RubyGems - gon - Versions diffs - 6.3.1 → 6.3.2 - Mend

gon 6.3.1 → 6.3.2

Potentially problematic release.

This version of gon might be problematic. Click here for more details.

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d3011b64184a618203097a39e862d2003267b1cd01174fd10277036bd2bccf76
-  data.tar.gz: 4103a6703347a5c5cd35502d9a0655730e3889686346042dc702ba7bebe58dbf
+  metadata.gz: a4be940f45c3dff8c909d94552a81b3240ccea1dd42d5c442c18400278564286
+  data.tar.gz: 86efc334a694c3a9825ec909f34bd5138b601de0108172863adb4d651eccdb28
 SHA512:
-  metadata.gz: df7d4d73cebf80666e8a5f65c04fb8368c83fe53f600976c93f6c8136873add54e9af82df246440b851b18c1254d21f191498d2254cb537734ae8101f5277187
-  data.tar.gz: 0af70690d9acd62e3550ce7bea2142ddc9a518b41b921db60b70fa092fdf0344b6758adb24cbe90c7825b56e81edfb0ed987f88f73937c3191f5bd1af0041fb4
+  metadata.gz: 9adb780569a41eb32cf547f7ffebf22b184fdda8c63aa6d7c2e5e9b0efe789e2ec5a187cec83d4ca4ef0bc068148708adf1a7541752dcad83228dc4c5cf08920
+  data.tar.gz: da49fd8d8e2b683bd69fa2e5f37e8f912faa4496a3f81739022b68f2bea5cd1762c0b3b54c25426756499e8096c9822ff36ce7e854e771db28237988c5e4385b

data/.github/FUNDING.yml ADDED

	@@ -0,0 +1 @@
1	+ tidelift: "rubygems/gon"

