excon 0.19.5 → 0.20.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of excon might be problematic. Click here for more details.

@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- excon (0.19.5)
4
+ excon (0.20.0)
5
5
 
6
6
  GEM
7
7
  remote: http://rubygems.org/
@@ -1,3 +1,9 @@
1
+ 0.20.0 03/08/2013
2
+ =================
3
+
4
+ redact password from inspect/instrument
5
+ downgrade severity of invalid keys from error to warning
6
+
1
7
  0.19.5 03/04/2013
2
8
  =================
3
9
 
@@ -13,8 +13,8 @@ Gem::Specification.new do |s|
13
13
  ## If your rubyforge_project name is different, then edit it and comment out
14
14
  ## the sub! line in the Rakefile
15
15
  s.name = 'excon'
16
- s.version = '0.19.5'
17
- s.date = '2013-03-04'
16
+ s.version = '0.20.0'
17
+ s.date = '2013-03-08'
18
18
  s.rubyforge_project = 'excon'
19
19
 
20
20
  ## Make sure your summary is short. The description may be as long
@@ -21,13 +21,6 @@ module Excon
21
21
  @data[:proxy] = new_proxy
22
22
  end
23
23
 
24
- def assert_valid_keys_for_argument!(argument, valid_keys)
25
- invalid_keys = argument.keys - valid_keys
26
- return true if invalid_keys.empty?
27
- raise ArgumentError, "The following keys are invalid: #{invalid_keys.map(&:inspect).join(', ')}"
28
- end
29
- private :assert_valid_keys_for_argument!
30
-
31
24
  # Initializes a new Connection instance
32
25
  # @param [Hash<Symbol, >] params One or more optional params
33
26
  # @option params [String] :body Default text to be sent over a socket. Only used if :body absent in Connection#request params
@@ -42,7 +35,7 @@ module Excon
42
35
  # @option params [Class] :instrumentor Responds to #instrument as in ActiveSupport::Notifications
43
36
  # @option params [String] :instrumentor_name Name prefix for #instrument events. Defaults to 'excon'
44
37
  def initialize(params = {})
45
- assert_valid_keys_for_argument!(params, Excon::VALID_CONNECTION_KEYS)
38
+ invalid_keys_warning(params, Excon::VALID_CONNECTION_KEYS)
46
39
  @data = Excon.defaults.dup
47
40
  # merge does not deep-dup, so make sure headers is not the original
48
41
  @data[:headers] = @data[:headers].dup
@@ -202,7 +195,7 @@ module Excon
202
195
  def request(params, &block)
203
196
  # @data has defaults, merge in new params to override
204
197
  datum = @data.merge(params)
205
- assert_valid_keys_for_argument!(params, VALID_CONNECTION_KEYS)
198
+ invalid_keys_warning(params, VALID_CONNECTION_KEYS)
206
199
  datum[:headers] = @data[:headers].merge(datum[:headers] || {})
207
200
  datum[:headers]['Host'] ||= '' << datum[:host] << ':' << datum[:port].to_s
208
201
  datum[:retries_remaining] ||= datum[:retry_limit]
@@ -288,6 +281,10 @@ module Excon
288
281
  vars[:'@data'][:headers] = vars[:'@data'][:headers].dup
289
282
  vars[:'@data'][:headers]['Authorization'] = REDACTED
290
283
  end
284
+ if vars[:'@data'][:password]
285
+ vars[:'@data'] = vars[:'@data'].dup
286
+ vars[:'@data'][:password] = REDACTED
287
+ end
291
288
  inspection = '#<Excon::Connection:'
292
289
  inspection << (object_id << 1).to_s(16)
293
290
  vars.each do |key, value|
@@ -317,6 +314,13 @@ module Excon
317
314
  end
318
315
  end
319
316
 
317
+ def invalid_keys_warning(argument, valid_keys)
318
+ invalid_keys = argument.keys - valid_keys
319
+ unless invalid_keys.empty?
320
+ $stderr.puts("The following keys are invalid: #{invalid_keys.map(&:inspect).join(', ')}")
321
+ end
322
+ end
323
+
320
324
  def response(datum={})
321
325
  unless datum.has_key?(:response)
322
326
  datum = Excon::Response.parse(socket, datum)
@@ -71,7 +71,7 @@ module Excon
71
71
  :write_timeout
72
72
  ]
73
73
 
74
- VERSION = '0.19.5'
74
+ VERSION = '0.20.0'
75
75
 
76
76
  unless ::IO.const_defined?(:WaitReadable)
77
77
  class ::IO
@@ -1,11 +1,14 @@
1
1
  module Excon
2
2
  class StandardInstrumentor
3
3
  def self.instrument(name, params = {}, &block)
4
+ params = params.dup
4
5
  if params.has_key?(:headers) && params[:headers].has_key?('Authorization')
5
- params = params.dup
6
6
  params[:headers] = params[:headers].dup
7
7
  params[:headers]['Authorization'] = REDACTED
8
8
  end
9
+ if params.has_key?(:password)
10
+ params[:password] = REDACTED
11
+ end
9
12
  $stderr.puts("#{name} #{params.inspect}")
10
13
  if block_given?
11
14
  yield
@@ -7,6 +7,7 @@ with_rackup('basic_auth.ru') do
7
7
  ]
8
8
  cases.each do |desc,url,auth_header|
9
9
  conn = Excon.new(url)
10
+
10
11
  test("authorization header concealed for #{desc}") do
11
12
  !conn.inspect.include?(auth_header)
12
13
  end
@@ -15,6 +16,16 @@ with_rackup('basic_auth.ru') do
15
16
  conn.data[:headers]['Authorization'] == auth_header
16
17
  end
17
18
 
19
+ if conn.data[:password]
20
+ test("password param concealed for #{desc}") do
21
+ !conn.inspect.include?(conn.data[:password])
22
+ end
23
+ end
24
+
25
+ test("password param remains correct for #{desc}") do
26
+ conn.data[:password] == URI.parse(url).password
27
+ end
28
+
18
29
  end
19
30
  end
20
31
  end
@@ -180,8 +180,8 @@ Shindo.tests('Excon instrumentation') do
180
180
 
181
181
  @auth_header = 'Basic dXNlcjpwYXNz'
182
182
 
183
- tests('does not appear in response') do
184
- !@captured_stderr.include?(@auth_header)
183
+ test('does not appear in response') do
184
+ !@captured_stderr.string.include?(@auth_header)
185
185
  end
186
186
 
187
187
  test('does not mutate Authorization value') do
@@ -190,6 +190,36 @@ Shindo.tests('Excon instrumentation') do
190
190
 
191
191
  end
192
192
 
193
+ tests('password REDACT') do
194
+
195
+ begin
196
+ original_stderr = $stderr
197
+ $stderr = @captured_stderr = StringIO.new
198
+ stub_failure
199
+ @connection = Excon.new(
200
+ 'http://user:pass@127.0.0.1:9292',
201
+ :instrumentor => Excon::StandardInstrumentor,
202
+ :mock => true
203
+ )
204
+ raises(Excon::Errors::SocketError) do
205
+ @connection.get(:idempotent => true)
206
+ end
207
+ ensure
208
+ $stderr = original_stderr
209
+ end
210
+
211
+ @password_param = '"pass"'
212
+
213
+ test('does not appear in response') do
214
+ !@captured_stderr.string.include?(@password_param)
215
+ end
216
+
217
+ test('does not mutate password value') do
218
+ @connection.data[:password] == "pass"
219
+ end
220
+
221
+ end
222
+
193
223
  end
194
224
 
