grape 1.3.0 → 1.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 826e1365751c85c3f1f7d433e842a76c8a7f5dc6c4a1b13128679e4d56b2ccf5
-  data.tar.gz: af8aef528c40764a53a3e397c306835745943a1d376ab3738bf7aa2547ef75d1
+  metadata.gz: a1ba205b72fd823b11e700753891784fdfbd6791f591b790a99ac3433cb8fe23
+  data.tar.gz: '09e64a0d93415b28fdb179fbb5d7ef0d03e00dcb976fd885c0c655d6ac041345'
 SHA512:
-  metadata.gz: 0af9a855214f1fbacd92403111aa1f4761b7257adf6ca9dbd6ab4e1cb889469b76a489971d058a58e98d3bf6906dacb67eb8a5eae11aad16782f318b3453988b
-  data.tar.gz: 25004acd2431ab7cd174466e82ca5240b888ca045036227909ed9c8c886cd8706f1d3b696f4b1ede8eaa69c68c156fe064557afea8cdf53c9d39b136db7ae4b1
+  metadata.gz: 06fcd2157bcfcc6e71876df09b34a318c600761b79fb99ad77739521d056950ee8391dfd050efd43618f7f99f11990623e276b32d15a27e92015ec3a56c6c08b
+  data.tar.gz: 5463bbd0347950765c9d92e859965e90dd69d7d1f781fd188386cf39597c196f5ba2dc697dbee4f896a70f6498c1e43034a33db8460ea9a719218a7d5df46d6f

data/CHANGELOG.md

@@ -1,3 +1,41 @@
+### 1.3.2 (2020/04/12)
+
+#### Features
+* [#2020](https://github.com/ruby-grape/grape/pull/2020): Reduce array allocation - [@ericproulx](https://github.com/ericproulx).
+* [#2015](https://github.com/ruby-grape/grape/pull/2014): Reduce MatchData allocation - [@ericproulx](https://github.com/ericproulx).
+* [#2014](https://github.com/ruby-grape/grape/pull/2014): Reduce total allocated arrays - [@ericproulx](https://github.com/ericproulx).
+* [#2011](https://github.com/ruby-grape/grape/pull/2011): Reduce total retained regexes - [@ericproulx](https://github.com/ericproulx).
+
+#### Fixes
+
+* [#2033](https://github.com/ruby-grape/grape/pull/2033): Ensure `Float` params are correctly coerced to `BigDecimal` - [@tlconnor](https://github.com/tlconnor).
+* [#2031](https://github.com/ruby-grape/grape/pull/2031): Fix a regression with an array of a custom type - [@dnesteryuk](https://github.com/dnesteryuk).
+* [#2026](https://github.com/ruby-grape/grape/pull/2026): Fix a regression in `coerce_with` when coercion returns `nil` - [@misdoro](https://github.com/misdoro).
+* [#2025](https://github.com/ruby-grape/grape/pull/2025): Fix Decimal type category - [@kdoya](https://github.com/kdoya).
+* [#2019](https://github.com/ruby-grape/grape/pull/2019): Avoid coercing parameter with multiple types to an empty Array - [@stanhu](https://github.com/stanhu).
+
+### 1.3.1 (2020/03/11)
+
+#### Features
+
+* [#2005](https://github.com/ruby-grape/grape/pull/2005): Content types registrable - [@ericproulx](https://github.com/ericproulx).
+* [#2003](https://github.com/ruby-grape/grape/pull/2003): Upgraded Rubocop to 0.80.1 - [@ericproulx](https://github.com/ericproulx).
+* [#2002](https://github.com/ruby-grape/grape/pull/2002): Objects allocation optimization (lazy_lookup) - [@ericproulx](https://github.com/ericproulx).
+
+#### Fixes
+
+* [#2006](https://github.com/ruby-grape/grape/pull/2006): Fix explicit rescue StandardError - [@ericproulx](https://github.com/ericproulx).
+* [#2004](https://github.com/ruby-grape/grape/pull/2004): Rubocop fixes - [@ericproulx](https://github.com/ericproulx).
+* [#1995](https://github.com/ruby-grape/grape/pull/1995): Fix: "undefined instance variables" and "method redefined" warnings - [@nbeyer](https://github.com/nbeyer).
+* [#1994](https://github.com/ruby-grape/grape/pull/1993): Fix typos in README - [@bellmyer](https://github.com/bellmyer).
+* [#1993](https://github.com/ruby-grape/grape/pull/1993): Lazy join allow header - [@ericproulx](https://github.com/ericproulx).
+* [#1987](https://github.com/ruby-grape/grape/pull/1987): Re-add exactly_one_of mutually exclusive error message - [@ZeroInputCtrl](https://github.com/ZeroInputCtrl).
+* [#1977](https://github.com/ruby-grape/grape/pull/1977): Skip validation for a file if it is optional and nil - [@dnesteryuk](https://github.com/dnesteryuk).
+* [#1976](https://github.com/ruby-grape/grape/pull/1976): Ensure classes/modules listed for autoload really exist - [@dnesteryuk](https://github.com/dnesteryuk).
+* [#1971](https://github.com/ruby-grape/grape/pull/1971): Fix BigDecimal coercion - [@FlickStuart](https://github.com/FlickStuart).
+* [#1968](https://github.com/ruby-grape/grape/pull/1968): Fix args forwarding in Grape::Middleware::Stack#merge_with for ruby 2.7.0 - [@dm1try](https://github.com/dm1try).
+* [#1988](https://github.com/ruby-grape/grape/pull/1988): Refactored the full_messages method and stop overriding full_message - [@hosseintoussi](https://github.com/hosseintoussi).
+
 ### 1.3.0 (2020/01/11)
 
