merb-core 1.0.12 → 1.0.13

Sign up to get free protection for your applications and to get access to all the features.
data/Rakefile CHANGED
@@ -66,7 +66,7 @@ spec = Gem::Specification.new do |s|
66
66
  s.add_dependency "rspec"
67
67
  s.add_dependency "rack"
68
68
  s.add_dependency "mime-types"
69
- s.add_dependency "thor", ">= 0.9.9"
69
+ s.add_dependency "thor", "~> 0.9.9"
70
70
  # this escalates to "regular" dependencies, comment it out
71
71
  # for now. RubyGems need some love.
72
72
  #s.add_development_dependency "libxml-ruby"
@@ -1269,6 +1269,8 @@ class Merb::BootLoader::ChooseAdapter < Merb::BootLoader
1269
1269
  #
1270
1270
  # :api: plugin
1271
1271
  def self.run
1272
+ # Check if we running in IRB if so run IRB adapter
1273
+ Merb::Config[:adapter] = 'irb' if Merb.running_irb?
1272
1274
  Merb.adapter = Merb::Rack::Adapter.get(Merb::Config[:adapter])
1273
1275
  end
1274
1276
  end
@@ -1307,6 +1309,19 @@ class Merb::BootLoader::RackUpApplication < Merb::BootLoader
1307
1309
  end
1308
1310
  end
1309
1311
 
1312
+ class Merb::BootLoader::BackgroundServices < Merb::BootLoader
1313
+ # Start background services, such as the run_later worker thread.
1314
+ #
1315
+ # ==== Returns
1316
+ # nil
1317
+ #
1318
+ # :api: plugin
1319
+ def self.run
1320
+ Merb::Worker.start unless Merb.testing? || Merb::Worker.started?
1321
+ nil
1322
+ end
1323
+ end
1324
+
1310
1325
  class Merb::BootLoader::ReloadClasses < Merb::BootLoader
1311
1326
 
1312
1327
  class TimedExecutor
@@ -151,6 +151,10 @@ module Merb
151
151
  #
152
152
  # :api: private
153
153
  def setup(settings = {})
154
+ # Merge new settings with any existing configuration settings
155
+ settings = @configuration.merge(settings) unless @configuration.nil?
156
+
157
+ # Merge new settings with default settings
154
158
  config = defaults.merge(settings)
155
159
 
156
160
  unless config[:reload_classes]
@@ -1,7 +1,7 @@
1
1
  begin
2
2
  require "extlib"
3
3
  rescue LoadError => e
4
- puts "Merb-core 0.9.4 and later uses extlib for Ruby core class extensions. Install it from github.com/sam/extlib."
4
+ puts "Merb-core 0.9.4 and later uses extlib for Ruby core class extensions. Install it from github.com/datamapper/extlib."
5
5
  exit
6
6
  end
7
7
 
@@ -303,7 +303,7 @@ module Merb
303
303
  # r<Behavior>:: +optional+ - The to behavior object.
304
304
  #
305
305
  # ==== Returns
306
- # Route:: It registers a new route and returns it.
306
+ # Behavior:: The route definition behavior defining the created route
307
307
  #
308
308
  # ==== Examples
309
309
  # match('/:controller/:id).to(:action => 'show')
@@ -148,6 +148,36 @@ module Merb
148
148
  def generate_digest(data)
149
149
  OpenSSL::HMAC.hexdigest(DIGEST, @secret, data)
150
150
  end
151
+
152
+ # Securely compare two digests using a constant time algorithm.
153
+ # This avoids leaking information about the calculated HMAC
154
+ #
155
+ # Based on code by Michael Koziarski <michael@koziarski.com>
156
+ # http://github.com/rails/rails/commit/674f780d59a5a7ec0301755d43a7b277a3ad2978
157
+ #
158
+ # ==== Parameters
159
+ # a, b<~to_s>:: digests to compare.
160
+ #
161
+ # ==== Returns
162
+ # Boolean:: Do the digests validate?
163
+ def secure_compare(a, b)
164
+ if a.length == b.length
165
+
166
+ # unpack to forty characters.
167
+ # needed for 1.8 and 1.9 compat
168
+ a_bytes = a.unpack('C*')
169
+ b_bytes = b.unpack('C*')
170
+
171
+ result = 0
172
+ for i in 0..(a_bytes.length - 1)
173
+ result |= a_bytes[i] ^ b_bytes[i]
174
+ end
175
+ result == 0
176
+ else
177
+ false
178
+ end
179
+ end
180
+
151
181
 
