RubyGems - macaw_framework - Versions diffs - 1.0.1 → 1.0.2 - Mend

macaw_framework 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/README.md +5 -2
data/SECURITY.md +16 -2
data/lib/macaw_framework/core/server.rb +5 -7
data/lib/macaw_framework/version.rb +1 -1
data/main/CODEOWNERS +1 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 03ac2a8df24de8757381abc1e9a85f7854ac71a49b44d51aa7a23f1d42f95380
-  data.tar.gz: 4431ce9ab63887660aaa5cc464c00a1dd3a81b08cf4f99bb53926d0aec440fc2
+  metadata.gz: 6e3d33329ff53ab220c857c255d70b687d50f0703054ecef2866a17676867eed
+  data.tar.gz: 2c340f529123646d86a261630f2bcb5bb89dbbfda10a65f4820f1db8ece73504
 SHA512:
-  metadata.gz: 7f981191cafd8504428de742979979a82ce1609c69ab08afc9f0b8e131381d12cc298b9b7447679b1611719605b825fcf409c9b4afee2b0d0f3a4fa8f28b5c79
-  data.tar.gz: cda629f9c4c779d11712c18dd5f9b7c8c90805688630d75c14b7fcd7c485b3cdcb2ea2386b5f6bcde62296a7b283337ee45418a08b67e61686f23ef18bf56bb2
+  metadata.gz: 79abf5fdf0729ef0464245c8765c88516b5445bff3123160e8f84fe1e43fa5360f311fceb731cb9f2823c49ac0caac5a78e3f35812ef3fe5e38cec2ab373cd81
+  data.tar.gz: db3b2bec7d0999497c752d9d1664d2bd99e0b35bb1bd67f95d5e529c7a46950ae62a02334f65016b4a947373a4a3871d5aa75832f33765e930dc7c0c4367dd45

data/CHANGELOG.md CHANGED Viewed

@@ -47,3 +47,9 @@
 - Introducing server-side session management
 - Fixing a bug with cache
 - Improving README
+## [1.0.2] - 2023-05-06
+- Fixing a bug with cache where ignored_headers where not being properly loaded
+- Fixed a bug with cache where URL parameters were not being considered in the strategy
+- Updating SECURITY.md with more information

data/README.md CHANGED Viewed

@@ -56,17 +56,20 @@ m.get('/cached_data', cache: true) do |context|
 end
 ```
+Observation: To activate caching you also have to set it's properties on the application.json file. If you don't, caching strategy will not work.
+See section below for configurations.
 ### Session management: Handle user sessions securely with server-side in-memory storage
 ```ruby
 m.get('/login') do |context|
   # Authenticate user
-  context[:session][:user_id] = user_id
+  context[:client][:user_id] = user_id
 end
 m.get('/dashboard') do |context|
   # Check if the user is logged in
-  if context[:session][:user_id]
+  if context[:client][:user_id]
     # Show dashboard
   else
     # Redirect to login

data/SECURITY.md CHANGED Viewed

@@ -2,12 +2,26 @@
 ## Supported Versions
+We are committed to addressing security issues in a timely manner. The following versions of MacawFramework are currently supported with security updates:
 | Version | Supported          |
 | ------- | ------------------ |
 | 1.0.x   | :white_check_mark: |
 | < 1.x   | :x:                |
 ## Reporting a Vulnerability
-If you find a vulnerability, please open an issue or send an e-mail to aria.diniz.dev@gmail.com
+We encourage responsible disclosure of security vulnerabilities. If you find a vulnerability in MacawFramework, please follow the steps below:
+1. Open an issue on the [GitHub repository](https://github.com/ariasdiniz/macaw_framework/issues) describing the vulnerability. Please include as much detail as possible, such as the affected version, the steps to reproduce the issue, and the potential impact of the vulnerability.
+Alternatively, you can send an email to aria.diniz.dev@gmail.com with the same information.
+2. We will review and acknowledge the report within a reasonable time frame. We may ask for additional information or guidance to help us understand and reproduce the issue.
+3. We will work on addressing the vulnerability and will provide updates on the progress.
+4. Once the issue is resolved, we will release a new version of MacawFramework with the necessary security fixes.
+Please remember to follow the project's [Code of Conduct](https://github.com/ariasdiniz/macaw_framework/blob/main/CODE_OF_CONDUCT.md) when reporting security vulnerabilities.

data/lib/macaw_framework/core/server.rb CHANGED Viewed

@@ -123,11 +123,9 @@ class Server
   end
   def set_cache_ignored_h
-    ignored_headers = []
-    if @macaw.config&.dig("macaw", "cache", "ignored_headers")
-      ignored_headers = @macaw.config["macaw"]["cache"]["ignore_headers"] || []
-    end
-    ignored_headers
+    return unless @macaw.config&.dig("macaw", "cache", "ignore_headers")
+    @macaw.config["macaw"]["cache"]["ignore_headers"] || []
   end
   def set_ssl
@@ -166,13 +164,13 @@ class Server
       {
         headers: client_data[:headers],
         body: client_data[:body],
-        params: client_data[:parameters],
+        params: client_data[:params],
         client: @session[client_ip][0]
       }
     )
   end
   def get_client_data(body, headers, parameters)
-    { body: body, headers: headers, parameters: parameters }
+    { body: body, headers: headers, params: parameters }
   end
 end

data/lib/macaw_framework/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module MacawFramework
-  VERSION = "1.0.1"
+  VERSION = "1.0.2"
 end

data/main/CODEOWNERS ADDED Viewed

	@@ -0,0 +1 @@
1	+ * @ariasdiniz

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: macaw_framework
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - Aria Diniz
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-05-03 00:00:00.000000000 Z
+date: 2023-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: prometheus-client
@@ -56,6 +56,7 @@ files:
 - lib/macaw_framework/utils/http_status_code.rb
 - lib/macaw_framework/version.rb
 - macaw_logo.png
+- main/CODEOWNERS
 - sig/http_status_code.rbs
 - sig/logging_aspect.rbs
 - sig/macaw_framework.rbs