image_size 3.4.0 → 3.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d88e4be6d69bedc0f976c9b73544a20ac08ab66d6b44ce1061d1374f9d2a9dc8
-  data.tar.gz: 5b2986943b8bbeb339d0c31d0a98c5847a1a86141d5e754adaf0bd01e3d8d60f
+  metadata.gz: e7880ff3fdbcfdbbc6e3248c79ef59adea338f21c63c285323c5b01bdf699477
+  data.tar.gz: b8ce40e97bc91a2f7e91a9ce3f47d17f06aa38a6a28f7e534837c1f668cc51e2
 SHA512:
-  metadata.gz: 1b75df7c37cbcca0886eade3e47b082cde0468331c954d0605130cba564bb7718d777628599fea7332e2ae1ef9f15b80ce77072352a109dadbf9749fea049572
-  data.tar.gz: ffc57b47280776fc7be3cb2866699f32f90a2e036b2dca703ac4262aa77750032ffb54700437958ba7b4948c934d5ea6e41f2acad4e7e71ddec84a98f18edabf
+  metadata.gz: 027e0f32e86acf19b92cb00404dfb2b26f0989ed13d07247512ff024d058a245d62b3b252e2605ff1d79a41636cb87874f2f556f3e2cdcaf2727efe3fc91efe2
+  data.tar.gz: b8a5074adaa1d08d6b3b8d9d1a5da5c5239e1ea46b345fc13ffbf5ba75736d826beaeceb38b09aec7267f6c934856c1237c9c514ecad3fb6e9701b0846352f0d

data/.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: daily
+    cooldown:
+      default-days: 7

data/.github/workflows/check.yml

@@ -4,12 +4,17 @@ on:
   pull_request:
   schedule:
   - cron: 45 4 * * 3
+permissions:
+  contents: read
 jobs:
   check:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     strategy:
       matrix:
         ruby:
+        - '1.9.3'
+        - '2.0'
+        - '2.1'
         - '2.3'
         - '2.4'
         - '2.5'
@@ -19,31 +24,18 @@ jobs:
         - '3.1'
         - '3.2'
         - '3.3'
-        - jruby-9.3
+        - '3.4'
+        - '4.0'
         - jruby-9.4
+        - jruby-10.1
       fail-fast: false
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v6
     - uses: ruby/setup-ruby@v1
       with:
         ruby-version: "${{ matrix.ruby }}"
         bundler-cache: true
     - run: bundle exec rspec --format documentation
-  legacy:
-    runs-on: ubuntu-latest
-    container: ${{ matrix.container }}
-    strategy:
-      matrix:
-        container:
-        - rspec/ci:1.9.3
-        - ruby:2.0
-        - ruby:2.1
-        - ruby:2.2
-      fail-fast: false
-    steps:
-    - uses: actions/checkout@v3
-    - run: bundle install
-    - run: bundle exec rspec --format documentation
   windows:
     runs-on: windows-latest
     strategy:
@@ -55,9 +47,11 @@ jobs:
         - '3.1'
         - '3.2'
         - '3.3'
+        - '3.4'
+        - '4.0'
       fail-fast: false
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v6
     - uses: ruby/setup-ruby@v1
       with:
         ruby-version: "${{ matrix.ruby }}"

data/.github/workflows/rubocop.yml

@@ -4,13 +4,15 @@ on:
   pull_request:
   schedule:
   - cron: 45 4 * * 3
+permissions:
+  contents: read
 jobs:
   rubocop:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v6
     - uses: ruby/setup-ruby@v1
       with:
-        ruby-version: '3'
+        ruby-version: '4'
         bundler-cache: true
     - run: bundle exec rubocop

data/.rubocop.yml

@@ -50,6 +50,9 @@ Style/NumericPredicate:
 Style/SafeNavigation:
   Enabled: false
 