data/CHANGELOG.md CHANGED

@@ -1,129 +1,259 @@
 # CHANGELOG
-## 6.0.1
-  * Free dependencies
-## 6.0.0
-  * Refactoring
-  * nonce option. Thanks to @joeljackson
-  * Included rails url_helpers into jbuilder. Thanks to @razum2um
-  * Welcome @takiy33 as contributor!
-## 5.2.3
-  * Coffescript implementation of watch.js. Thanks to @willcosgrove
-  * unwatchAll function in watch.js. Thanks to @willcosgrove
-## 5.2.2
-  * add support for controller helper methods in jbuilder
-## 5.2.1
-  * fix for jbuilder module. Thanks to @jankovy
-  * merge variable feature (for merge hash-like variables instead of overriding them). Thanks to @jalkoby
-## 5.2.0
-  * fix issue where include_gon would raise exception if the controller did not assign any gon variables. Thanks to @asalme
-  * namespace_check option. Thanks to @tommyh
-  * Only inject gon into ActionController::Base-like object in spec_helper. Thanks to @kevinoconnor7
-  * AMD compatible version of including gon. Thanks to @vijoc
-## 5.1.2
-  * Clarifying helpers, dump gon#watch content to safe json before render. Thanks to @Strech
-## 5.1.1
-  * global_root option. Thanks to @rafaelliu
-  * MultiJson support. Thanks to @Strech
-## 5.1.0
-  * Many fixes https://github.com/gazay/gon/compare/91845f3f0debd0cb8fa569aad65f5dc40a7e28e5...8dc7400fbb83ba5a086bd36c76342a393690d53f
-  * Thanks to @Silex, @kilefritz, @irobayna, @kyrylo, @randoum, @jackquack, @tuvistavie, @Strech for awesome commits and help!
-## 5.0.4
-  * Fix check for get and assign variables for Gon.global
-## 5.0.3
-  * Revert changes in gemspec
-## 5.0.2
-  * Fix issue when there is no gon object for current thread and
-    rendering include_gon (#108 part) (wasn't fixed) (@gregmolnar)
-## 5.0.1
-  * Fix issue when there is no gon object for current thread and
-    rendering include_gon (#108 part)
-## 5.0.0
-  * Gon is threadsafe now! (@razum2um)
-  * Camelcasing with depth (@MaxSchmeling)
-  * Optional CDATA and style refactoring (@torbjon)
-  * jBuilder supports not only String and Hash types of locals
-    (@steakchaser)
-  * Using ActionDispatch::Request#uuid instead of
-    ActionDispatch::Request#id (@sharshenov)
-## 4.1.1
-  * Fixed critical XSS vulnerability https://github.com/gazay/gon/issues/84 (@vadimr & @Hebo)
-## 4.1.0
-  * Refactored script tag generation (@toothrot)
-  * Stop support for MRI 1.8.7
-  * Added rabl-rails support (@jtherrell)
-  * Accepting locals in jbuilder templates
-## 4.0.3
-  * Added new method `Gon#push` for assign variables through Hash-like
-    objects (@topdev)
-  * Fixes for 1.8.7 compatibility.
-  * !!!IMPORTANT!!! Last version with compatibility for MRI 1.8.7
-## 4.0.2
-  * Fixed gon.watch in JS without callback and options
-## 4.0.1
-  * Removed BlankSlate requirement *Peter Schröder*
-  * Gon#set_variable and Gon#get_variable moved to public scope
-  * Added option :locals to gon.rabl functionality
-## 4.0.0
-  * Added gon.watch functionality (thanks to @brainopia and @kossnocorp)
-  * Compatibility with jbuilder paths for partial! method
-  * Fixed some bugs
-  * Little bit refactoring - Gon now is a class
-## 3.0.3
-  * Include ActionView::Helpers into Gon::JBuilder
-  * Added init option (@torbjon)
-## 3.0.2
-  * Added need_tag option (@afa)
-## 3.0.0
-  * Almost all code refactored
-  * Added Gon.global for using gon everywhere
-  * Included ActionView::Helpers into Rabl::Engine
-## 2.3.0
-  * Don't really remember what was before this version
+## [Unreleased]
+## [6.3.2] - 2019-11-18
+### Security
+- Restrict possibility of vulnerable i18n legacy verision (0.3.6.pre)
+  installation
+## [6.3.1] - 2019-11-18
+### Changed
+- ActionView::Base and ActionController::Base should be loaded inside
+  ActiveSupport.on_load hook. Thanks to @amatsuda
+- Require Ruby >= 2.2.2 (activesupport). Thanks to @nicolasleger
+- Update old_rails.rb to reflect GonHelpers -> ControllerHelpers name change.
+  Thanks to @etipton
+## [6.2.1] - 2018-07-11
+### Changed
+- Update README: correct spelling mistake. Thanks to @EdwardBetts
+- Autoload test classes only in test env. Thanks to @wilddima
+### Fixed
+- Fix keys cache. Thanks to @ertrzyiks
+- fixing tests by running with rabl and rabl-rails separately. Thanks to
+  @dsalahutdinov
+## [6.2.0] - 2017-10-04
+### Added
+- Introduce keys cache. Thanks to @vlazar
+- Add possibleErrorCallback to watch params. Thanks to @etagwerker
+### Changed
+- Update readme with PhoenixGon hex link. Thanks to @khusnetdinov
+- Fix code highlighting in README. Thanks to @ojab
+- Refactoring: use attr_reader
+### Removed
+- Remove unnecessary json dependency.
+- Remove rubysl and rubinius-developer_tools gem.
+## [6.1.0] - 2016-07-11
+### Deprecated
+- env is deprecated and will be removed from Rails 5.0. Thanks to @dlupu
+### Fixed
+- fix merging routes bug. Thanks to @strikyflo
+- Show what method was used in public methods error.
+### Changed
+- Use 'need_tag' as option name to prevent calling 'tag' method. Thanks to
+  @june29
+- Update README; comment out gon.clear from sample code. Thanks to
+  @speee-nakajima
+- Update README; Replace the include_gon method with render_data method.
+- Refactoring: use attr_accessor method.
+- Refactoring: use attr_reader method.
+## [6.0.1] - 2015-07-22
+### Changed
+- Free dependencies
+## [6.0.0] - 2015-07-22
+### Added
+- nonce option. Thanks to @joeljackson
+### Changed
+- Refactoring
+- Included rails url_helpers into jbuilder. Thanks to @razum2um
+## [5.2.3] - 2014-11-03
+### Added
+- Coffescript implementation of watch.js. Thanks to @willcosgrove
+- unwatchAll function in watch.js. Thanks to @willcosgrove
+## [5.2.2] - 2014-10-31
+### Added
+- support for controller helper methods in jbuilder
