passenger 5.2.0 → 5.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 662ef10e6355ee7d591b4c7693f55555e604fd2c
-  data.tar.gz: 7ec97f50b885886f64500f061be9814733a6459f
+  metadata.gz: 4b004a624f6e999498dcb7033c16bd552696b2a0
+  data.tar.gz: f6c0c50888bfff73ff97c9f1f53e61da1be4cd3f
 SHA512:
-  metadata.gz: '08e0bd4acf4de0ffe3db1261c2512e08119531d3785e6405a74bc445b8c559e9a6eefb01b1fa403c9a28b63f7f3ede24b2ede47b4c85ca483851b35f3e751843'
-  data.tar.gz: d46303428cd6bbd875f184278f354e84180825c7c7cefb5614eb2c87bf061d7e5880510e4795c4bf902e20d261fd5f28b6a8507fd7a9d7ab5223206e97dd4922
+  metadata.gz: 86f190ae09c09448f6cdb69f48c4f66b90ef7c7c9cf94633053b0de5aa2412bb80ace7271f11954327bbebf7715c2a0a05b61326072b8d354e6fb05e3c9b7a2e
+  data.tar.gz: 9428480d5d9fc6c9829e2d1c6a6ab00daabce12235f11a1aade4afdb91d736e7a25fd42d3cfbf7fd648ff412808001eadb6225908ebc641348b8d8d6cabfd7ab

data/CHANGELOG

@@ -1,3 +1,17 @@
+Release 5.2.1
+-------------
+
+ * Fixes a regression from 5.1.11 that prevented Passenger from compiling on FreeBSD in some cases. Closes GH-2031.
+ * Fixes a bounds issue in printing an error message that could occur in some cases when spawning a child process fails. Issue was present from 5.1.11.
+ * Fixes a regression from 5.2.0 which prevented setting the max pool idle time to 0. Closes GH-2020.
+ * Warns if using an incompatible compiler on macOS < 10.13. Closes GH-2017.
+ * No longer uses Security Framework on macOS 10.13+. This will prevent further keychain warnings from appropriately compiled Passengers.
+ * Fixes warning on macOS about /proc/self access (excluded some code that was intended only for Linux).
+ * `passenger-install-nginx-module` now downloads the preferred Nginx version via https. Thanks to smiba for pointing this out.
+ * [Apache] Fixes a regression from 5.2.0 that caused a crash on startup when no top-level ServerName is set. Closes GH-2029.
+ * [Enterprise] Adds support for using RAM-based pricing on Heroku.
+
+
 Release 5.2.0
 -------------
 

data/Rakefile

@@ -44,6 +44,11 @@ end
 
 require("#{SOURCE_ROOT}/config") if File.exist?("#{SOURCE_ROOT}/config.rb")
 require_build_system_file 'basics'
+
+if PlatformInfo.os_name_simple == 'macosx'
+  ENV["MACOSX_DEPLOYMENT_TARGET"] ||= PlatformInfo.os_version
+end
+
 if boolean_option('ONLY_RUBY')
   require_build_system_file 'ruby_extension'
 else

data/bin/passenger-install-apache2-module

@@ -88,8 +88,8 @@ class Installer < PhusionPassenger::AbstractInstaller
       end
       ids << 'rack'
     end
-    # On macOS our Crypto.cpp uses TransportSecurity instead of OpenSSL.
-    if PlatformInfo.os_name_simple != 'macosx'
+    # On macOS Curl uses TransportSecurity instead of OpenSSL, except on High Sierra or later.
+    if !(PlatformInfo.os_name_simple == 'macosx' && PlatformInfo.os_version <= '10.13')
       ids << 'openssl-dev'
     end
     if PlatformInfo.apxs2_needed_for_building_apache_modules?

data/bin/passenger-install-nginx-module

@@ -306,7 +306,7 @@ private
     new_screen
     puts "<banner>Downloading Nginx...</banner>"
 
