hanami 2.0.0 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2ff0a8cf3ce1df8c90acbb5feb8352cc0f05d0981ad9b08ac4f6f62351e8d775
-  data.tar.gz: ec3ca71f07e1f4120fb6c4792163a2ffbf926de2160264a294563b6d2a6c77d1
+  metadata.gz: '099623ad9ce0088b28fc658340d85094d493f27e4320df725d4dfc062ee4939c'
+  data.tar.gz: 759492d76fb078f025d00e57d8c81cc5840ca769e5a20a0e50d20a0221c9a599
 SHA512:
-  metadata.gz: ce1c3e798ba14c6ec3778beb25b47feaf87bc32dd995797836cdb8a7af9b8e13a6d401e7005f8ec78cf3da4ec5cc5be086f0ff2763eb2082939900ede5f4bae3
-  data.tar.gz: eb4f586e78f1afa3f674ca3e9f7499d7699e4d0c432aef744f98d788a8a77398f11ee27bd9619ed98463bc8065a28d35e9cb8e73b41b18c4044aaab7c9549507
+  metadata.gz: fa25a5f37d22c1faf03906914f1c0a4f5d119ae39088df6878d75ef5c830b7be7632b2b633aa915619ff44990784016da4df666b5343b56166cb31a1f613a4ea
+  data.tar.gz: ff70c18b250591af4c2fbaf32532a7ca5cb00adbc17ab87a03e0bb0dddd0ca5a19a7440aa63d0abc9c1570d9784027a4981d2d097632852e7b69f150ebd56328

data/CHANGELOG.md

@@ -2,6 +2,23 @@
 
 The web, with simplicity.
 
+## v2.0.2 - 2022-12-25
+
+### Added
+
+- [Luca Guidi] Official support for Ruby 3.2
+
+### Fixed
+
+- [Luca Guidi] Content Security Policy: remove deprecated `plugin-types`
+
+## v2.0.1 - 2022-12-06
+
+### Fixed
+
+- [Luca Guidi] Ensure `Content-Security-Policy` HTTP response header to be returned as a single line
+- [Tim Riley] Ensure Rack events are on internal notifications system
+
 ## v2.0.0 - 2022-11-22
 
 ### Added

data/lib/hanami/app.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "constants"
+require_relative "env"
 
 module Hanami
   # The Hanami app is a singular slice tasked with managing the core components of the app and
@@ -28,8 +29,7 @@ module Hanami
       @_mutex.synchronize do
         subclass.class_eval do
           @config = Hanami::Config.new(app_name: slice_name, env: Hanami.env)
-
-          load_dotenv
+          Hanami::Env.load
         end
       end
     end
@@ -97,32 +97,6 @@ module Hanami
 
       private
 
-      # Uses [dotenv](https://github.com/bkeepers/dotenv) (if available) to populate `ENV` from
-      # various `.env` files.
-      #
-      # For a given `HANAMI_ENV` environment, the `.env` files are looked up in the following order:
-      #
-      # - .env.{environment}.local
-      # - .env.local (unless the environment is `test`)
-      # - .env.{environment}
-      # - .env
-      #
-      # If dotenv is unavailable, the method exits and does nothing.
-      def load_dotenv
-        return unless Hanami.bundled?("dotenv")
-
-        hanami_env = Hanami.env
-        dotenv_files = [
-          ".env.#{hanami_env}.local",
-          (".env.local" unless hanami_env == :test),
-          ".env.#{hanami_env}",
-          ".env"
-        ].compact
-
-        require "dotenv"
-        Dotenv.load(*dotenv_files)
-      end
-
       def prepare_all
         prepare_load_path
 

data/lib/hanami/config/actions/content_security_policy.rb

@@ -22,7 +22,6 @@ module Hanami
             img_src: "'self' https: data:",
             media_src: "'self'",
             object_src: "'none'",
-            plugin_types: "application/pdf",
             script_src: "'self'",
             style_src: "'self' 'unsafe-inline' https:"
           }
@@ -102,7 +101,7 @@ module Hanami
         def to_s
           @policy.map do |key, value|
             "#{dasherize(key)} #{value}"
-          end.join(";\n")
+          end.join(";")
         end
 
         private

data/lib/hanami/env.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Hanami
+  module Env
+    # @since 2.0.1
+    # @api private
+    @_loaded = false
+
+    # Uses [dotenv](https://github.com/bkeepers/dotenv) (if available) to populate `ENV` from
+    # various `.env` files.
+    #
+    # For a given `HANAMI_ENV` environment, the `.env` files are looked up in the following order:
+    #
+    # - .env.{environment}.local
+    # - .env.local (unless the environment is `test`)
+    # - .env.{environment}
+    # - .env
+    #
+    # If dotenv is unavailable, the method exits and does nothing.
+    #
+    # @since 2.0.1
+    # @api private
+    def self.load(env = Hanami.env)
+      return unless Hanami.bundled?("dotenv")
+      return if loaded?
+
+      dotenv_files = [
+        ".env.#{env}.local",
+        (".env.local" unless env == :test),
+        ".env.#{env}",
+        ".env"
+      ].compact
+
+      require "dotenv"
+      Dotenv.load(*dotenv_files)
+
+      loaded!
+    end
+
+    # @since 2.0.1
+    # @api private
+    def self.loaded?
+      @_loaded
+    end
+
+    # @since 2.0.1
+    # @api private
+    def self.loaded!
+      @_loaded = true
+    end
+  end
+end

data/lib/hanami/port.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module Hanami
+  # @since 2.0.1
+  # @api private
+  module Port
+    # @since 2.0.1
+    # @api private
+    DEFAULT = 2300
+
+    # @since 2.0.1
+    # @api private
+    ENV_VAR = "HANAMI_PORT"
+
+    # @since 2.0.1
+    # @api private
+    def self.call(value, env = ENV.fetch(ENV_VAR, nil))
+      return Integer(value) if !value.nil? && !default?(value)
+      return Integer(env) unless env.nil?
+      return Integer(value) unless value.nil?
+
+      DEFAULT
+    end
+
+    # @since 2.0.1
+    # @api private
+    def self.call!(value)
+      return if default?(value)
+
+      ENV[ENV_VAR] = value.to_s
+    end
+
+    # @since 2.0.1
+    # @api private
+    def self.default?(value)
+      value.to_i == DEFAULT
+    end
+
+    class << self
+      # @since 2.0.1
+      # @api private
+      alias_method :[], :call
+    end
+  end
+end

data/lib/hanami/providers/rack.rb

@@ -15,20 +15,27 @@ module Hanami
     class Rack < Dry::System::Provider::Source
       # @api private
       def prepare
-        require "dry/monitor"
-        require "hanami/web/rack_logger"
-
         Dry::Monitor.load_extensions(:rack)
+
+        # Explicitly register the Rack middleware events on our notifications bus. The Dry::Monitor
+        # rack extension (activated above) does register these globally, but if the notifications
+        # bus has been used before this provider loads, then it will have created its own separate
+        # locally copy of all registered events as of that moment in time, which will not included
+        # the Rack events globally reigstered above.
+        notifications = target["notifications"]
+        notifications.register_event(Dry::Monitor::Rack::Middleware::REQUEST_START)
+        notifications.register_event(Dry::Monitor::Rack::Middleware::REQUEST_STOP)
+        notifications.register_event(Dry::Monitor::Rack::Middleware::REQUEST_ERROR)
       end
 
       # @api private
       def start
         target.start :logger
 
-        notifications = target[:notifications]
-
-        clock = Dry::Monitor::Clock.new(unit: :microsecond)
-        monitor_middleware = Dry::Monitor::Rack::Middleware.new(notifications, clock: clock)
+        monitor_middleware = Dry::Monitor::Rack::Middleware.new(
+          target["notifications"],
+          clock: Dry::Monitor::Clock.new(unit: :microsecond)
+        )
 
         rack_logger = Hanami::Web::RackLogger.new(target[:logger], env: target.env)
         rack_logger.attach(monitor_middleware)

data/lib/hanami/version.rb

@@ -7,7 +7,7 @@ module Hanami
   # @api private
   module Version
     # @api public
-    VERSION = "2.0.0"
+    VERSION = "2.0.2"
 
     # @since 0.9.0
     # @api private

data/spec/integration/dotenv_loading_spec.rb

@@ -5,6 +5,7 @@
 RSpec.describe "Dotenv loading", :app_integration do
   before do
     @orig_env = ENV.to_h
+    allow(Hanami::Env).to receive(:loaded?).and_return(false)
   end
 
   after do

data/spec/integration/rack_app/rack_app_spec.rb

@@ -87,7 +87,7 @@ RSpec.describe "Hanami web app", :app_integration do
         end
       RUBY
 
-      require "hanami/boot"
+      require "hanami/prepare"
 
       expect(Hanami.app["rack.monitor"]).to be_instance_of(Dry::Monitor::Rack::Middleware)
 
@@ -114,7 +114,63 @@ RSpec.describe "Hanami web app", :app_integration do
     end
   end
 
