activesupport 7.0.0.rc3 → 7.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activesupport might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c7110a52aaa738de876f0b598bccaa36eaa90fcc4876814a6d6305044627c83f
4
- data.tar.gz: c098f6ce349f5ae09b4a667152d751e07458c604c34c31d1f48714026ddda9ea
3
+ metadata.gz: aa0345240163d6b0d98012c437fc988d7c6b957264b42be1c095cb759ed0b102
4
+ data.tar.gz: 3533cafb988ce3d2ace9b21f2a78d8bb76aeb6524ecc8b0d71743ee3af64c3c4
5
5
  SHA512:
6
- metadata.gz: 43b79d9a130422f225a3b98c05d180deeca4a1da94af3a722c24e60740c87924844cbf8aaf62c18cc664134defe7f25747e18fb90ba2015b33f2c4307a741c11
7
- data.tar.gz: d977cc5c6f9cbeb0e71e9f0a848bc61bc0c3c43b9c212367bba36a42694786fb3cb58dabaa21fb78e42522e3247dd2b5109a628fb096ee0682d0f319d65045b3
6
+ metadata.gz: 5e84aa52f105e68d791fc59101c3f288c86d21a0e26eccd5b3ef9643b82205811f0116055675dffa23c22f9ef126e5c3e52b6113332fd9b3540d90e80afca6a0
7
+ data.tar.gz: bd68dd8c4eeebf5c956bb32e6617c2821dba0abdd344aa1f0b8e4f5f3674b1a5d1c3ea19d4b29f99222388ddeef164fcb2183c440af8bc1cab8a86e39aede24a
data/CHANGELOG.md CHANGED
@@ -1,3 +1,15 @@
1
+ ## Rails 7.0.0 (December 15, 2021) ##
2
+
3
+ * Fix `ActiveSupport::Duration.build` to support negative values.
4
+
5
+ The algorithm to collect the `parts` of the `ActiveSupport::Duration`
6
+ ignored the sign of the `value` and accumulated incorrect part values. This
7
+ impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but
8
+ not `ActiveSupport::Duration#eql?` (which is dependent on `value`).
9
+
10
+ *Caleb Buxton*, *Braden Staudacher*
11
+
12
+
1
13
  ## Rails 7.0.0.rc3 (December 14, 2021) ##
2
14
 
3
15
  * No changes.
@@ -5,6 +17,10 @@
5
17
 
6
18
  ## Rails 7.0.0.rc2 (December 14, 2021) ##
7
19
 
20
+ * No changes.
21
+
22
+ ## Rails 7.0.0.rc1 (December 06, 2021) ##
23
+
8
24
  * Deprecate passing a format to `#to_s` in favor of `#to_formatted_s` in `Array`, `Range`, `Date`, `DateTime`, `Time`,
9
25
  `BigDecimal`, `Float` and, `Integer`.
10
26
 
@@ -27,7 +27,7 @@ class Date
27
27
  # date = Date.new(2007, 11, 10) # => Sat, 10 Nov 2007
28
28
  #
29
29
  # date.to_formatted_s(:db) # => "2007-11-10"
30
- # date.to_formatted_s(:db) # => "2007-11-10"
30
+ # date.to_fs(:db) # => "2007-11-10"
31
31
  #
32
32
  # date.to_formatted_s(:short) # => "10 Nov"
33
33
  # date.to_formatted_s(:number) # => "20071110"
@@ -15,7 +15,7 @@ class DateTime
15
15
  # datetime = DateTime.civil(2007, 12, 4, 0, 0, 0, 0) # => Tue, 04 Dec 2007 00:00:00 +0000
16
16
  #
17
17
  # datetime.to_formatted_s(:db) # => "2007-12-04 00:00:00"
18
- # datetime.to_formatted_s(:db) # => "2007-12-04 00:00:00"
18
+ # datetime.to_fs(:db) # => "2007-12-04 00:00:00"
19
19
  # datetime.to_formatted_s(:number) # => "20071204000000"
20
20
  # datetime.to_formatted_s(:short) # => "04 Dec 00:00"
21
21
  # datetime.to_formatted_s(:long) # => "December 04, 2007 00:00"
@@ -4,7 +4,7 @@ class Pathname
4
4
  # Returns the receiver if the named file exists otherwise returns +nil+.
5
5
  # <tt>pathname.existence</tt> is equivalent to
6
6
  #
7
- # pathname.exists? ? pathname : nil
7
+ # pathname.exist? ? pathname : nil
8
8
  #
9
9
  # For example, something like
10
10
  #
@@ -32,7 +32,7 @@ class Time
32
32
  # time = Time.now # => 2007-01-18 06:10:17 -06:00
33
33
  #
34
34
  # time.to_formatted_s(:time) # => "06:10"
35
- # time.to_formatted_s(:time) # => "06:10"
35
+ # time.to_fs(:time) # => "06:10"
36
36
  #
37
37
  # time.to_formatted_s(:db) # => "2007-01-18 06:10:17"
38
38
  # time.to_formatted_s(:number) # => "20070118061017"
@@ -40,7 +40,7 @@ module ActiveSupport
40
40
  end
41
41
 