-    url = "http://www.nginx.org/download/nginx-#{PREFERRED_NGINX_VERSION}.tar.gz"
+    url = "https://nginx.org/download/nginx-#{PREFERRED_NGINX_VERSION}.tar.gz"
     dirname = "nginx-#{PREFERRED_NGINX_VERSION}"
     tarball = "#{@working_dir}/nginx.tar.gz"
 

data/build/agent.rb

@@ -62,8 +62,14 @@ let(:agent_ldflags) do
   result << '-lselinux' if USE_SELINUX
   # Extra linker flags for backtrace_symbols() to generate useful output (see agent/Base.cpp).
   result << PlatformInfo.export_dynamic_flags
-  # Enable dead symbol elimination on OS X.
-  result << '-Wl,-dead_strip' if PlatformInfo.os_name_simple == 'macosx'
+  if PlatformInfo.os_name_simple == 'macosx'
+    # Enable dead symbol elimination on OS X.
+    result << '-Wl,-dead_strip'
+    if PlatformInfo.os_version >= '10.13'
+      result << PlatformInfo.openssl_extra_ldflags
+      result << '-lcrypto'
+    end
+  end
   result.join(' ')
 end
 
@@ -83,6 +89,7 @@ AGENT_OBJECTS.each_pair do |object, source|
         libuv_cflags,
         websocketpp_cflags,
         PlatformInfo.curl_flags,
+        PlatformInfo.openssl_extra_cflags,
         PlatformInfo.zlib_flags
       ]
     } }

data/build/basics.rb

@@ -40,6 +40,7 @@ PhusionPassenger.require_passenger_lib 'platform_info/apache'
 PhusionPassenger.require_passenger_lib 'platform_info/curl'
 PhusionPassenger.require_passenger_lib 'platform_info/zlib'
 PhusionPassenger.require_passenger_lib 'platform_info/crypto'
+PhusionPassenger.require_passenger_lib 'platform_info/openssl'
 PhusionPassenger.require_passenger_lib 'platform_info/compiler'
 PhusionPassenger.require_passenger_lib 'platform_info/cxx_portability'
 

data/dev/configkit-schemas/index.json

@@ -278,7 +278,7 @@
          "type" : "unsigned integer"
       },
       "server_software" : {
-         "default_value" : "Phusion_Passenger/5.2.0",
+         "default_value" : "Phusion_Passenger/5.2.1",
          "has_default_value" : "static",
          "type" : "string"
       },
@@ -772,7 +772,7 @@
          "type" : "string"
       },
       "server_software" : {
-         "default_value" : "Phusion_Passenger/5.2.0",
+         "default_value" : "Phusion_Passenger/5.2.1",
          "has_default_value" : "static",
          "type" : "string"
       },
@@ -1481,7 +1481,7 @@
          "type" : "string"
       },
       "server_software" : {
-         "default_value" : "Phusion_Passenger/5.2.0",
+         "default_value" : "Phusion_Passenger/5.2.1",
          "has_default_value" : "static",
          "type" : "string"
       },

data/doc/Packaging.md

@@ -216,7 +216,7 @@ a list of all possible assets and asset directories.
    A directory that contains the Phusion Passenger Ruby library files. Note that
    the Phusion Passenger administration tools still locate phusion_passenger.rb
    as described in the section "The Phusion Passenger Ruby libraries",
-   irregardless of the value of this key in the location configuration file.
+   irrespective of the value of this key in the location configuration file.
    The value is only useful to non-Ruby Phusion Passenger code.
 
    Value when originally packaged: `<SOURCE_ROOT>/src/ruby_supportlib`.

data/src/agent/Core/ApplicationPool/Group/ProcessListManagement.cpp

@@ -585,7 +585,7 @@ Group::disable(const ProcessPtr &process, const DisableCallback &callback) {
 				/* All processes are going to be disabled, so in order
 				 * to avoid blocking requests we first spawn a new process
 				 * and disable this process after the other one is done
-				 * spawning. We do this irregardless of resource limits
+				 * spawning. We do this irrespective of resource limits
 				 * because this is an exceptional situation.
 				 */
 				P_DEBUG("Spawning a new process to avoid the disable action from blocking requests");