-  describe "Request logging when using a slice" do
+  specify "Logging via the rack monitor even when notifications bus has already been used" do
+    dir = Dir.mktmpdir
+
+    with_tmp_directory(dir) do
+      write "config/app.rb", <<~RUBY
+        require "hanami"
+
+        module TestApp
+          class App < Hanami::App
+            config.actions.format :json
+            config.logger.options = {colorize: true}
+            config.logger.stream = config.root.join("test.log")
+          end
+        end
+      RUBY
+
+      write "config/routes.rb", <<~RUBY
+        module TestApp
+          class Routes < Hanami::Routes
+            post "/users", to: "users.create"
+          end
+        end
+      RUBY
+
+      write "app/actions/users/create.rb", <<~RUBY
+        module TestApp
+          module Actions
+            module Users
+              class Create < Hanami::Action
+                def handle(req, resp)
+                  resp.body = req.params.to_h.keys
+                end
+              end
+            end
+          end
+        end
+      RUBY
+
+      require "hanami/prepare"
+
+      # Simulate any component interacting with the notifications bus such that it creates its
+      # internal bus with a duplicate copy of all currently registered events. This means that the
+      # class-level Dry::Monitor::Notification events implicitly registered by the
+      # Dry::Monitor::Rack::Middleware activated via the rack provider are ignored, unless our
+      # provider explicitly re-registers them on _instance_ of the notifications bus.
+      #
+      # See Hanami::Providers::Rack for more detail.
+      Hanami.app["notifications"].instrument(:sql)
+
+      logs = -> { Pathname(dir).join("test.log").realpath.read }
+
+      post "/users", JSON.generate(name: "jane", password: "secret"), {"CONTENT_TYPE" => "application/json"}
+      expect(logs.()).to match %r{POST 200 \d+(µs|ms) 127.0.0.1 /}
+    end
+  end
+
+  describe "Request logging when using slice router" do
     let(:app) { Main::Slice.rack_app }
 
     specify "Has rack monitor preconfigured with default request logging (when used via a slice)" do
@@ -139,7 +195,7 @@ RSpec.describe "Hanami web app", :app_integration do
           end
         RUBY
 
-        require "hanami/boot"
+        require "hanami/prepare"
 
         get "/"
 

data/spec/integration/settings/access_in_slice_class_body_spec.rb

@@ -3,6 +3,7 @@
 RSpec.describe "Settings / Access within slice class bodies", :app_integration do
   before do
     @env = ENV.to_h
+    allow(Hanami::Env).to receive(:loaded?).and_return(false)
   end
 
   after do

data/spec/integration/settings/loading_from_env_spec.rb

@@ -3,6 +3,7 @@
 RSpec.describe "Settings / Access to constants", :app_integration do
   before do
     @env = ENV.to_h
+    allow(Hanami::Env).to receive(:loaded?).and_return(false)
   end
 
   after do

data/spec/unit/hanami/config/actions/content_security_policy_spec.rb

@@ -13,21 +13,20 @@ RSpec.describe Hanami::Config::Actions, "#content_security_policy" do
         expect(content_security_policy[:base_uri]).to eq("'self'")
 
         expected = [
-          %(base-uri 'self';),
-          %(child-src 'self';),
-          %(connect-src 'self';),
-          %(default-src 'none';),
-          %(font-src 'self';),
-          %(form-action 'self';),
-          %(frame-ancestors 'self';),
-          %(frame-src 'self';),
-          %(img-src 'self' https: data:;),
-          %(media-src 'self';),
-          %(object-src 'none';),
-          %(plugin-types application/pdf;),
-          %(script-src 'self';),
+          %(base-uri 'self'),
+          %(child-src 'self'),
+          %(connect-src 'self'),
+          %(default-src 'none'),
+          %(font-src 'self'),
+          %(form-action 'self'),
+          %(frame-ancestors 'self'),
+          %(frame-src 'self'),
+          %(img-src 'self' https: data:),
+          %(media-src 'self'),
+          %(object-src 'none'),
+          %(script-src 'self'),
           %(style-src 'self' 'unsafe-inline' https:)
-        ].join("\n")
+        ].join(";")
 
         expect(content_security_policy.to_s).to eq(expected)
       end
@@ -62,10 +61,10 @@ RSpec.describe Hanami::Config::Actions, "#content_security_policy" do
     end
 
     it "nullifies value" do
-      content_security_policy[:plugin_types] = nil
+      content_security_policy[:object_src] = nil
 
