measured 3.2.0 → 3.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.github/dependabot.yml +4 -0
  3. data/.github/workflows/ci.yml +2 -2
  4. data/.github/workflows/dependabot_auto_merge.yml +4 -4
  5. data/CHANGELOG.md +4 -0
  6. data/lib/measured/cache/json.rb +2 -1
  7. data/lib/measured/version.rb +1 -1
  8. data/test/cache/json_test.rb +18 -0
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d08724bae7ca2587e6ac427df7588e08fcec42dfecbd5d0fd9858560b7d1ec1f
4
- data.tar.gz: aa934b2932b9df4648acbd6d65378fdd00add45840834e5ef9119bfd2e627ff9
3
+ metadata.gz: 1e8794e944fe077ce5f8fe1271de15dbd7aae08e9faa25870d5a2f1df2fecfe3
4
+ data.tar.gz: d6250b4975dbf4a2972b998cc68971b983f6ee2d45c2a22fe7839d672c951233
5
5
  SHA512:
6
- metadata.gz: 5aea963586e68d4806e06d98993b2122b13fd19c79a825c035d413b908c8d30213d7fe4d23d4485b7cfdcd63c448db98150f11941bbb32d461a773e781ed5120
7
- data.tar.gz: 55dd6b127ae8dcba52fca728246116a55274549bf0ee0ac31931a12393783554cb05dd5b7521714573e9d3c24350f6c88883a30a0110921e1594325660156f42
6
+ metadata.gz: 30590d0e624813f1cbc0bc8bbe5a397b0197e799cd36070c91eba906890cea07fbf2b1755db57fc73aea8e1ce5bbf220edd608cf27ee809afccc0d18a0abafe7
7
+ data.tar.gz: 4197246ef6225ab834396b9287e705d1e12878f90ed9892a372d552c566ab387cfee24b083f0a6018a4e6515d1245167db548f123521c510af1671a835373599
data/.github/dependabot.yml CHANGED
@@ -11,6 +11,10 @@ registries:
11
11
  username: ${{secrets.DEPENDENCIES_GITHUB_USER}}
12
12
  password: ${{secrets.DEPENDENCIES_GITHUB_TOKEN}}
13
13
  updates:
14
+ - package-ecosystem: github-actions
15
+ directory: "/"
16
+ schedule:
17
+ interval: weekly
14
18
  - package-ecosystem: bundler
15
19
  directory: "/"
16
20
  schedule:
data/.github/workflows/ci.yml CHANGED
@@ -26,9 +26,9 @@ jobs:
26
26
 
27
27
  name: Ruby ${{ matrix.ruby }} ${{ matrix.gemfile }}
28
28
  steps:
29
- - uses: actions/checkout@v1
29
+ - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1.2.0
30
30
  - name: Set up Ruby ${{ matrix.ruby }}
31
- uses: ruby/setup-ruby@v1
31
+ uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # v1.238.0
32
32
  with:
33
33
  ruby-version: ${{ matrix.ruby }}
34
34
  bundler-cache: true
data/.github/workflows/dependabot_auto_merge.yml CHANGED
@@ -8,7 +8,7 @@ jobs:
8
8
  steps:
9
9
  - name: Dependabot metadata
10
10
  id: metadata
11
- uses: dependabot/fetch-metadata@v1.6.0
11
+ uses: dependabot/fetch-metadata@c9c4182bf1b97f5224aee3906fd373f6b61b4526 # v1.6.0
12
12
  with:
13
13
  github-token: "${{ secrets.GITHUB_TOKEN }}"
14
14
 