data/src/agent/Core/Config.h

@@ -150,7 +150,7 @@ using namespace std;
  *   security_update_checker_interval                                unsigned integer   -          default(86400)
  *   security_update_checker_proxy_url                               string             -          -
  *   security_update_checker_url                                     string             -          default("https://securitycheck.phusionpassenger.com/v1/check.json")
- *   server_software                                                 string             -          default("Phusion_Passenger/5.2.0")
+ *   server_software                                                 string             -          default("Phusion_Passenger/5.2.1")
  *   show_version_in_header                                          boolean            -          default(true)
  *   single_app_mode_app_root                                        string             -          default,read_only
  *   single_app_mode_app_type                                        string             -          read_only
@@ -280,9 +280,6 @@ private:
 		if (config["max_pool_size"].asUInt() < 1) {
 			errors.push_back(Error("'{{max_pool_size}}' must be at least 1"));
 		}
-		if (config["pool_idle_time"].asUInt() < 1) {
-			errors.push_back(Error("'{{pool_idle_time}}' must be at least 1"));
-		}
 	}
 
 	static void validateController(const ConfigKit::Store &config, vector<ConfigKit::Error> &errors) {

data/src/agent/Core/Controller/Config.h

@@ -111,7 +111,7 @@ parseControllerBenchmarkMode(const StaticString &mode) {
  *   multi_app                                           boolean            -          default(true),read_only
  *   request_freelist_limit                              unsigned integer   -          default(1024)
  *   response_buffer_high_watermark                      unsigned integer   -          default(134217728)
- *   server_software                                     string             -          default("Phusion_Passenger/5.2.0")
+ *   server_software                                     string             -          default("Phusion_Passenger/5.2.1")
  *   show_version_in_header                              boolean            -          default(true)
  *   start_reading_after_accept                          boolean            -          default(true)
  *   stat_throttle_rate                                  unsigned integer   -          default(10)

data/src/agent/Core/CoreMain.cpp

@@ -1319,7 +1319,9 @@ coreMain(int argc, char *argv[]) {
 		*coreConfig, coreSchema->loggingKit.translator,
 		parseOptions, NULL, 2);
 
+#if !BOOST_OS_MACOS
 	restoreOomScore(coreConfig->get("oom_score").asString());
+#endif
 
 	ret = runCore();
 	shutdownAgent(coreSchema, coreConfig);

data/src/agent/Core/SecurityUpdateChecker.h

@@ -44,6 +44,14 @@
 #if BOOST_OS_MACOS
 	#include <sys/syslimits.h>
 	#include <unistd.h>
+	#include <Availability.h>
+	#ifndef __MAC_10_13
+		#define __MAC_10_13 101300
+	#endif
+	#define PRE_HIGH_SIERRA (__MAC_OS_X_VERSION_MIN_REQUIRED < __MAC_10_13)
+	#if !PRE_HIGH_SIERRA
+		#include <openssl/err.h>
+	#endif
 #endif
 
 namespace Passenger {
@@ -55,11 +63,13 @@ using namespace oxt;
 #define MIN_CHECK_BACKOFF_SEC (12 * 60 * 60)
 #define MAX_CHECK_BACKOFF_SEC (7 * 24 * 60 * 60)
 
+#if PRE_HIGH_SIERRA
 // Password for the .p12 client certificate (because .p12 is required to be pwd protected on some
 // implementations). We're OK with hardcoding because the certs are not secret anyway, and they're not used
 // for client id/auth (just to easily deflect unrelated probes from the server endpoint).
 #define CLIENT_CERT_PWD "p6PBhK8KtorrhMxHnH855MvF"
 #define CLIENT_CERT_LABEL "Phusion Passenger Open Source"
+#endif
 
 #define POSSIBLE_MITM_RESOLUTION "(if this error persists check your connection security or try upgrading " SHORT_PROGRAM_NAME ")"
 
@@ -289,7 +299,7 @@ private:
 
 		logUpdateFail(error);
 
-#if !BOOST_OS_MACOS
+#if !(BOOST_OS_MACOS && PRE_HIGH_SIERRA)
 		unsigned long cryptoErrorCode = ERR_get_error();
 		if (cryptoErrorCode == 0) {
 			logUpdateFailAdditional("CURLcode" + toString(code));
@@ -371,7 +381,7 @@ private:
 			return code;
 		}
 