 #### Features

data/README.md

@@ -154,8 +154,7 @@ content negotiation, versioning and much more.
 
 ## Stable Release
 
-You're reading the documentation for the stable release of Grape, **1.3.0**.
-Please read [UPGRADING](UPGRADING.md) when upgrading from a previous version.
+You're reading the documentation for the stable release of Grape, 1.3.2.
 
 ## Project Resources
 
@@ -1722,7 +1721,7 @@ params do
 end
 ```
 
-Every validation will have it's own instance of the validator, which means that the validator can have a state.
+Every validation will have its own instance of the validator, which means that the validator can have a state.
 
 ### Validation Errors
 
@@ -3188,14 +3187,13 @@ applies to the current namespace and any children, but not parents.
 ```ruby
 http_basic do |username, password|
   # verify user's password here
-  { 'test' => 'password1' }[username] == password
+  # IMPORTANT: make sure you use a comparison method which isn't prone to a timing attack
 end
 ```
 
 ```ruby
 http_digest({ realm: 'Test Api', opaque: 'app secret' }) do |username|
   # lookup the user's password here
-  { 'user1' => 'password1' }[username]
 end
 ```
 
@@ -3301,7 +3299,7 @@ end
 
 Blocks can be executed before or after every API call, using `before`, `after`,
 `before_validation` and `after_validation`.
-If the API fails the `after` call will not be trigered, if you need code to execute for sure
+If the API fails the `after` call will not be triggered, if you need code to execute for sure
 use the `finally`.
 
 Before and after callbacks execute in the following order:

data/UPGRADING.md

@@ -9,38 +9,83 @@ After adding dry-types, Ruby 2.4 or newer is required.
 
 #### Coercion
 
-[Virtus](https://github.com/solnic/virtus) has been replaced by [dry-types](https://dry-rb.org/gems/dry-types/1.2/) for parameter coercion. If your project depends on Virtus, explicitly add it to your `Gemfile`. Also, if Virtus is used for defining custom types
+[Virtus](https://github.com/solnic/virtus) has been replaced by
+[dry-types](https://dry-rb.org/gems/dry-types/1.2/) for parameter
+coercion. If your project depends on Virtus outside of Grape, explicitly
+add it to your `Gemfile`.
+
+Here's an example of how to migrate a custom type from Virtus to dry-types:
 
