carrierwave 2.2.2 → 2.2.5

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of carrierwave might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b815c0a48b4df1ed7a3c3ea6f0d3cf4748b9197d5507b7b99ba262bcf703f8de
4
- data.tar.gz: b162ccab7c487c367702310819a3e14a05f014abed916a79112520550877a477
3
+ metadata.gz: 04ecbb3b2d0424203756bda1f73e89bdf32d52f3fbcda13b979e9904d1d4f2c9
4
+ data.tar.gz: e7474ccefff230df0f9d6564825c63acd3176c2a37e2a4b66a797a864d610f74
5
5
  SHA512:
6
- metadata.gz: a6341493e822abeaa770f1c202e3ca62c43b54a2dcf1768e7d485208f825a546354d66b9c45d1169c2636d32a39b36312a8029729009504b87ab2ff6b8500187
7
- data.tar.gz: 9a8f6b9f5c2ba84f500a051f1ad9f7da603af42a746422f5a727fe79c02eb1cd9063c5b082fd7a051f263b52918d76a1abeb16ee4bb2dd8ecaea73d4a9f732fe
6
+ metadata.gz: 9a2cff0c002d2d31c1a61bf4d7158a4d648a88bb69843092130bfc48cf2026386becdc707e00f6eff379929ff88f7c20929fa67310e874fe3b4ad3197793b269
7
+ data.tar.gz: fe8c49e5858818fd2e8f3e271ba884a839d627aefe420f1c4e5d63c00601b4c2e71cb07cdb77ccf0758121173b932c4a12b95762b2b60ee6d0930c9a290f375a
@@ -29,8 +29,14 @@ module CarrierWave
29
29
  response = OpenURI.open_uri(process_uri(url.to_s), headers)
30
30
  else
31
31
  request = nil
32
- response = SsrfFilter.get(uri, headers: headers) do |req|
33
- request = req
32
+ if ::SsrfFilter::VERSION.to_f < 1.1
33
+ response = SsrfFilter.get(uri, headers: headers) do |req|
34
+ request = req
35
+ end
36
+ else
37
+ response = SsrfFilter.get(uri, headers: headers, request_proc: ->(req) { request = req }) do |res|
38
+ res.body # ensure to read body
39
+ end
34
40
  end
35
41
  response.uri = request.uri
36
42
  response.value
@@ -51,7 +51,7 @@ module CarrierWave
51
51
  def whitelisted_content_type?(content_type)
52
52
  Array(content_type_allowlist).any? do |item|
53
53
  item = Regexp.quote(item) if item.class != Regexp
54
- content_type =~ /#{item}/
54
+ content_type =~ /\A#{item}/
55
55
  end
56
56
  end
57
57
 
@@ -80,7 +80,17 @@ module CarrierWave
80
80
  next unless self.send(condition, new_file)
81
81
  end
82
82
  end
83
- self.send(method, *args)
83
+
84
+ if args.is_a? Array
85
+ kwargs, args = args.partition { |arg| arg.is_a? Hash }
86
+ end
87
+
88
+ if kwargs.present?
89
+ kwargs = kwargs.reduce(:merge)
90
+ self.send(method, *args, **kwargs)
91
+ else
92
+ self.send(method, *args)
93
+ end
84
94
  end
85
95
  end
86
96
  end
@@ -1,3 +1,3 @@
1
1
  module CarrierWave
2
- VERSION = "2.2.2"
2
+ VERSION = "2.2.5"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: carrierwave
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.2
4
+ version: 2.2.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonas Nicklas
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-28 00:00:00.000000000 Z
11
+ date: 2023-11-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -396,7 +396,7 @@ homepage: https://github.com/carrierwaveuploader/carrierwave
396
396
  licenses:
397
397
  - MIT
398
398
  metadata: {}
399
- post_install_message:
399
+ post_install_message:
400
400
  rdoc_options:
401
401
  - "--main"
402
402
  require_paths:
@@ -412,8 +412,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
412
412
  - !ruby/object:Gem::Version
413
413
  version: '0'
414
414
  requirements: []
415
- rubygems_version: 3.1.4
416
- signing_key:
415
+ rubygems_version: 3.4.10
416
+ signing_key:
417
417
  specification_version: 4
418
418
  summary: Ruby file upload library
419
419
  test_files: []