@@ -16,7 +16,7 @@ jobs:
16
16
  id: check_ci_failure
17
17
  continue-on-error: true
18
18
  if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.dependency-group == 'auto_merge' }}
19
- uses: actions/github-script@v6
19
+ uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
20
20
  with:
21
21
  script: |
22
22
  function sleep(ms) {
@@ -62,7 +62,7 @@ jobs:
62
62
  core.setOutput("ci_state", ci_state)
63
63
  - name: Send Slack notification if auto-merge failed
64
64
  if: ${{ steps.check_ci_failure.outputs.ci_state == 'false' }}
65
- uses: ruby/action-slack@v3.0.0
65
+ uses: ruby/action-slack@b6882ea6ef8f556f9f9af9ec1220d3f1ced74acf # v3.0.0
66
66
  with:
67
67
  payload: |
68
68
  {
@@ -77,7 +77,7 @@ jobs:
77
77
 
78
78
  - name: Approve and merge
79
79
  if: ${{ steps.check_ci_failure.outputs.ci_state == 'true' && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.dependency-group == 'auto_merge') }}
80
- uses: actions/github-script@v6
80
+ uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
81
81
  with:
82
82
  script: |
83
83
  await github.rest.pulls.createReview({
data/CHANGELOG.md CHANGED
@@ -1,6 +1,10 @@
1
1
  Unreleased
2
2
  -----
3
3
 
4
+ 3.2.1
5
+ -----
6
+ * Restrict Measured::Cache::Json initializer to valid filenames. (@caseyshop)
7
+
4
8
  3.2.0
5
9
  -----
6
10
  * Make the ActiveRecord validation errors have the correct type. (@alexcarruthers)
data/lib/measured/cache/json.rb CHANGED
@@ -5,7 +5,8 @@ module Measured::Cache
5
5
 
6
6
  def initialize(filename)
7
7
  @filename = filename
8
- @path = Pathname.new(File.join(File.dirname(__FILE__), "../../../cache", @filename)).cleanpath
8
+ raise ArgumentError, "Invalid cache file: #{filename}" unless %w[length.json weight.json volume.json test.json].include?(filename.to_s)
9
+ @path = Pathname.new(File.join(File.dirname(__FILE__), "../../../cache", filename)).cleanpath
9
10
  end
10
11
 
11
12
  def exist?
data/lib/measured/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # frozen_string_literal: true
2
2
  module Measured
3
- VERSION = "3.2.0"
3
+ VERSION = "3.2.1"
4
4
  end
data/test/cache/json_test.rb CHANGED
@@ -14,6 +14,24 @@ class Measured::Cache::JsonTest < ActiveSupport::TestCase
14
14
  refute_match "../", @cache.path.to_s
15
15
  end
16
16
 
17
+ test "#initialize accepts valid cache filenames for Measured::Measurable.subclasses, and test file" do
18
+ valid_files = %w[length.json weight.json volume.json test.json]
19
+ valid_files.each do |filename|
20
+ assert_nothing_raised do
21
+ Measured::Cache::Json.new(filename)
22
+ end
23
+ end
24
+ end
25
+
26
+ test "#initialize rejects invalid cache filenames" do
27
+ invalid_files = ["volum.json", "../volume.json", "other.txt"]
28
+ invalid_files.each do |filename|
29
+ assert_raises ArgumentError do
30
+ Measured::Cache::Json.new(filename)
31
+ end
32
+ end
33
+ end
34
+
17
35
  test "#exist? returns false if the file does not exist" do
18
36
  File.expects(:exist?).with(@cache.path).returns(false)
19
37
  refute_predicate @cache, :exist?
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: measured
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.0
4
+ version: 3.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kevin McPhillips
@@ -9,7 +9,7 @@ authors:
9
9
  - Javier Honduvilla Coto
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2025-01-28 00:00:00.000000000 Z
12
+ date: 1980-01-02 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: activesupport
@@ -240,7 +240,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
240
240
  - !ruby/object:Gem::Version
241
241
  version: '0'
242
242
  requirements: []
243
- rubygems_version: 3.6.3
243
+ rubygems_version: 3.6.9
244
244
  specification_version: 4
245
245
  summary: Encapsulate measurements with their units in Ruby
246
246
  test_files: