hanami 1.3.5 → 2.0.0.alpha1

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hanami
 version: !ruby/object:Gem::Version
-  version: 1.3.5
+  version: 2.0.0.alpha1
 platform: ruby
 authors:
 - Luca Guidi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-18 00:00:00.000000000 Z
+date: 2019-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hanami-utils
@@ -16,159 +16,97 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.0.alpha
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-- !ruby/object:Gem::Dependency
-  name: hanami-validations
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.3'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '3'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.3'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '3'
+        version: 2.0.alpha
 - !ruby/object:Gem::Dependency
   name: hanami-router
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.0.alpha
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.0.alpha
 - !ruby/object:Gem::Dependency
   name: hanami-controller
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.3.3
+        version: 2.0.alpha
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.3.3
+        version: 2.0.alpha
 - !ruby/object:Gem::Dependency
-  name: hanami-view
+  name: hanami-cli
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.0.alpha
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.0.alpha
 - !ruby/object:Gem::Dependency
-  name: hanami-helpers
+  name: dry-system
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0.10'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0.10'
 - !ruby/object:Gem::Dependency
-  name: hanami-mailer
+  name: dry-inflector
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-- !ruby/object:Gem::Dependency
-  name: hanami-assets
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.3'
-- !ruby/object:Gem::Dependency
-  name: dry-cli
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+        version: '0.1'
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
-- !ruby/object:Gem::Dependency
-  name: concurrent-ruby
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+        version: '0.1'
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: 0.1.2
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '1.16'
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
@@ -178,7 +116,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '1.16'
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
@@ -188,14 +126,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.7'
+        version: '3.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.7'
+        version: '3.8'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -210,34 +148,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
-- !ruby/object:Gem::Dependency
-  name: aruba
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.14'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.14'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.0'
+        version: '12.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.0'
+        version: '12.0'
 description: Hanami is a web framework for Ruby
 email:
 - me@lucaguidi.com
@@ -254,139 +178,21 @@ files:
 - bin/hanami
 - hanami.gemspec
 - lib/hanami.rb
-- lib/hanami/action/csrf_protection.rb
-- lib/hanami/action/routing_helpers.rb
-- lib/hanami/app.rb
 - lib/hanami/application.rb
-- lib/hanami/application_configuration.rb
-- lib/hanami/application_name.rb
-- lib/hanami/application_namespace.rb
-- lib/hanami/assets/asset.rb
-- lib/hanami/assets/static.rb
+- lib/hanami/boot.rb
 - lib/hanami/cli/commands.rb
-- lib/hanami/cli/commands/assets.rb
-- lib/hanami/cli/commands/assets/precompile.rb
 - lib/hanami/cli/commands/command.rb
-- lib/hanami/cli/commands/console.rb
-- lib/hanami/cli/commands/db.rb
-- lib/hanami/cli/commands/db/apply.rb
-- lib/hanami/cli/commands/db/console.rb
-- lib/hanami/cli/commands/db/create.rb
-- lib/hanami/cli/commands/db/drop.rb
-- lib/hanami/cli/commands/db/migrate.rb
-- lib/hanami/cli/commands/db/prepare.rb
-- lib/hanami/cli/commands/db/rollback.rb
-- lib/hanami/cli/commands/db/version.rb
-- lib/hanami/cli/commands/destroy.rb
-- lib/hanami/cli/commands/destroy/action.rb
-- lib/hanami/cli/commands/destroy/app.rb
-- lib/hanami/cli/commands/destroy/mailer.rb
-- lib/hanami/cli/commands/destroy/migration.rb
-- lib/hanami/cli/commands/destroy/model.rb
-- lib/hanami/cli/commands/generate.rb
-- lib/hanami/cli/commands/generate/action.rb
-- lib/hanami/cli/commands/generate/action/action.erb
-- lib/hanami/cli/commands/generate/action/action_spec.minitest.erb
-- lib/hanami/cli/commands/generate/action/action_spec.rspec.erb
-- lib/hanami/cli/commands/generate/action/action_without_view.erb
-- lib/hanami/cli/commands/generate/action/view.erb
-- lib/hanami/cli/commands/generate/action/view_spec.minitest.erb
-- lib/hanami/cli/commands/generate/action/view_spec.rspec.erb
-- lib/hanami/cli/commands/generate/app.rb
-- lib/hanami/cli/commands/generate/app/application.erb
-- lib/hanami/cli/commands/generate/app/favicon.ico
-- lib/hanami/cli/commands/generate/app/gitkeep.erb
-- lib/hanami/cli/commands/generate/app/layout.erb
-- lib/hanami/cli/commands/generate/app/layout_spec.minitest.erb
-- lib/hanami/cli/commands/generate/app/layout_spec.rspec.erb
-- lib/hanami/cli/commands/generate/app/routes.erb
-- lib/hanami/cli/commands/generate/app/template.erb.erb
-- lib/hanami/cli/commands/generate/app/template.haml.erb
-- lib/hanami/cli/commands/generate/app/template.slim.erb
-- lib/hanami/cli/commands/generate/mailer.rb
-- lib/hanami/cli/commands/generate/mailer/mailer.erb
-- lib/hanami/cli/commands/generate/mailer/mailer_spec.minitest.erb
-- lib/hanami/cli/commands/generate/mailer/mailer_spec.rspec.erb
-- lib/hanami/cli/commands/generate/migration.rb
-- lib/hanami/cli/commands/generate/migration/migration.erb
-- lib/hanami/cli/commands/generate/model.rb
-- lib/hanami/cli/commands/generate/model/entity.erb
-- lib/hanami/cli/commands/generate/model/entity_spec.minitest.erb
-- lib/hanami/cli/commands/generate/model/entity_spec.rspec.erb
-- lib/hanami/cli/commands/generate/model/migration.erb
-- lib/hanami/cli/commands/generate/model/repository.erb
-- lib/hanami/cli/commands/generate/model/repository_spec.minitest.erb
-- lib/hanami/cli/commands/generate/model/repository_spec.rspec.erb
-- lib/hanami/cli/commands/generate/secret.rb
-- lib/hanami/cli/commands/new.rb
-- lib/hanami/cli/commands/new/.env.development.erb
-- lib/hanami/cli/commands/new/.env.test.erb
-- lib/hanami/cli/commands/new/.gitkeep.erb
-- lib/hanami/cli/commands/new/Gemfile.erb
-- lib/hanami/cli/commands/new/README.md.erb
-- lib/hanami/cli/commands/new/config.ru.erb
-- lib/hanami/cli/commands/new/config/boot.erb
-- lib/hanami/cli/commands/new/config/environment.erb
-- lib/hanami/cli/commands/new/gitignore.erb
-- lib/hanami/cli/commands/new/gitignore_with_sqlite.erb
-- lib/hanami/cli/commands/new/hanamirc.erb
-- lib/hanami/cli/commands/new/lib/project.erb
-- lib/hanami/cli/commands/new/minitest/Rakefile.erb
-- lib/hanami/cli/commands/new/minitest/features_helper.erb
-- lib/hanami/cli/commands/new/minitest/spec_helper.erb
-- lib/hanami/cli/commands/new/rspec/Rakefile.erb
-- lib/hanami/cli/commands/new/rspec/capybara.erb
-- lib/hanami/cli/commands/new/rspec/features_helper.erb
-- lib/hanami/cli/commands/new/rspec/rspec.erb
-- lib/hanami/cli/commands/new/rspec/spec_helper.erb
-- lib/hanami/cli/commands/new/schema.sql.erb
-- lib/hanami/cli/commands/project.rb
-- lib/hanami/cli/commands/routes.rb
 - lib/hanami/cli/commands/server.rb
-- lib/hanami/cli/commands/templates.rb
-- lib/hanami/cli/commands/version.rb
-- lib/hanami/common_logger.rb
-- lib/hanami/components.rb
-- lib/hanami/components/app/assets.rb
-- lib/hanami/components/app/controller.rb
-- lib/hanami/components/app/routes.rb
-- lib/hanami/components/app/view.rb
-- lib/hanami/components/component.rb
-- lib/hanami/components/components.rb
-- lib/hanami/components/routes_inspector.rb
-- lib/hanami/config/cookies.rb
-- lib/hanami/config/framework_configuration.rb
-- lib/hanami/config/load_paths.rb
-- lib/hanami/config/mapper.rb
-- lib/hanami/config/routes.rb
-- lib/hanami/config/security.rb
-- lib/hanami/config/sessions.rb
 - lib/hanami/configuration.rb
-- lib/hanami/configuration/app.rb
+- lib/hanami/configuration/cookies.rb
 - lib/hanami/configuration/middleware.rb
-- lib/hanami/early_hints.rb
-- lib/hanami/env.rb
-- lib/hanami/environment.rb
-- lib/hanami/environment_application_configurations.rb
+- lib/hanami/configuration/security.rb
+- lib/hanami/configuration/sessions.rb
+- lib/hanami/container.rb
 - lib/hanami/frameworks.rb
-- lib/hanami/hanamirc.rb
-- lib/hanami/mailer/glue.rb
-- lib/hanami/middleware_stack.rb
-- lib/hanami/rake_helper.rb
-- lib/hanami/rake_tasks.rb
-- lib/hanami/rendering_policy.rb
 - lib/hanami/routes.rb
-- lib/hanami/routing/default.rb
 - lib/hanami/server.rb
-- lib/hanami/setup.rb
-- lib/hanami/static.rb
-- lib/hanami/templates/default.html.erb
-- lib/hanami/templates/welcome.html.erb
 - lib/hanami/version.rb
-- lib/hanami/views/default.rb
-- lib/hanami/views/default_template_finder.rb
-- lib/hanami/views/null_view.rb
-- lib/hanami/welcome.rb
 homepage: http://hanamirb.org
 licenses:
 - MIT
@@ -400,17 +206,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
-  - - "<"
-    - !ruby/object:Gem::Version
-      version: '3'
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
-rubygems_version: 3.2.2
+rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
 summary: The web, with simplicity

data/lib/hanami/action/csrf_protection.rb

@@ -1,211 +0,0 @@
-require 'securerandom'
-
-module Hanami
-  # @api private
-  module Action
-    # Invalid CSRF Token
-    #
-    # @since 0.4.0
-    class InvalidCSRFTokenError < ::StandardError
-    end
-
-    # CSRF Protection
-    #
-    # This security mechanism is enabled automatically if sessions are turned on.
-    #
-    # It stores a "challenge" token in session. For each "state changing request"
-    # (eg. <tt>POST</tt>, <tt>PATCH</tt> etc..), we should send a special param:
-    # <tt>_csrf_token</tt>.
-    #
-    # If the param matches with the challenge token, the flow can continue.
-    # Otherwise the application detects an attack attempt, it reset the session
-    # and <tt>Hanami::Action::InvalidCSRFTokenError</tt> is raised.
-    #
-    # We can specify a custom handling strategy, by overriding <tt>#handle_invalid_csrf_token</tt>.
-    #
-    # Form helper (<tt>#form_for</tt>) automatically sets a hidden field with the
-    # correct token. A special view method (<tt>#csrf_token</tt>) is available in
-    # case the form markup is manually crafted.
-    #
-    # We can disable this check on action basis, by overriding <tt>#verify_csrf_token?</tt>.
-    #
-    # @since 0.4.0
-    #
-    # @see https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29
-    # @see https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
-    #
-    # @example Custom Handling
-    #   module Web::Controllers::Books
-    #     class Create
-    #       include Web::Action
-    #
-    #       def call(params)
-    #         # ...
-    #       end
-    #
-    #       private
-    #
-    #       def handle_invalid_csrf_token
-    #         Web::Logger.warn "CSRF attack: expected #{ session[:_csrf_token] }, was #{ params[:_csrf_token] }"
-    #         # manual handling
-    #       end
-    #     end
-    #   end
-    #
-    # @example Bypass Security Check
-    #   module Web::Controllers::Books
-    #     class Create
-    #       include Web::Action
-    #
-    #       def call(params)
-    #         # ...
-    #       end
-    #
-    #       private
-    #
-    #       def verify_csrf_token?
-    #         false
-    #       end
-    #     end
-    #   end
-    module CSRFProtection
-      # Session and params key for CSRF token.
-      #
-      # This key is shared with <tt>hanami-controller</tt> and <tt>hanami-helpers</tt>
-      #
-      # @since 0.4.0
-      # @api private
-      CSRF_TOKEN = :_csrf_token
-
-      # Idempotent HTTP methods
-      #
-      # By default, the check isn't performed if the request method is included
-      # in this list.
-      #
-      # @since 0.4.0
-      # @api private
-      IDEMPOTENT_HTTP_METHODS = Hash[
-        'GET'     => true,
-        'HEAD'    => true,
-        'TRACE'   => true,
-        'OPTIONS' => true
-      ].freeze
-
-      # @since 0.4.0
-      # @api private
-      def self.included(action)
-        action.class_eval do
-          before :set_csrf_token, :verify_csrf_token
-        end unless Hanami.env?(:test)
-      end
-
-      private
-      # Set CSRF Token in session
-      #
-      # @since 0.4.0
-      # @api private
-      def set_csrf_token
-        session[CSRF_TOKEN] ||= generate_csrf_token
-      end
-
-      # Verify if CSRF token from params, matches the one stored in session.
-      # If not, it raises an error.
-      #
-      # Don't override this method.
-      #
-      # To bypass the security check, please override <tt>#verify_csrf_token?</tt>.
-      # For custom handling of an attack, please override <tt>#handle_invalid_csrf_token</tt>.
-      #
-      # @since 0.4.0
-      # @api private
-      def verify_csrf_token
-        handle_invalid_csrf_token if invalid_csrf_token?
-      end
-
-      # Verify if CSRF token from params, matches the one stored in session.
-      #
-      # Don't override this method.
-      #
-      # @since 0.4.0
-      # @api private
-      def invalid_csrf_token?
-        return false unless verify_csrf_token?
-
-        missing_csrf_token? ||
-          !::Rack::Utils.secure_compare(session[CSRF_TOKEN], params[CSRF_TOKEN])
-      end
-
-      # Verify the CSRF token was passed in params.
-      #
-      # @api private
-      def missing_csrf_token?
-        Hanami::Utils::Blank.blank?(params[CSRF_TOKEN])
-      end
-
-      # Generates a random CSRF Token
-      #
-      # @since 0.4.0
-      # @api private
-      def generate_csrf_token
-        SecureRandom.hex(32)
-      end
-
-      # Decide if perform the check or not.
-      #
-      # Override and return <tt>false</tt> if you want to bypass security check.
-      #
-      # @since 0.4.0
-      #
-      # @example
-      #   module Web::Controllers::Books
-      #     class Create
-      #       include Web::Action
-      #
-      #       def call(params)
-      #         # ...
-      #       end
-      #
-      #       private
-      #
-      #       def verify_csrf_token?
-      #         false
-      #       end
-      #     end
-      #   end
-      def verify_csrf_token?
-        !IDEMPOTENT_HTTP_METHODS[request_method]
-      end
-
-      # Handle CSRF attack.
-      #
-      # The default policy resets the session and raises an exception.
-      #
-      # Override this method, for custom handling.
-      #
-      # @raise [Hanami::Action::InvalidCSRFTokenError]
-      #
-      # @since 0.4.0
-      #
-      # @example
-      #   module Web::Controllers::Books
-      #     class Create
-      #       include Web::Action
-      #
-      #       def call(params)
-      #         # ...
-      #       end
-      #
-      #       private
-      #
-      #       def handle_invalid_csrf_token
-      #         # custom invalid CSRF management goes here
-      #       end
-      #     end
-      #   end
-      def handle_invalid_csrf_token
-        session.clear
-        raise InvalidCSRFTokenError.new
-      end
-    end
-  end
-end

data/lib/hanami/action/routing_helpers.rb

@@ -1,40 +0,0 @@
-require 'hanami/utils/string'
-
-module Hanami
-  module Action
-    # Routing helper for full stack Hanami web applications.
-    #
-    # For a given application called <tt>Web::Application</tt>, at runtime
-    # Hanami creates a routes factory called <tt>Web::Routes</tt>.
-    #
-    # Included by default in every controller.
-    #
-    # @since 0.3.2
-    #
-    # @example Usage in controller
-    #   require 'hanami'
-    #
-    #   module Web::Controllers::Protected
-    #     class Index
-    #       include Web::Action
-    #
-    #       def call(params)
-    #         redirect_to routes.root_path
-    #       end
-    #     end
-    #   end
-    module RoutingHelpers
-      def self.included(base)
-        factory = "#{Utils::String.namespace(base)}.routes"
-
-        base.class_eval <<-END_EVAL, __FILE__, __LINE__
-          private
-
-          def routes
-            #{factory}
-          end
-        END_EVAL
-      end
-    end
-  end
-end