42
42
  def []=(object, _present)
43
- @map[object_id] = object
43
+ @map[object.object_id] = object
44
44
  end
45
45
  end
46
46
  WeakSet.new
@@ -191,13 +191,14 @@ module ActiveSupport
191
191
  end
192
192
 
193
193
  parts = {}
194
- remainder = value.round(9)
194
+ remainder_sign = value <=> 0
195
+ remainder = value.round(9).abs
195
196
  variable = false
196
197
 
197
198
  PARTS.each do |part|
198
199
  unless part == :seconds
199
200
  part_in_seconds = PARTS_IN_SECONDS[part]
200
- parts[part] = remainder.div(part_in_seconds)
201
+ parts[part] = remainder.div(part_in_seconds) * remainder_sign
201
202
  remainder %= part_in_seconds
202
203
 
203
204
  unless parts[part].zero?
@@ -206,7 +207,7 @@ module ActiveSupport
206
207
  end
207
208
  end unless value == 0
208
209
 
209
- parts[:seconds] = remainder
210
+ parts[:seconds] = remainder * remainder_sign
210
211
 
211
212
  new(value, parts, variable)
212
213
  end
@@ -10,7 +10,7 @@ module ActiveSupport
10
10
  MAJOR = 7
11
11
  MINOR = 0
12
12
  TINY = 0
13
- PRE = "rc3"
13
+ PRE = nil
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "openssl"
3
4
  require "base64"
4
5
  require "active_support/core_ext/object/blank"
5
6
  require "active_support/security_utils"
@@ -103,10 +104,13 @@ module ActiveSupport
103
104
 
104
105
  class InvalidSignature < StandardError; end
105
106
 
107
+ SEPARATOR = "--" # :nodoc:
108
+ SEPARATOR_LENGTH = SEPARATOR.length # :nodoc:
109
+
106
110
  def initialize(secret, digest: nil, serializer: nil)
107
111
  raise ArgumentError, "Secret should not be nil." unless secret
108
112
  @secret = secret
109
- @digest = digest || "SHA1"
113
+ @digest = digest&.to_s || "SHA1"
110
114
  @serializer = serializer || Marshal
111
115
  end
112
116
 
@@ -120,10 +124,8 @@ module ActiveSupport
120
124
  # tampered_message = signed_message.chop # editing the message invalidates the signature
121
125
  # verifier.valid_message?(tampered_message) # => false
122
126
  def valid_message?(signed_message)
123
- return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.blank?
124
-
125
- data, digest = signed_message.split("--")
126
- data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
127
+ data, digest = get_data_and_digest_from(signed_message)
128
+ digest_matches_data?(digest, data)
127
129
  end
128
130
 
129
131
  # Decodes the signed message using the +MessageVerifier+'s secret.
@@ -148,9 +150,9 @@ module ActiveSupport
148
150
  # incompatible_message = "test--dad7b06c94abba8d46a15fafaef56c327665d5ff"
149
151
  # verifier.verified(incompatible_message) # => TypeError: incompatible marshal file format
150
152
  def verified(signed_message, purpose: nil, **)
151
- if valid_message?(signed_message)
153
+ data, digest = get_data_and_digest_from(signed_message)
154
+ if digest_matches_data?(digest, data)
152
155
  begin
153
- data = signed_message.split("--")[0]
154
156
  message = Messages::Metadata.verify(decode(data), purpose)
155
157
  @serializer.load(message) if message
156
158
  rescue ArgumentError => argument_error
@@ -185,7 +187,7 @@ module ActiveSupport
185
187
  # verifier.generate 'a private message' # => "BAhJIhRwcml2YXRlLW1lc3NhZ2UGOgZFVA==--e2d724331ebdee96a10fb99b089508d1c72bd772"
186
188
  def generate(value, expires_at: nil, expires_in: nil, purpose: nil)
187
189
  data = encode(Messages::Metadata.wrap(@serializer.dump(value), expires_at: expires_at, expires_in: expires_in, purpose: purpose))
188
- "#{data}--#{generate_digest(data)}"
190
+ "#{data}#{SEPARATOR}#{generate_digest(data)}"
189
191
  end
190
192
 
