https://api.rubyonrails.org/v6.1.
|
360
|
+
changelog_uri: https://github.com/rails/rails/blob/v6.1.6.1/activesupport/CHANGELOG.md
|
361
|
+
documentation_uri: https://api.rubyonrails.org/v6.1.6.1/
|
362
362
|
mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
|
363
|
-
source_code_uri: https://github.com/rails/rails/tree/v6.1.
|
364
|
-
|
363
|
+
source_code_uri: https://github.com/rails/rails/tree/v6.1.6.1/activesupport
|
364
|
+
rubygems_mfa_required: 'true'
|
365
|
+
post_install_message:
|
365
366
|
rdoc_options:
|
366
367
|
- "--encoding"
|
367
368
|
- UTF-8
|
@@ -378,8 +379,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
378
379
|
- !ruby/object:Gem::Version
|
379
380
|
version: '0'
|
380
381
|
requirements: []
|
381
|
-
rubygems_version: 3.
|
382
|
-
signing_key:
|
382
|
+
rubygems_version: 3.3.3
|
383
|
+
signing_key:
|
383
384
|
specification_version: 4
|
384
385
|
summary: A toolkit of support libraries and Ruby core extensions extracted from the
|
385
386
|
Rails framework.
|