+Style/SignalException:
+  EnforcedStyle: semantic
+
 Style/SlicingWithRange:
   Enabled: false
 

data/.rubocop_todo.yml

@@ -20,9 +20,3 @@ Metrics/CyclomaticComplexity:
 # Configuration parameters: IgnoredMethods.
 Metrics/PerceivedComplexity:
   Enabled: false
-
-# Offense count: 8
-# Cop supports --auto-correct.
-Style/PerlBackrefs:
-  Exclude:
-    - 'lib/image_size.rb'

data/CHANGELOG.markdown

@@ -2,11 +2,24 @@
 
 ## unreleased
 
+## v3.6.0 (2026-05-26)
+
+* Support `.icns` Apple Icon Image format [@toy](https://github.com/toy)
+
+## v3.5.0 (2026-05-03)
+
+* Add `byte_size` method to expose the size of the image data in bytes [#27](https://github.com/toy/image_size/pull/27) [@dgodd](https://github.com/dgodd)
+* Add minimal validation of `dpi` global configuration [@toy](https://github.com/toy)
+* Make `chunk_size` globally configurable [@toy](https://github.com/toy)
+* Make `max_redirects` globally configurable [@toy](https://github.com/toy)
+* Prevent requesting chunks over http after end of file [#29](https://github.com/toy/image_size/issues/29) [@toy](https://github.com/toy)
+* Add ability to restrict fetched URIs by setting `uri_checker` proc [@toy](https://github.com/toy)
+
 ## v3.4.0 (2024-01-16)
 
-* Provide access to media types using media_type and media_types methods [#22](https://github.com/toy/image_size/issues/22) [@toy](https://github.com/toy)
-* Allow fetching from HTTP server by requiring image_size/uri [@toy](https://github.com/toy)
-* Fix for ArgumentError when requiring only image_size/uri_reader (without image_size) [@toy](https://github.com/toy)
+* Provide access to media types using `media_type` and `media_types` methods [#22](https://github.com/toy/image_size/issues/22) [@toy](https://github.com/toy)
+* Allow fetching from HTTP server by requiring `image_size/uri` [@toy](https://github.com/toy)
+* Fix for `ArgumentError` when requiring only `image_size/uri_reader` (without image_size) [@toy](https://github.com/toy)
 * Require ruby 1.9.3 [@toy](https://github.com/toy)
 
 ## v3.3.0 (2023-05-30)

data/README.markdown

@@ -1,11 +1,11 @@
 [![Gem Version](https://img.shields.io/gem/v/image_size?logo=rubygems)](https://rubygems.org/gems/image_size)
-[![Build Status](https://img.shields.io/github/actions/workflow/status/toy/image_size/check.yml?logo=github)](https://github.com/toy/image_size/actions/workflows/check.yml)
+[![Check](https://img.shields.io/github/actions/workflow/status/toy/image_size/check.yml?label=check&logo=github)](https://github.com/toy/image_size/actions/workflows/check.yml)
 [![Rubocop](https://img.shields.io/github/actions/workflow/status/toy/image_size/rubocop.yml?label=rubocop&logo=rubocop)](https://github.com/toy/image_size/actions/workflows/rubocop.yml)
 
 # image_size
 
 Measure image size/dimensions using pure Ruby.
-Formats: `apng`, `avif`, `bmp`, `cur`, `emf`, `gif`, `heic`, `heif`, `ico`, `j2c`, `jp2`, `jpeg`, `jpx`, `mng`, `pam`, `pbm`, `pcx`, `pgm`, `png`, `ppm`, `psd`, `svg`, `swf`, `tiff`, `webp`, `xbm`, `xpm`.
+Formats: `apng`, `avif`, `bmp`, `cur`, `emf`, `gif`, `heic`, `heif`, `icns`, `ico`, `j2c`, `jp2`, `jpeg`, `jpx`, `mng`, `pam`, `pbm`, `pcx`, `pgm`, `png`, `ppm`, `psd`, `svg`, `swf`, `tiff`, `webp`, `xbm`, `xpm`.
 
