asset_bom_removal-rails 0.0.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +3 -3
- data/lib/asset_bom_removal/rails/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a279fa505b26ae133d589793a3e8dbaa44a15f70
|
|
4
|
+
data.tar.gz: f8fff0e413f923bda7b32cd4f70c66c47b156fc5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 52ad807c5ea9ad11d25f735f6ca24dc1069914e876560d49004b454caf332e4b1f46419f00980e0663cb7781b21f898ca4cb01aadda7763276f92b13cfb6d0d8
|
|
7
|
+
data.tar.gz: a80d661216b619a5f4cb34069528f8de38b0f24743ccd6eadef36cae605abc4b5b148835f6039b7af72dc28d8e7df559034d182fb18625384f58db1422c6c091
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -2,14 +2,14 @@
|
|
|
2
2
|
|
|
3
3
|
This gem hooks into [Rails `assets:precompile` task](http://guides.rubyonrails.org/asset_pipeline.html#precompiling-assets) and removes the BOM from any CSS files (and their gzipped versions) in the asset root.
|
|
4
4
|
|
|
5
|
-
We do this because we want to use [SRI](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) on our assets, but [a bug in Firefox versions < 52](https://bugzilla.mozilla.org/show_bug.cgi?id=1269241) means it calculates the hash incorrectly when the CSS asset has a [BOM](https://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) and refuses to load the asset. The BOM is [generated by SASS versions > 3.4](https://github.com/sass/sass/blob/3.4.0/lib/sass/tree/visitors/to_css.rb#L131-L140) and in the versions of rails, sass, sprockets, sass-rails, and sprockets-rails we use it is impossible to configure SASS to stop doing this (as mentioned [in the sass-rails readme](https://github.com/rails/sass-rails/blob/v4.0.0/README.md#configuration) from version 4.0+).
|
|
5
|
+
We do this because we want to use [SRI](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) on our assets, but [a bug in Firefox versions < 52](https://bugzilla.mozilla.org/show_bug.cgi?id=1269241) means it calculates the hash incorrectly when the CSS asset has a [UTF-8 BOM](https://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) and refuses to load the asset. The BOM is [generated by SASS versions > 3.4](https://github.com/sass/sass/blob/3.4.0/lib/sass/tree/visitors/to_css.rb#L131-L140) when the CSS file includes utf-8 characters and in the versions of rails, sass, sprockets, sass-rails, and sprockets-rails we use it is impossible to configure SASS to stop doing this (as mentioned [in the sass-rails readme](https://github.com/rails/sass-rails/blob/v4.0.0/README.md#configuration) from version 4.0+).
|
|
6
6
|
|
|
7
7
|
## Installation
|
|
8
8
|
|
|
9
9
|
Add this line to your application's Gemfile:
|
|
10
10
|
|
|
11
11
|
```ruby
|
|
12
|
-
gem '
|
|
12
|
+
gem 'asset_bom_removal-rails'
|
|
13
13
|
```
|
|
14
14
|
|
|
15
15
|
And then execute:
|
|
@@ -34,7 +34,7 @@ After checking out the repo, run `bundle install` to install dependencies. Then,
|
|
|
34
34
|
|
|
35
35
|
## Contributing
|
|
36
36
|
|
|
37
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/alphagov/
|
|
37
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/alphagov/asset_bom_removal-rails.
|
|
38
38
|
|
|
39
39
|
## License
|
|
40
40
|
|