152
182
  # Unmarshal cookie data to a hash and verify its integrity.
153
183
  #
@@ -167,7 +197,7 @@ module Merb
167
197
  else
168
198
  data, digest = Merb::Parse.unescape(cookie).split('--')
169
199
  return {} if data.blank? || digest.blank?
170
- unless digest == generate_digest(data)
200
+ unless secure_compare(generate_digest(data), digest)
171
201
  clear
172
202
  unless Merb::Config[:ignore_tampered_cookies]
173
203
  raise TamperedWithCookie, "Maybe the site's session_secret_key has changed?"
@@ -21,6 +21,14 @@ module Merb
21
21
  end
22
22
  @worker
23
23
  end
24
+
25
+ # ==== Returns
26
+ # Whether the Merb::Worker instance is already started.
27
+ #
28
+ # :api: private
29
+ def started?
30
+ !@worker.nil?
31
+ end
24
32
  end
25
33
 
26
34
  # Creates a new worker thread that loops over the work queue.
@@ -16,7 +16,9 @@ end
16
16
  # ==== Public Merb Logger API
17
17
  #
18
18
  # To replace an existing logger with a new one:
19
- # Merb::Logger.set_log(log{String, IO},level{Symbol, String})
19
+ # Merb.logger.set_log(log{String, IO},level{Symbol, String})
20
+ # for example:
21
+ # Merb.logger.set_log($stdout, Merb::Logger::Levels[:fatal])
20
22
  #
21
23
  # Available logging levels are
22
24
  # Merb::Logger::{ Fatal, Error, Warn, Info, Debug }
@@ -217,8 +217,6 @@ module Merb
217
217
  Merb::Server.remove_pid(port)
218
218
  end
219
219
 
220
- Merb::Worker.start unless Merb.testing?
221
-
222
220
  # If Merb is daemonized, trap INT. If it's not daemonized,
223
221
  # we let the master process' ctrl-c control the cluster
224
222
  # of workers.
@@ -7,8 +7,8 @@ require "merb-core/test/matchers/request_matchers"
7
7
  Merb::Test::ControllerHelper.send(:include, Merb::Test::Rspec::ControllerMatchers)
8
8
  Merb::Test::RouteHelper.send(:include, Merb::Test::Rspec::RouteMatchers)
9
9
 
10
- if defined?(::Webrat)
11
- module Merb::Test::ViewHelper
10
+ module Merb::Test::ViewHelper
11
+ if defined?(::Webrat)
12
12
  include ::Webrat::Matchers
13
13
  include ::Webrat::HaveTagMatcher
14
14
  end
@@ -1,5 +1,5 @@
1
1
  module Merb
2
- VERSION = '1.0.12' unless defined?(Merb::VERSION)
3
- DM_VERSION = '0.9.11' unless defined?(Merb::DM_VERSION)
4
- DO_VERSION = '0.9.11' unless defined?(Merb::DO_VERSION)
2
+ VERSION = '1.0.13' unless defined?(Merb::VERSION)
3
+ DM_VERSION = '0.10' unless defined?(Merb::DM_VERSION)
4
+ DO_VERSION = '0.10' unless defined?(Merb::DO_VERSION)
5
5
  end
data/lib/merb-core.rb CHANGED
@@ -154,6 +154,9 @@ module Merb
154
154
  Merb::Config.parse_args(argv)
155
155
  end
156
156
 
157
+ # Keep information that we run inside IRB to guard it against overriding in init.rb
158
+ @running_irb = Merb::Config[:adapter] == 'irb'
159
+
157
160
  Merb::Config[:log_stream] = STDOUT
158
161
 
159
162
  Merb.environment = Merb::Config[:environment]
@@ -786,6 +789,11 @@ module Merb
786
789
  def run_later(&blk)
787
790
  Merb::Dispatcher.work_queue << blk
788
791
  end
792
+
793
+ # :api: private
794
+ def running_irb?
795
+ @running_irb
796
+ end
789
797
  end
790
798
  end
791
799
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: merb-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.12
4
+ version: 1.0.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ezra Zygmuntowicz
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-06-30 00:00:00 -07:00
12
+ date: 2009-11-03 00:00:00 +00:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -88,7 +88,7 @@ dependencies:
88
88
  version_requirement:
89
89
  version_requirements: !ruby/object:Gem::Requirement
90
90
  requirements:
91
- - - ">="
91
+ - - ~>
92
92
  - !ruby/object:Gem::Version
93
93
  version: 0.9.9
94
94
  version:
@@ -240,7 +240,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
240
240
  requirements:
241
241
  - install the json gem to get faster json parsing
242
242
  rubyforge_project:
243
- rubygems_version: 1.3.2
243
+ rubygems_version: 1.3.5
244
244
  signing_key:
245
245
  specification_version: 3
246
246
  summary: Merb. Pocket rocket web framework.