-      expect(content_security_policy[:plugin_types]).to be(nil)
-      expect(content_security_policy.to_s).to match("plugin-types ;")
+      expect(content_security_policy[:object_src]).to be(nil)
+      expect(content_security_policy.to_s).to match("object-src ;")
     end
 
     it "deletes key" do

data/spec/unit/hanami/port_spec.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require "hanami/port"
+
+RSpec.describe Hanami::Port do
+  context "Hanami::Port::DEFAULT" do
+    it "returns default value" do
+      expect(Hanami::Port::DEFAULT).to eq(2300)
+    end
+  end
+
+  context "Hanami::Port::ENV_VAR" do
+    it "returns default value" do
+      expect(Hanami::Port::ENV_VAR).to eq("HANAMI_PORT")
+    end
+  end
+
+  context ".call" do
+    let(:value) { nil }
+    let(:env) { nil }
+
+    it "is aliased as .[]" do
+      expect(described_class[value, env]).to be(2300)
+    end
+
+    context "when ENV var is nil" do
+      context "and value is nil" do
+        it "returns default value" do
+          expect(described_class.call(value, env)).to be(2300)
+        end
+      end
+
+      context "and value is not nil" do
+        let(:value) { 18_000 }
+
+        it "returns given value" do
+          expect(described_class.call(value, env)).to be(value)
+        end
+
+        context "and value is default" do
+          let(:value) { 2300 }
+
+          it "returns given value" do
+            expect(described_class.call(value, env)).to be(value)
+          end
+        end
+      end
+    end
+
+    context "when ENV var not nil" do
+      let(:env) { 9000 }
+
+      context "and value is nil" do
+        it "returns env value" do
+          expect(described_class.call(value, env)).to be(env)
+        end
+      end
+
+      context "and value is not nil" do
+        let(:value) { 18_000 }
+
+        it "returns given value" do
+          expect(described_class.call(value, env)).to be(value)
+        end
+
+        context "and value is default" do
+          let(:value) { 2300 }
+
+          it "returns env value" do
+            expect(described_class.call(value, env)).to be(env)
+          end
+        end
+      end
+    end
+  end
+
+  context ".call!" do
+    before { ENV.delete("HANAMI_PORT") }
+    let(:value) { 2300 }
+
+    context "when given value is default" do
+      it "doesn't set env var" do
+        described_class.call!(value)
+
+        expect(ENV.key?("HANAMI_PORT")).to be(false)
+      end
+    end
+
+    context "when given value isn't default" do
+      let(:value) { 9000 }
+
+      it "set env var" do
+        described_class.call!(value)
+
+        expect(ENV.fetch("HANAMI_PORT")).to eq(value.to_s)
+      end
+    end
+  end
+
+  context ".default?" do
+    context "when given value is default" do
+      let(:value) { 2300 }
+
+      it "returns true" do
+        expect(described_class.default?(value)).to be(true)
+      end
+    end
+
+    context "when given value isn't default" do
+      let(:value) { 9000 }
+
+      it "returns false" do
+        expect(described_class.default?(value)).to be(false)
+      end
+    end
+  end
+end

data/spec/unit/hanami/version_spec.rb

@@ -2,6 +2,6 @@
 
 RSpec.describe "Hanami::VERSION" do
   it "returns current version" do
-    expect(Hanami::VERSION).to eq("2.0.0")
+    expect(Hanami::VERSION).to eq("2.0.2")
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hanami
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.0.2
 platform: ruby
 authors:
 - Luca Guidi
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-22 00:00:00.000000000 Z
+date: 2022-12-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -268,6 +268,7 @@ files:
 - lib/hanami/config/router.rb
 - lib/hanami/config/views.rb
 - lib/hanami/constants.rb
+- lib/hanami/env.rb
 - lib/hanami/errors.rb
 - lib/hanami/extensions.rb
 - lib/hanami/extensions/action.rb
@@ -276,6 +277,7 @@ files:
 - lib/hanami/extensions/view/context.rb
 - lib/hanami/extensions/view/slice_configured_context.rb
 - lib/hanami/extensions/view/slice_configured_view.rb
+- lib/hanami/port.rb
 - lib/hanami/prepare.rb
 - lib/hanami/providers/inflector.rb
 - lib/hanami/providers/logger.rb
@@ -376,6 +378,7 @@ files:
 - spec/unit/hanami/config/slices_spec.rb
 - spec/unit/hanami/config/views_spec.rb
 - spec/unit/hanami/env_spec.rb
+- spec/unit/hanami/port_spec.rb
 - spec/unit/hanami/settings/env_store_spec.rb
 - spec/unit/hanami/settings_spec.rb
 - spec/unit/hanami/slice_configurable_spec.rb
@@ -404,7 +407,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.4.1
 signing_key:
 specification_version: 4
 summary: The web, with simplicity
@@ -488,6 +491,7 @@ test_files:
 - spec/unit/hanami/config/slices_spec.rb
 - spec/unit/hanami/config/views_spec.rb
 - spec/unit/hanami/env_spec.rb
+- spec/unit/hanami/port_spec.rb
 - spec/unit/hanami/settings/env_store_spec.rb
 - spec/unit/hanami/settings_spec.rb
 - spec/unit/hanami/slice_configurable_spec.rb