 ```ruby
-class User
-  include Virtus.model
+# Legacy Grape parser
+class SecureUriType < Virtus::Attribute
+  def coerce(input)
+    URI.parse value
+  end
 
-  attribute :id, Integer
-  attribute :name, String
+  def value_coerced?(input)
+    value.is_a? String
+  end
 end
 
-# somewhere in your API
 params do
-  requires :user, type: User
+  requires :secure_uri, type: SecureUri
 end
 ```
 
-Add a class-level `parse` method to the model:
+To use dry-types, we need to:
 
-```ruby
-class User
-  include Virtus.model
+1. Remove the inheritance of `Virtus::Attribute`
+1. Rename `coerce` to `self.parse`
+1. Rename `value_coerced?` to `self.parsed?`
 
-  attribute :id, Integer
-  attribute :name, String
+The custom type must have a class-level `parse` method to the model. A
+class-level `parsed?` is needed if the parsed type differs from the
+defined type. In the example below, since `SecureUri` is not the same
+as `URI::HTTPS`, `self.parsed?` is needed:
 
-  def self.parse(attrs)
-    new(attrs)
+```ruby
+# New dry-types parser
+class SecureUri
+  def self.parse(value)
+    URI.parse value
+  end
+
+  def self.parsed?(value)
+    value.is_a? URI::HTTPS
   end
 end
+
+params do
+  requires :secure_uri, type: SecureUri
+end
+```
+
+#### Ensure that Array types have explicit coercions
+
+Unlike Virtus, dry-types does not perform any implict coercions. If you
+have any uses of `Array[String]`, `Array[Integer]`, etc. be sure they
+use a `coerce_with` block. For example:
+
+```ruby
+requires :values, type: Array[String]
 ```
 
-Custom types which don't depend on Virtus don't require any changes.
+It's quite common to pass a comma-separated list, such as `tag1,tag2` as
+`values`. Previously Virtus would implicitly coerce this to
+`Array(values)` so that `["tag1,tag2"]` would pass the type checks, but
+with `dry-types` the values are no longer coerced for you. To fix this,
+you might do:
+
+```ruby
+requires :values, type: Array[String], coerce_with: ->(val) { val.split(',').map(&:strip) }
+```
+
+Likewise, for `Array[Integer]`, you might do:
+
+```ruby
+requires :values, type: Array[Integer], coerce_with: ->(val) { val.split(',').map(&:strip).map(&:to_i) }
+```
 
 For more information see [#1920](https://github.com/ruby-grape/grape/pull/1920).
 

data/lib/grape/api/instance.rb

@@ -74,7 +74,7 @@ module Grape
         # (see #cascade?)
         def cascade(value = nil)
           if value.nil?
-            inheritable_setting.namespace_inheritable.keys.include?(:cascade) ? !namespace_inheritable(:cascade).nil? : true
+            inheritable_setting.namespace_inheritable.key?(:cascade) ? !namespace_inheritable(:cascade).nil? : true
           else
             namespace_inheritable(:cascade, value)
           end
@@ -178,7 +178,7 @@ module Grape
       # errors from reaching upstream. This is effectivelly done by unsetting
       # X-Cascade. Default :cascade is true.
       def cascade?
-        return self.class.namespace_inheritable(:cascade) if self.class.inheritable_setting.namespace_inheritable.keys.include?(:cascade)
+        return self.class.namespace_inheritable(:cascade) if self.class.inheritable_setting.namespace_inheritable.key?(:cascade)
         return self.class.namespace_inheritable(:version_options)[:cascade] if self.class.namespace_inheritable(:version_options) && self.class.namespace_inheritable(:version_options).key?(:cascade)
         true
       end
@@ -209,7 +209,7 @@ module Grape
             route_settings[:endpoint] = route.app
 
             # using the :any shorthand produces [nil] for route methods, substitute all manually
-            route_settings[:methods] = %w[GET PUT POST DELETE PATCH HEAD OPTIONS] if route_settings[:methods].include?('*')
+            route_settings[:methods] = Grape::Http::Headers::SUPPORTED_METHODS if route_settings[:methods].include?('*')
           end
         end
 