+## [5.2.1] - 2014-10-28
+### Added
+- merge variable feature (for merge hash-like variables instead of overriding
+  them). Thanks to @jalkoby
+### Fixed
+- fix for jbuilder module. Thanks to @jankovy
+## [5.2.0] - 2014-08-26
+### Added
+- namespace_check option. Thanks to @tommyh
+- AMD compatible version of including gon. Thanks to @vijoc
+### Changed
+- Only inject gon into ActionController::Base-like object in spec_helper. Thanks
+  to @kevinoconnor7
+### Fixed
+- fix issue where include_gon would raise exception if the controller did not
+  assign any gon variables. Thanks to @asalme
+## [5.1.2] - 2014-07-22
+### Changed
+- Clarifying helpers, dump gon#watch content to safe json before render. Thanks
+  to @Strech
+## [5.1.1] - 2014-07-17
+### Added
+- global_root option. Thanks to @rafaelliu
+- MultiJson support. Thanks to @Strech
+## [5.1.0] - 2014-06-29
+### Fixed
+- Many fixes. Thanks to @Silex, @kilefritz, @irobayna, @kyrylo, @randoum,
+  @jackquack, @tuvistavie, @Strech for awesome commits and help!
+## [5.0.4] - 2014-02-13
+### Fixed
+- Fix check for get and assign variables for Gon.global
+## [5.0.3] - 2014-02-12
+### Removed
+- Revert changes in gemspec
+## [5.0.2] - 2014-02-12
+### Fixed
+- Fix issue when there is no gon object for current thread and rendering
+  include_gon (#108 part) (wasn't fixed) (@gregmolnar)
+## [5.0.1] - 2013-12-30
+### Fixed
+- Fix issue when there is no gon object for current thread and rendering
+  include_gon (#108 part)
+## [5.0.0] - 2013-12-26
+### Changed
+- Gon is threadsafe now! (@razum2um)
+- Camelcasing with depth (@MaxSchmeling)
+- Optional CDATA and style refactoring (@torbjon)
+- jBuilder supports not only String and Hash types of locals (@steakchaser)
+- Using ActionDispatch::Request#uuid instead of ActionDispatch::Request#id
+  (@sharshenov)
+## [4.1.1] - 2013-06-04
+### Fixed
+- Fixed critical XSS vulnerability https://github.com/gazay/gon/issues/84
+  (@vadimr & @Hebo)
+## [4.1.0] - 2013-04-14
+### Added
+- rabl-rails support (@jtherrell)
+### Changed
+- Refactored script tag generation (@toothrot)
+- Stop support for MRI 1.8.7
+- Accepting locals in jbuilder templates
+## [4.0.3] - 2013-04-14
+!!!IMPORTANT!!! Last version with compatibility for MRI 1.8.7
+### Added
+- new method `Gon#push` for assign variables through Hash-like objects (@topdev)
+### Changed
+- Fixes for 1.8.7 compatibility.
+## [4.0.2] - 2012-12-17
+### Fixed
+- Fixed gon.watch in JS without callback and options
+## [4.0.1] - 2012-10-25
+### Added
+- option :locals to gon.rabl functionality
+### Changed
+- Gon#set_variable and Gon#get_variable moved to public scope
+### Removed
+- BlankSlate requirement (@phoet)
+## [4.0.0] - 2012-07-23
+### Added
+- gon.watch functionality (thanks to @brainopia and @kossnocorp)
+- Compatibility with jbuilder paths for partial! method
+### Changed
+- Little bit refactoring - Gon now is a class
+### Fixed
+- Fixed some bugs
+## [3.0.5] - 2012-06-22
+### Added
+- type text/javascript option (@torbjon)
+### Changed
+- A litlle bit refactoring
+- Made compatible with active support json encoding for escaping script tags
+### Fixed
+- bug for init option
+- clear if init true (@torbjon)
+## [3.0.4] - 2012-06-02
+### Fixed
+- Fix bug with gon clear with global variables, bump version
+## [3.0.3] - 2012-05-22
+### Added
+- init option (@torbjon)
+### Changed
+- Include ActionView::Helpers into Gon::JBuilder
+## [3.0.2] - 2012-04-28
+### Added
+- need_tag option (@afa)
+## [3.0.0] - 2012-04-17
+### Added
+- Added Gon.global for using gon everywhere
+### Changed
+- Almost all code refactored
+- Included ActionView::Helpers into Rabl::Engine
+## [2.3.0] - 2012-04-09
+### Changed
+- Don't really remember what was before this version
+[Unreleased]: https://github.com/gazay/gon/compare/v6.3.1...master
+[6.3.1]: https://github.com/gazay/gon/compare/v6.2.1...v6.3.1
+[6.2.1]: https://github.com/gazay/gon/compare/v6.2.0...v6.2.1
+[6.2.0]: https://github.com/gazay/gon/compare/v6.1.0...v6.2.0
+[6.1.0]: https://github.com/gazay/gon/compare/v6.0.1...v6.1.0
+[6.0.1]: https://github.com/gazay/gon/compare/v6.0.0...v6.0.1
+[6.0.0]: https://github.com/gazay/gon/compare/v5.2.3...v6.0.0
+[5.2.3]: https://github.com/gazay/gon/compare/v5.2.2...v5.2.3
+[5.2.2]: https://github.com/gazay/gon/compare/v5.2.1...v5.2.2
+[5.2.1]: https://github.com/gazay/gon/compare/v5.2.0...v5.2.1
+[5.2.0]: https://github.com/gazay/gon/compare/v5.1.2...v5.2.0
+[5.1.2]: https://github.com/gazay/gon/compare/v5.1.1...v5.1.2
+[5.1.1]: https://github.com/gazay/gon/compare/v5.1.0...v5.1.1
+[5.1.0]: https://github.com/gazay/gon/compare/v5.0.4...v5.1.0
+[5.0.4]: https://github.com/gazay/gon/compare/v5.0.3...v5.0.4
+[5.0.3]: https://github.com/gazay/gon/compare/v5.0.2...v5.0.3
+[5.0.2]: https://github.com/gazay/gon/compare/v5.0.1...v5.0.2
+[5.0.1]: https://github.com/gazay/gon/compare/v5.0.0...v5.0.1
+[5.0.0]: https://github.com/gazay/gon/compare/v4.1.1...v5.0.0
+[4.1.1]: https://github.com/gazay/gon/compare/v4.1.0...v4.1.1
+[4.1.0]: https://github.com/gazay/gon/compare/v4.0.3...v4.1.0
+[4.0.3]: https://github.com/gazay/gon/compare/v4.0.2...v4.0.3
+[4.0.2]: https://github.com/gazay/gon/compare/v4.0.1...v4.0.2
+[4.0.1]: https://github.com/gazay/gon/compare/v4.0.0...v4.0.1
+[4.0.0]: https://github.com/gazay/gon/compare/v3.0.5...v4.0.0
+[3.0.5]: https://github.com/gazay/gon/compare/v3.0.4...v3.0.5
+[3.0.4]: https://github.com/gazay/gon/compare/v3.0.3...v3.0.4
+[3.0.3]: https://github.com/gazay/gon/compare/v3.0.2...v3.0.3
+[3.0.2]: https://github.com/gazay/gon/compare/v3.0.0...v3.0.2
+[3.0.0]: https://github.com/gazay/gon/compare/v2.3.0...v3.0.0
+[2.3.0]: https://github.com/gazay/gon/releases/tag/v2.3.0