 ## Installation
 
@@ -40,6 +40,7 @@ image_size.size.w       #=> 436
 image_size.size.h       #=> 429
 image_size.media_type   #=> "image/jpeg"
 image_size.media_types  #=> ["image/jpeg"]
+image_size.byte_size    #=> 10938
 ```
 
 Or using `IO` object:
@@ -92,6 +93,20 @@ File.open('spec/images/jpeg/436x429.jpeg', 'rb') do |fh|
 end
 ```
 
+### Configuration
+
+DPI used for converting `svg` and `emf` dimensions can be configured from default 72:
+
+```ruby
+ImageSize.dpi = 150
+```
+
+Chunk size used for reading files, IO and from remote can be configured from default 4096:
+
+```ruby
+ImageSize.chunk_size = 256
+```
+
 ### Experimental: fetch image meta from HTTP server
 
 If server recognises Range header, only needed chunks will be fetched even for TIFF images, otherwise required amount
@@ -140,9 +155,41 @@ puts Benchmark.measure{ p ImageSize.url(url).size }
   0.006247   0.001045   0.007292 (  0.197631)
 ```
 
+#### Configuration
+
+Maximum number of redirects can be configured from default 5:
+
+```ruby
+ImageSize.max_redirects = 10
+```
+
+Or redirects can be disabled:
+
+```ruby
+ImageSize.max_redirects = 0
+```
+
+A url checker can be added to reduce SSRF risk:
+
+```ruby
+ImageSize.uri_checker = lambda do |uri|
+  raise 'host is not allowed' unless uri.host == 'upload.wikipedia.org'
+end
+```
+
+Alternatively `private_address_check` gem can be of help:
+
+```ruby
+require "private_address_check/tcpsocket_ext"
+
+PrivateAddressCheck.only_public_connections do
+  ImageSize.url(url).size
+end
+```
+
 ## Licence
 
 This code is free to use under the terms of the [Ruby's licence](LICENSE.txt).
 
 Original author: Keisuke Minami <keisuke@rccn.com>.\
-Further development 2010-2024 Ivan Kuchin https://github.com/toy/image_size
+Further development 2010-2026 Ivan Kuchin https://github.com/toy/image_size

data/image_size.gemspec

@@ -2,9 +2,9 @@
 
 Gem::Specification.new do |s|
   s.name        = 'image_size'
-  s.version     = '3.4.0'
+  s.version     = '3.6.0'
   s.summary     = %q{Measure image size/dimensions using pure Ruby}
-  s.description = %q{Measure following file dimensions: apng, avif, bmp, cur, emf, gif, heic, heif, ico, j2c, jp2, jpeg, jpx, mng, pam, pbm, pcx, pgm, png, ppm, psd, svg, swf, tiff, webp, xbm, xpm}
+  s.description = %q{Measure following file dimensions: apng, avif, bmp, cur, emf, gif, heic, heif, icns, ico, j2c, jp2, jpeg, jpx, mng, pam, pbm, pcx, pgm, png, ppm, psd, svg, swf, tiff, webp, xbm, xpm}
   s.homepage    = "https://github.com/toy/#{s.name}"
   s.authors     = ['Keisuke Minami', 'Ivan Kuchin']
   s.license     = 'Ruby'
@@ -16,11 +16,20 @@ Gem::Specification.new do |s|
     'changelog_uri'     => "https://github.com/toy/#{s.name}/blob/master/CHANGELOG.markdown",
     'documentation_uri' => "https://www.rubydoc.info/gems/#{s.name}/#{s.version}",
     'source_code_uri'   => "https://github.com/toy/#{s.name}",
-  }
+  } if s.respond_to?(:metadata=)
 
-  s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
-  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.files = Dir[*%w[
+    .gitignore
+    .rubocop*.yml
+    Gemfile
+    LICENSE.txt
+    GPL
+    *.markdown
+    *.gemspec
+    {.github,lib,spec}/**/{*,.gitattributes}
+  ]].reject(&File.method(:directory?))
+
+  s.test_files = Dir['spec/**/{*,.gitattributes}'].reject(&File.method(:directory?))
   s.require_paths = %w[lib]
 
   s.add_development_dependency 'rspec', '~> 3.0'

data/lib/image_size/chunky_reader.rb

@@ -8,7 +8,7 @@ class ImageSize
 
     # Size of a chunk in which to read
     def chunk_size
-      4096
+      @chunk_size ||= ImageSize.chunk_size