@@ -227,7 +227,7 @@ module Grape
                 allowed_methods |= [Grape::Http::Headers::HEAD] if allowed_methods.include?(Grape::Http::Headers::GET)
               end
 
-              allow_header = (self.class.namespace_inheritable(:do_not_route_options) ? allowed_methods : [Grape::Http::Headers::OPTIONS] | allowed_methods).join(', ')
+              allow_header = (self.class.namespace_inheritable(:do_not_route_options) ? allowed_methods : [Grape::Http::Headers::OPTIONS] | allowed_methods)
 
               unless self.class.namespace_inheritable(:do_not_route_options) || allowed_methods.include?(Grape::Http::Headers::OPTIONS)
                 config[:endpoint].options[:options_route_enabled] = true
@@ -243,9 +243,13 @@ module Grape
       # Generate a route that returns an HTTP 405 response for a user defined
       # path on methods not specified
       def generate_not_allowed_method(pattern, allowed_methods: [], **attributes)
-        not_allowed_methods = %w[GET PUT POST DELETE PATCH HEAD] - allowed_methods
-        not_allowed_methods << Grape::Http::Headers::OPTIONS if self.class.namespace_inheritable(:do_not_route_options)
-
+        supported_methods =
+          if self.class.namespace_inheritable(:do_not_route_options)
+            Grape::Http::Headers::SUPPORTED_METHODS
+          else
+            Grape::Http::Headers::SUPPORTED_METHODS_WITHOUT_OPTIONS
+          end
+        not_allowed_methods = supported_methods - allowed_methods
         return if not_allowed_methods.empty?
 
         @router.associate_routes(pattern, not_allowed_methods: not_allowed_methods, **attributes)

data/lib/grape/api.rb

@@ -8,7 +8,7 @@ module Grape
   # should subclass this class in order to build an API.
   class API
     # Class methods that we want to call on the API rather than on the API object
-    NON_OVERRIDABLE = (Class.new.methods + %i[call call! configuration compile!]).freeze
+    NON_OVERRIDABLE = (Class.new.methods + %i[call call! configuration compile! inherited]).freeze
 
     class << self
       attr_accessor :base_instance, :instances
@@ -175,7 +175,7 @@ module Grape
           if argument.respond_to?(:lazy?) && argument.lazy?
             argument.evaluate_from(configuration)
           elsif argument.is_a?(Hash)
-            argument.map { |key, value| [key, evaluate_arguments(configuration, value).first] }.to_h
+            argument.transform_values { |value| evaluate_arguments(configuration, value).first }
           elsif argument.is_a?(Array)
             evaluate_arguments(configuration, *argument)
           else

data/lib/grape/content_types.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require 'grape/util/registrable'
+
+module Grape
+  module ContentTypes
+    extend Util::Registrable
+
+    # Content types are listed in order of preference.
+    CONTENT_TYPES = {
+      xml: 'application/xml',
+      serializable_hash: 'application/json',
+      json: 'application/json',
+      binary: 'application/octet-stream',
+      txt: 'text/plain'
+    }.freeze
+
+    class << self
+      def content_types_for_settings(settings)
+        return if settings.blank?
+
+        settings.each_with_object({}) { |value, result| result.merge!(value) }
+      end
+
+      def content_types_for(from_settings)
+        if from_settings.present?
+          from_settings
+        else
+          Grape::ContentTypes::CONTENT_TYPES.merge(default_elements)
+        end
+      end
+    end
+  end
+end

data/lib/grape/dsl/helpers.rb

@@ -94,7 +94,7 @@ module Grape
         protected
 
         def process_named_params
-          return unless @named_params && @named_params.any?
+          return unless instance_variable_defined?(:@named_params) && @named_params && @named_params.any?
           api.namespace_stackable(:named_params, @named_params)
         end
       end

data/lib/grape/dsl/inside_route.rb

@@ -177,17 +177,17 @@ module Grape
       def status(status = nil)
         case status
         when Symbol
-          raise ArgumentError, "Status code :#{status} is invalid." unless Rack::Utils::SYMBOL_TO_STATUS_CODE.keys.include?(status)
+          raise ArgumentError, "Status code :#{status} is invalid." unless Rack::Utils::SYMBOL_TO_STATUS_CODE.key?(status)
           @status = Rack::Utils.status_code(status)
         when Integer
           @status = status
         when nil
-          return @status if @status
+          return @status if instance_variable_defined?(:@status) && @status
           case request.request_method.to_s.upcase
           when Grape::Http::Headers::POST
             201
           when Grape::Http::Headers::DELETE
-            if @body.present?
+            if instance_variable_defined?(:@body) && @body.present?
               200
             else
               204
@@ -238,7 +238,7 @@ module Grape
           @body = ''
           status 204
         else
-          @body
+          instance_variable_defined?(:@body) ? @body : nil
         end
       end
 
@@ -272,7 +272,7 @@ module Grape
           warn '[DEPRECATION] Argument as FileStreamer-like object is deprecated. Use path to file instead.'
           @file = Grape::ServeFile::FileResponse.new(value)
         else
-          @file
+          instance_variable_defined?(:@file) ? @file : nil
         end
       end
 
@@ -331,11 +331,12 @@ module Grape
                          end
 
         representation = { root => representation } if root
+
         if key
-          representation = (@body || {}).merge(key => representation)
-        elsif entity_class.present? && @body
+          representation = (body || {}).merge(key => representation)
+        elsif entity_class.present? && body
           raise ArgumentError, "Representation of type #{representation.class} cannot be merged." unless representation.respond_to?(:merge)
-          representation = @body.merge(representation)
+          representation = body.merge(representation)
         end
 
         body representation
@@ -387,7 +388,7 @@ module Grape
       def entity_representation_for(entity_class, object, options)
         embeds = { env: env }
         embeds[:version] = env[Grape::Env::API_VERSION] if env[Grape::Env::API_VERSION]
-        entity_class.represent(object, **embeds.merge(options))
+        entity_class.represent(object, embeds.merge(options))
       end
     end
   end

data/lib/grape/dsl/parameters.rb

@@ -127,7 +127,7 @@ module Grape
 
         opts = attrs.extract_options!.clone
         opts[:presence] = { value: true, message: opts[:message] }
-        opts = @group.merge(opts) if @group
+        opts = @group.merge(opts) if instance_variable_defined?(:@group) && @group
 
         if opts[:using]
           require_required_and_optional_fields(attrs.first, opts)
@@ -146,7 +146,7 @@ module Grape
 
         opts = attrs.extract_options!.clone
         type = opts[:type]
-        opts = @group.merge(opts) if @group
+        opts = @group.merge(opts) if instance_variable_defined?(:@group) && @group
 
         # check type for optional parameter group
         if attrs && block_given?
@@ -243,8 +243,8 @@ module Grape
       # @return hash of parameters relevant for the current scope
       # @api private
       def params(params)
-        params = @parent.params(params) if @parent
-        params = map_params(params, @element) if @element
+        params = @parent.params(params) if instance_variable_defined?(:@parent) && @parent
+        params = map_params(params, @element) if instance_variable_defined?(:@element) && @element
         params
       end
 

data/lib/grape/dsl/routing.rb

@@ -51,7 +51,7 @@ module Grape
             end
           end
 
-          @versions.last unless @versions.nil?
+          @versions.last if instance_variable_defined?(:@versions) && @versions
         end
 
         # Define a root URL prefix for your entire API.
@@ -142,11 +142,11 @@ module Grape
           reset_validations!
         end
 
-        %w[get post put head delete options patch].each do |meth|
-          define_method meth do |*args, &block|
+        Grape::Http::Headers::SUPPORTED_METHODS.each do |supported_method|
+          define_method supported_method.downcase do |*args, &block|
             options = args.extract_options!
             paths = args.first || ['/']
-            route(meth.upcase, paths, options, &block)
+            route(supported_method, paths, options, &block)
           end
         end
 