data/README.md CHANGED

@@ -237,3 +237,7 @@ Special thanks to @brainopia, @kossnocorp and @ai.
 ## License
 The MIT License
+## Security Contact
+To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure.

data/gon.gemspec CHANGED

@@ -16,14 +16,15 @@ Gem::Specification.new do |s|
   s.files         = `git ls-files`.split("\n")
   s.require_paths = ['lib']
   s.required_ruby_version = '>= 2.2.0'
-  s.add_dependency 'actionpack', '>= 3.0'
+  s.add_dependency 'actionpack', '>= 3.0.20'
+  s.add_dependency 'i18n', '>= 0.7'
   s.add_dependency 'request_store', '>= 1.0'
   s.add_dependency 'multi_json'
   s.add_development_dependency 'rabl', '0.11.3'
   s.add_development_dependency 'rabl-rails'
   s.add_development_dependency 'rspec', '>= 3.0'
   s.add_development_dependency 'jbuilder'
-  s.add_development_dependency 'railties', '>= 3.0'
+  s.add_development_dependency 'railties', '>= 3.0.20'
   s.add_development_dependency 'rake'
   s.add_development_dependency 'pry'
 end

data/lib/gon/version.rb CHANGED

@@ -1,3 +1,3 @@
 class Gon
-  VERSION = '6.3.1'
+  VERSION = '6.3.2'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gon
 version: !ruby/object:Gem::Version
-  version: 6.3.1
+  version: 6.3.2
 platform: ruby
 authors:
 - gazay
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-11-16 00:00:00.000000000 Z
+date: 2019-11-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -16,14 +16,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 3.0.20
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 3.0.20
+- !ruby/object:Gem::Dependency
+  name: i18n
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.7'
 - !ruby/object:Gem::Dependency
   name: request_store
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +128,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 3.0.20
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 3.0.20
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -158,6 +172,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/FUNDING.yml"
 - ".gitignore"
 - ".travis.yml"
 - CHANGELOG.md