191
193
  private
@@ -198,8 +200,38 @@ module ActiveSupport
198
200
  end
199
201
 
200
202
  def generate_digest(data)
201
- require "openssl" unless defined?(OpenSSL)
202
- OpenSSL::HMAC.hexdigest(OpenSSL::Digest.const_get(@digest).new, @secret, data)
203
+ OpenSSL::HMAC.hexdigest(@digest, @secret, data)
204
+ end
205
+
206
+ def digest_length_in_hex
207
+ # In hexadecimal (AKA base16) it takes 4 bits to represent a character,
208
+ # hence we multiply the digest's length (in bytes) by 8 to get it in
209
+ # bits and divide by 4 to get its number of characters it hex. Well, 8
210
+ # divided by 4 is 2.
211
+ @digest_length_in_hex ||= OpenSSL::Digest.new(@digest).digest_length * 2
212
+ end
213
+
214
+ def separator_index_for(signed_message)
215
+ index = signed_message.length - digest_length_in_hex - SEPARATOR_LENGTH
216
+ return if index.negative? || signed_message[index, SEPARATOR_LENGTH] != SEPARATOR
217
+
218
+ index
219
+ end
220
+
221
+ def get_data_and_digest_from(signed_message)
222
+ return if signed_message.nil? || !signed_message.valid_encoding? || signed_message.empty?
223
+
224
+ separator_index = separator_index_for(signed_message)
225
+ return if separator_index.nil?
226
+
227
+ data = signed_message[0...separator_index]
228
+ digest = signed_message[separator_index + SEPARATOR_LENGTH..-1]
229
+
230
+ [data, digest]
231
+ end
232
+
233
+ def digest_matches_data?(digest, data)
234
+ data.present? && digest.present? && ActiveSupport::SecurityUtils.secure_compare(digest, generate_digest(data))
203
235
  end
204
236
  end
205
237
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.0.0.rc3
4
+ version: 7.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-14 00:00:00.000000000 Z
11
+ date: 2021-12-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: i18n
@@ -359,12 +359,12 @@ licenses:
359
359
  - MIT
360
360
  metadata:
361
361
  bug_tracker_uri: https://github.com/rails/rails/issues
362
- changelog_uri: https://github.com/rails/rails/blob/v7.0.0.rc3/activesupport/CHANGELOG.md
363
- documentation_uri: https://api.rubyonrails.org/v7.0.0.rc3/
362
+ changelog_uri: https://github.com/rails/rails/blob/v7.0.0/activesupport/CHANGELOG.md
363
+ documentation_uri: https://api.rubyonrails.org/v7.0.0/
364
364
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
365
- source_code_uri: https://github.com/rails/rails/tree/v7.0.0.rc3/activesupport
365
+ source_code_uri: https://github.com/rails/rails/tree/v7.0.0/activesupport
366
366
  rubygems_mfa_required: 'true'
367
- post_install_message:
367
+ post_install_message:
368
368
  rdoc_options:
369
369
  - "--encoding"
370
370
  - UTF-8
@@ -377,12 +377,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
377
377
  version: 2.7.0
378
378
  required_rubygems_version: !ruby/object:Gem::Requirement
379
379
  requirements:
380
- - - ">"
380
+ - - ">="
381
381
  - !ruby/object:Gem::Version
382
- version: 1.3.1
382
+ version: '0'
383
383
  requirements: []
384
- rubygems_version: 3.2.15
385
- signing_key:
384
+ rubygems_version: 3.2.32
385
+ signing_key:
386
386
  specification_version: 4
387
387
  summary: A toolkit of support libraries and Ruby core extensions extracted from the
388
388
  Rails framework.