@@ -163,6 +163,8 @@ module Grape
         #       end
         #     end
         def namespace(space = nil, options = {}, &block)
+          @namespace_description = nil unless instance_variable_defined?(:@namespace_description) && @namespace_description
+
           if space || block_given?
             within_namespace do
               previous_namespace_description = @namespace_description

data/lib/grape/exceptions/base.rb

@@ -57,10 +57,6 @@ module Grape
         end.join(', ')
       end
 
-      def translate_attribute(key, **options)
-        translate("#{BASE_ATTRIBUTES_KEY}.#{key}", default: key, **options)
-      end
-
       def translate_message(key, **options)
         case key
         when Symbol

data/lib/grape/exceptions/validation_errors.rb

@@ -5,6 +5,9 @@ require 'grape/exceptions/base'
 module Grape
   module Exceptions
     class ValidationErrors < Grape::Exceptions::Base
+      ERRORS_FORMAT_KEY = 'grape.errors.format'
+      DEFAULT_ERRORS_FORMAT = '%{attributes} %{message}'
+
       include Enumerable
 
       attr_reader :errors
@@ -41,21 +44,17 @@ module Grape
       end
 
       def full_messages
-        messages = map { |attributes, error| full_message(attributes, error) }
+        messages = map do |attributes, error|
+          I18n.t(
+            ERRORS_FORMAT_KEY,
+            default: DEFAULT_ERRORS_FORMAT,
+            attributes: translate_attributes(attributes),
+            message: error.message
+          )
+        end
         messages.uniq!
         messages
       end
-
-      private
-
-      def full_message(attributes, error)
-        I18n.t(
-          'grape.errors.format',
-          default: '%{attributes} %{message}',
-          attributes: attributes.count == 1 ? translate_attribute(attributes.first) : translate_attributes(attributes),
-          message: error.message
-        )
-      end
     end
   end
 end

data/lib/grape/http/headers.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'grape/util/lazy_object'
+
 module Grape
   module Http
     module Headers
@@ -19,6 +21,7 @@ module Grape
       OPTIONS = 'OPTIONS'
 
       SUPPORTED_METHODS = [GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS].freeze
+      SUPPORTED_METHODS_WITHOUT_OPTIONS = Grape::Util::LazyObject.new { [GET, POST, PUT, PATCH, DELETE, HEAD].freeze }
 
       HTTP_ACCEPT_VERSION    = 'HTTP_ACCEPT_VERSION'
       X_CASCADE              = 'X-Cascade'
@@ -27,6 +30,29 @@ module Grape
 
       FORMAT                 = 'format'
 
+      HTTP_HEADERS = Grape::Util::LazyObject.new do
+        common_http_headers = %w[
+          Version
+          Host
+          Connection
+          Cache-Control
+          Dnt
+          Upgrade-Insecure-Requests
+          User-Agent
+          Sec-Fetch-Dest
+          Accept
+          Sec-Fetch-Site
+          Sec-Fetch-Mode
+          Sec-Fetch-User
+          Accept-Encoding
+          Accept-Language
+          Cookie
+        ].freeze
+        common_http_headers.each_with_object({}) do |header, response|
+          response["HTTP_#{header.upcase.tr('-', '_')}"] = header
+        end.freeze
+      end
+
       def self.find_supported_method(route_method)
         Grape::Http::Headers::SUPPORTED_METHODS.detect { |supported_method| supported_method.casecmp(route_method).zero? }
       end

data/lib/grape/middleware/base.rb

@@ -74,11 +74,9 @@ module Grape
       end
 
       def mime_types
-        types_without_params = {}
-        content_types.each_pair do |k, v|
+        @mime_type ||= content_types.each_pair.with_object({}) do |(k, v), types_without_params|
           types_without_params[v.split(';').first] = k
         end
-        types_without_params
       end
 
       private

data/lib/grape/middleware/stack.rb

@@ -78,7 +78,8 @@ module Grape
       def merge_with(middleware_specs)
         middleware_specs.each do |operation, *args|
           if args.last.is_a?(Proc)
-            public_send(operation, *args, &args.pop)
+            last_proc = args.pop
+            public_send(operation, *args, &last_proc)
           else
             public_send(operation, *args)
           end