     end
 
     # Including class should define method chunk that accepts the chunk number
@@ -18,7 +18,7 @@ class ImageSize
     # substring, behaves same as str[start, length] except start can't be
     # negative.
     def [](offset, length)
-      raise ArgumentError, "expected offset not to be negative, got #{offset}" if offset < 0
+      fail ArgumentError, "expected offset not to be negative, got #{offset}" if offset < 0
       return if length < 0
 
       first = offset / chunk_size

data/lib/image_size/isobmff.rb

@@ -56,9 +56,9 @@ class ImageSize
         when 1
           size = reader.unpack1(offset + 8, 8, 'Q>')
           relative_data_offset += 8
-          raise FormatError, "Unexpected ISOBMFF xl-box size #{size}" if size < 16
+          fail FormatError, "Unexpected ISOBMFF xl-box size #{size}" if size < 16
         when 2..7
-          raise FormatError, "Reserved ISOBMFF box size #{size}"
+          fail FormatError, "Reserved ISOBMFF box size #{size}"
         end
 
         attributes = {

data/lib/image_size/media_types.rb

@@ -9,6 +9,7 @@ class ImageSize
     emf: %w[image/emf],
     gif: %w[image/gif],
     heic: %w[image/heic image/heif],
+    icns: %w[image/x-icns],
     ico: %w[image/x-icon image/vnd.microsoft.icon],
     j2c: %w[image/j2c],
     jp2: %w[image/jp2],

data/lib/image_size/reader.rb

@@ -30,14 +30,15 @@ class ImageSize
         when input.is_a?(Pathname)
           input.open('rb'){ |f| yield for_io(f) }
         else
-          raise ArgumentError, "expected data as String or an object responding to read and eof?, got #{input.class}"
+          fail ArgumentError, 'expected a String, a Pathname, a StringIO or an object responding to read and eof? ' \
+                              "(IO), got #{input.class}"
         end
       end
 
     private
 
       def for_io(io)
-        if io.respond_to?(:stat) && !io.stat.file?
+        if (io.respond_to?(:stat) && !io.stat.file?) || !io.respond_to?(:seek)
           StreamIOReader.new(io)
         else
           begin
@@ -54,7 +55,7 @@ class ImageSize
       chunk = self[offset, length]
 
       unless chunk && chunk.length == length
-        raise FormatError, "Expected #{length} bytes at offset #{offset}, got #{chunk.inspect}"
+        fail FormatError, "Expected #{length} bytes at offset #{offset}, got #{chunk.inspect}"
       end
 
       chunk

data/lib/image_size/seekable_io_reader.rb

@@ -12,6 +12,10 @@ class ImageSize
       @chunks = {}
     end
 
+    def byte_size
+      @io.size
+    end
+
   private
 
     def chunk(i)

data/lib/image_size/stream_io_reader.rb

@@ -11,6 +11,12 @@ class ImageSize
       @chunks = []
     end
 
+    def byte_size
+      return nil unless @io.respond_to?(:stat) && @io.stat.file?
+
+      @io.stat.size
+    end
+
   private
 
     def chunk(i)

data/lib/image_size/string_reader.rb

@@ -17,5 +17,9 @@ class ImageSize
     def [](offset, length)
       @string[offset, length]
     end
+
+    def byte_size
+      @string.bytesize
+    end
   end
 end

data/lib/image_size/uri_reader.rb

@@ -17,17 +17,24 @@ class ImageSize
     module HTTPChunkyReader # :nodoc:
       include ChunkyReader
 
+      def chunk_start(i)
+        chunk_size * i
+      end
+
       def chunk_range_header(i)
-        { 'Range' => "bytes=#{chunk_size * i}-#{(chunk_size * (i + 1)) - 1}" }
+        { 'Range' => "bytes=#{chunk_start(i)}-#{chunk_start(i + 1) - 1}" }
       end
     end
 
     class BodyReader # :nodoc:
       include ChunkyReader
 
+      attr_reader :byte_size
+
       def initialize(response)
         @body = String.new