195
225
  tests('use our own instrumentor').returns(
metadata CHANGED
@@ -1,7 +1,8 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: excon
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.19.5
4
+ version: 0.20.0
5
+ prerelease:
5
6
  platform: ruby
6
7
  authors:
7
8
  - dpiddy (Dan Peterson)
@@ -10,118 +11,134 @@ authors:
10
11
  autorequire:
11
12
  bindir: bin
12
13
  cert_chain: []
13
- date: 2013-03-04 00:00:00.000000000 Z
14
+ date: 2013-03-08 00:00:00.000000000 Z
14
15
  dependencies:
15
16
  - !ruby/object:Gem::Dependency
16
17
  name: activesupport
17
18
  requirement: !ruby/object:Gem::Requirement
19
+ none: false
18
20
  requirements:
19
- - - '>='
21
+ - - ! '>='
20
22
  - !ruby/object:Gem::Version
21
23
  version: '0'
22
24
  type: :development
23
25
  prerelease: false
24
26
  version_requirements: !ruby/object:Gem::Requirement
27
+ none: false
25
28
  requirements:
26
- - - '>='
29
+ - - ! '>='
27
30
  - !ruby/object:Gem::Version
28
31
  version: '0'
29
32
  - !ruby/object:Gem::Dependency
30
33
  name: delorean
31
34
  requirement: !ruby/object:Gem::Requirement
35
+ none: false
32
36
  requirements:
33
- - - '>='
37
+ - - ! '>='
34
38
  - !ruby/object:Gem::Version
35
39
  version: '0'
36
40
  type: :development
37
41
  prerelease: false
38
42
  version_requirements: !ruby/object:Gem::Requirement
43
+ none: false
39
44
  requirements:
40
- - - '>='
45
+ - - ! '>='
41
46
  - !ruby/object:Gem::Version
42
47
  version: '0'
43
48
  - !ruby/object:Gem::Dependency
44
49
  name: eventmachine
45
50
  requirement: !ruby/object:Gem::Requirement
51
+ none: false
46
52
  requirements:
47
- - - '>='
53
+ - - ! '>='
48
54
  - !ruby/object:Gem::Version
49
55
  version: '0'
50
56
  type: :development
51
57
  prerelease: false
52
58
  version_requirements: !ruby/object:Gem::Requirement
59
+ none: false
53
60
  requirements:
54
- - - '>='
61
+ - - ! '>='
55
62
  - !ruby/object:Gem::Version
56
63
  version: '0'
57
64
  - !ruby/object:Gem::Dependency
58
65
  name: open4
59
66
  requirement: !ruby/object:Gem::Requirement
67
+ none: false
60
68
  requirements:
61
- - - '>='
69
+ - - ! '>='
62
70
  - !ruby/object:Gem::Version
63
71
  version: '0'
64
72
  type: :development
65
73
  prerelease: false
66
74
  version_requirements: !ruby/object:Gem::Requirement
75
+ none: false
67
76
  requirements:
68
- - - '>='
77
+ - - ! '>='
69
78
  - !ruby/object:Gem::Version
70
79
  version: '0'
71
80
  - !ruby/object:Gem::Dependency
72
81
  name: rake
73
82
  requirement: !ruby/object:Gem::Requirement
83
+ none: false
74
84
  requirements:
75
- - - '>='
85
+ - - ! '>='
76
86
  - !ruby/object:Gem::Version
77
87
  version: '0'
78
88
  type: :development
79
89
  prerelease: false
80
90
  version_requirements: !ruby/object:Gem::Requirement
91
+ none: false
81
92
  requirements:
82
- - - '>='
93
+ - - ! '>='
83
94
  - !ruby/object:Gem::Version
84
95
  version: '0'
85
96
  - !ruby/object:Gem::Dependency
86
97
  name: rdoc
87
98
  requirement: !ruby/object:Gem::Requirement
99
+ none: false
88
100
  requirements:
89
- - - '>='
101
+ - - ! '>='
90
102
  - !ruby/object:Gem::Version
91
103
  version: '0'
92
104
  type: :development
93
105
  prerelease: false
94
106
  version_requirements: !ruby/object:Gem::Requirement
107
+ none: false
95
108
  requirements:
96
- - - '>='
109
+ - - ! '>='
97
110
  - !ruby/object:Gem::Version
98
111
  version: '0'
99
112
  - !ruby/object:Gem::Dependency
100
113
  name: shindo
101
114
  requirement: !ruby/object:Gem::Requirement
115
+ none: false
102
116
  requirements:
103
- - - '>='
117
+ - - ! '>='
104
118
  - !ruby/object:Gem::Version
105
119
  version: '0'
106
120
  type: :development
107
121
  prerelease: false
108
122
  version_requirements: !ruby/object:Gem::Requirement
123
+ none: false
109
124
  requirements:
110
- - - '>='
125
+ - - ! '>='
111
126
  - !ruby/object:Gem::Version
112
127
  version: '0'
113
128
  - !ruby/object:Gem::Dependency
114
129
  name: sinatra
115
130
  requirement: !ruby/object:Gem::Requirement
131
+ none: false
116
132
  requirements:
117
- - - '>='
133
+ - - ! '>='
118
134
  - !ruby/object:Gem::Version
119
135
  version: '0'
120
136
  type: :development
121
137
  prerelease: false
122
138
  version_requirements: !ruby/object:Gem::Requirement
139
+ none: false
123
140
  requirements:
124
- - - '>='
141
+ - - ! '>='
125
142
  - !ruby/object:Gem::Version
126
143
  version: '0'
127
144
  description: EXtended http(s) CONnections
@@ -203,25 +220,29 @@ files:
203
220
  - tests/timeout_tests.rb
204
221
  homepage: https://github.com/geemus/excon
205
222
  licenses: []
206
- metadata: {}
207
223
  post_install_message:
208
224
  rdoc_options:
209
225
  - --charset=UTF-8
210
226
  require_paths:
211
227
  - lib
212
228
  required_ruby_version: !ruby/object:Gem::Requirement
229
+ none: false
213
230
  requirements:
214
- - - '>='
231
+ - - ! '>='
215
232
  - !ruby/object:Gem::Version
216
233
  version: '0'
234
+ segments:
235
+ - 0
236
+ hash: 48330626036390266
217
237
  required_rubygems_version: !ruby/object:Gem::Requirement
238
+ none: false
218
239
  requirements:
219
- - - '>='
240
+ - - ! '>='
220
241
  - !ruby/object:Gem::Version
221
242
  version: '0'
222
243
  requirements: []
223
244
  rubyforge_project: excon
224
- rubygems_version: 2.0.0
245
+ rubygems_version: 1.8.23
225
246
  signing_key:
226
247
  specification_version: 2
227
248
  summary: speed, persistence, http(s)
checksums.yaml DELETED
@@ -1,7 +0,0 @@
1
- ---
2
- SHA1:
3
- metadata.gz: 011663647a49596558289285f614722d7c7d25e0
4
- data.tar.gz: a186c587cb11914ff50538e899f0200d9aa2ed1e
5
- SHA512:
6
- metadata.gz: 2d93b80b63fe2c974fe505c4848f5914344d9407f369493d0de80731105f669950876208437cc4945e9ee2e7a4e86f01d72cf2ff0ceb56f66874b1e50c33f9a9
7
- data.tar.gz: 052441cfb4ab36f4db7c1d3390eeb5968f81d4c319fc851b17b7decfef874ed2405099ccbd5e71282a78727544af6370db2bf1c08dab14e510d7e9f3fd9a0d72