data/lib/grape/middleware/versioner/header.rb

@@ -26,10 +26,10 @@ module Grape
       # route.
       class Header < Base
         VENDOR_VERSION_HEADER_REGEX =
-          /\Avnd\.([a-z0-9.\-_!#\$&\^]+?)(?:-([a-z0-9*.]+))?(?:\+([a-z0-9*\-.]+))?\z/
+          /\Avnd\.([a-z0-9.\-_!#\$&\^]+?)(?:-([a-z0-9*.]+))?(?:\+([a-z0-9*\-.]+))?\z/.freeze
 
-        HAS_VENDOR_REGEX = /\Avnd\.[a-z0-9.\-_!#\$&\^]+/
-        HAS_VERSION_REGEX = /\Avnd\.([a-z0-9.\-_!#\$&\^]+?)(?:-([a-z0-9*.]+))+/
+        HAS_VENDOR_REGEX = /\Avnd\.[a-z0-9.\-_!#\$&\^]+/.freeze
+        HAS_VERSION_REGEX = /\Avnd\.([a-z0-9.\-_!#\$&\^]+?)(?:-([a-z0-9*.]+))+/.freeze
 
         def before
           strict_header_checks if strict?
@@ -63,7 +63,7 @@ module Grape
 
         def an_accept_header_with_version_and_vendor_is_present?
           header.qvalues.keys.any? do |h|
-            VENDOR_VERSION_HEADER_REGEX =~ h.sub('application/', '')
+            VENDOR_VERSION_HEADER_REGEX.match?(h.sub('application/', ''))
           end
         end
 

data/lib/grape/middleware/versioner/parse_media_type_patch.rb

@@ -3,11 +3,12 @@
 module Rack
   module Accept
     module Header
+      ALLOWED_CHARACTERS = %r{^([a-z*]+)\/([a-z0-9*\&\^\-_#\$!.+]+)(?:;([a-z0-9=;]+))?$}.freeze
       class << self
         # Corrected version of https://github.com/mjackson/rack-accept/blob/master/lib/rack/accept/header.rb#L40-L44
         def parse_media_type(media_type)
           # see http://tools.ietf.org/html/rfc6838#section-4.2 for allowed characters in media type names
-          m = media_type.to_s.match(%r{^([a-z*]+)\/([a-z0-9*\&\^\-_#\$!.+]+)(?:;([a-z0-9=;]+))?$})
+          m = media_type&.match(ALLOWED_CHARACTERS)
           m ? [m[1], m[2], m[3] || ''] : []
         end
       end

data/lib/grape/middleware/versioner/path.rb

@@ -36,7 +36,7 @@ module Grape
 
           pieces = path.split('/')
           potential_version = pieces[1]
-          return unless potential_version =~ options[:pattern]
+          return unless potential_version&.match?(options[:pattern])
           throw :error, status: 404, message: '404 API Version Not Found' if options[:versions] && !options[:versions].find { |v| v.to_s == potential_version }
           env[Grape::Env::API_VERSION] = potential_version
         end

data/lib/grape/namespace.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'grape/util/cache'
+
 module Grape
   # A container for endpoints or other namespaces, which allows for both
   # logical grouping of endpoints as well as sharing common configuration.
@@ -25,13 +27,21 @@ module Grape
 
     # (see ::joined_space_path)
     def self.joined_space(settings)
-      (settings || []).map(&:space).join('/')
+      settings&.map(&:space)
     end
 
     # Join the namespaces from a list of settings to create a path prefix.
     # @param settings [Array] list of Grape::Util::InheritableSettings.
     def self.joined_space_path(settings)
-      Grape::Router.normalize_path(joined_space(settings))
+      Grape::Router.normalize_path(JoinedSpaceCache[joined_space(settings)])
+    end
+
+    class JoinedSpaceCache < Grape::Util::Cache
+      def initialize
+        @cache = Hash.new do |h, joined_space|
+          h[joined_space] = -joined_space.join('/')
+        end
+      end
     end
   end
 end