         @body_reader = response.to_enum(:read_body)
+        @byte_size = response.content_length
       end
 
       def [](offset, length)
@@ -46,20 +53,32 @@ class ImageSize
     class RangeReader # :nodoc:
       include HTTPChunkyReader
 
-      def initialize(http, request_uri, chunk0)
+      attr_reader :byte_size
+
+      def initialize(http, request_uri, chunk0, byte_size)
         @http = http
         @request_uri = request_uri
         @chunks = { 0 => chunk0 }
+        @byte_size = byte_size
+        @last_chunk = nil
       end
 
       def chunk(i)
+        return if @byte_size && chunk_start(i) >= @byte_size
+        return if @last_chunk && i > @last_chunk
+
         unless @chunks.key?(i)
           response = @http.get(@request_uri, chunk_range_header(i))
           case response
           when Net::HTTPPartialContent
-            @chunks[i] = response.body
+            body = response.body
+            @chunks[i] = body
+            @last_chunk = i if body.length < chunk_size
+          when Net::HTTPRequestedRangeNotSatisfiable
+            @chunks[i] = nil
+            @last_chunk = i if !@last_chunk || @last_chunk > i
           else
-            raise "Unexpected response: #{response}"
+            fail "Unexpected response: #{response}"
           end
         end
 
@@ -70,9 +89,11 @@ class ImageSize
     class << self
       include HTTPChunkyReader
 
-      def open(uri, max_redirects = 5)
+      def open(uri)
         http = nil
-        (max_redirects + 1).times do
+        (ImageSize.max_redirects + 1).times do
+          ImageSize.uri_checker.call(uri)
+
           unless http && http.address == uri.host && http.port == uri.port
             http.finish if http
 
@@ -92,17 +113,19 @@ class ImageSize
           when Net::HTTPRedirection
             uri += response['location']
           when Net::HTTPPartialContent
-            return yield RangeReader.new(http, uri.request_uri, response.body)
+            m = response['content-range'].match(%r{\bbytes\s+\d+-\d+/(\d+)}i) if response['content-range']
+            byte_size = m[1].to_i if m
+            return yield RangeReader.new(http, uri.request_uri, response.body, byte_size)
           when Net::HTTPRequestedRangeNotSatisfiable
             return yield StringReader.new('')
           else
-            raise "Unexpected response: #{response}"
+            fail "Unexpected response: #{response}"
           end
         end
 
-        raise "Too many redirects: #{uri}"
+        fail "Too many redirects: #{uri}"
       ensure
-        http.finish if http.started?
+        http.finish if http && http.started?
       end
     end
   end
@@ -124,4 +147,32 @@ class ImageSize
   def self.url(url)
     new(url.is_a?(URI) ? url : URI(url))
   end
+
+  # Maximum number of redirects
+  def self.max_redirects
+    @max_redirects || 5
+  end
+
+  # Set maximum number of redirects
+  def self.max_redirects=(max_redirects)
+    unless max_redirects.nil? || (max_redirects.is_a?(Integer) && max_redirects >= 0)
+      fail ArgumentError, "max_redirects should be 0, a positive Integer or nil, got #{max_redirects}"
+    end
+
+    @max_redirects = max_redirects
+  end
+
+  # Hook to call before making every request
+  def self.uri_checker
+    @uri_checker || proc{ |_uri| }
+  end
+
+  # Set hook to call before making every request
+  def self.uri_checker=(uri_checker)
+    unless uri_checker.nil? || uri_checker.respond_to?(:call)
+      fail ArgumentError, "uri_checker should respond to call or be nil, got #{uri_checker}"
+    end
+
+    @uri_checker = uri_checker
+  end
 end