-#if BOOST_OS_MACOS
+#if BOOST_OS_MACOS && PRE_HIGH_SIERRA
 		// preauth the security update check key in the user's keychain (this is for libcurl's benefit because they don't bother to authorize themselves to use the keys they import)
 		if (!crypto.preAuthKey(clientCertPath.c_str(), CLIENT_CERT_PWD, CLIENT_CERT_LABEL)) {
 			return CURLE_SSL_CERTPROBLEM;
@@ -459,7 +469,7 @@ public:
 			throw RuntimeException("resourceLocator must be non-NULL");
 		}
 
-		#if BOOST_OS_MACOS
+		#if BOOST_OS_MACOS && PRE_HIGH_SIERRA
 			clientCertPath = resourceLocator->getResourcesDir() + "/update_check_client_cert.p12";
 		#else
 			clientCertPath = resourceLocator->getResourcesDir() + "/update_check_client_cert.pem";
@@ -713,7 +723,7 @@ public:
 			}
 		} while (false);
 
-#if BOOST_OS_MACOS
+#if BOOST_OS_MACOS && PRE_HIGH_SIERRA
 		// remove the security update check key from the user's keychain so that if we are stopped/crash and are upgraded or reinstalled before restarting we don't have permission problems
 		crypto.killKey(CLIENT_CERT_LABEL);
 #endif

data/src/agent/Watchdog/Config.h

@@ -142,7 +142,7 @@ using namespace std;
  *   security_update_checker_interval                                         unsigned integer   -          default(86400)
  *   security_update_checker_proxy_url                                        string             -          -
  *   security_update_checker_url                                              string             -          default("https://securitycheck.phusionpassenger.com/v1/check.json")
- *   server_software                                                          string             -          default("Phusion_Passenger/5.2.0")
+ *   server_software                                                          string             -          default("Phusion_Passenger/5.2.1")
  *   setsid                                                                   boolean            -          default(false)
  *   show_version_in_header                                                   boolean            -          default(true)
  *   single_app_mode_app_root                                                 string             -          default,read_only

data/src/agent/Watchdog/InstanceDirToucher.cpp

@@ -88,6 +88,7 @@ private:
 			_exit(1);
 		}
 
+#if !BOOST_OS_MACOS
 		bool isLegacy;
 		ret = tryRestoreOomScore(originalOomScore, isLegacy);
 		if (ret != 0) {
@@ -106,6 +107,7 @@ private:
 			pos = ASSU::appendData(pos, end, "). Process will remain at inherited OOM score.");
 			ASSU::printError(buf, pos - buf);
 		}
+#endif
 	}
 
 	void

data/src/agent/Watchdog/WatchdogMain.cpp

@@ -176,6 +176,7 @@ static void cleanup(const WorkingObjectsPtr &wo);
 
 /***** Functions *****/
 
+#if !BOOST_OS_MACOS
 static FILE *
 openOomAdjFileGetType(const char *mode, OomFileType &type) {
 	FILE *f = fopen("/proc/self/oom_score_adj", mode);
@@ -249,6 +250,7 @@ setOomScoreNeverKill() {
 
 	return oldScore;
 }
+#endif
 
 static void
 terminationHandler(int signo) {
@@ -791,7 +793,9 @@ initializeBareEssentials(int argc, char *argv[], WorkingObjectsPtr &wo) {
 	 * for this watchdog. Note that the OOM score is inherited by child processes
 	 * so we need to restore it after each fork().
 	 */
+#if !BOOST_OS_MACOS
 	string oldOomScore = setOomScoreNeverKill();
+#endif
 
 	watchdogSchema = new Schema();
 	watchdogConfig = new ConfigKit::Store(*watchdogSchema);
@@ -804,7 +808,9 @@ initializeBareEssentials(int argc, char *argv[], WorkingObjectsPtr &wo) {
 
 	wo = boost::make_shared<WorkingObjects>();
 	workingObjects = wo.get();
+#if !BOOST_OS_MACOS
 	wo->extraConfigToPassToSubAgents["oom_score"] = oldOomScore;
+#endif
 }
 
 static void

data/src/apache2_module/ConfigGeneral/ManifestGeneration.h

@@ -198,7 +198,11 @@ private:
 		server_rec *serverRec, core_dir_config *cdconf, DirConfig *pdconf)
 	{
 		Json::Value vhostDoc;
-		vhostDoc["server_names"].append(serverRec->defn_name);
+		if (serverRec->defn_name) {
+			vhostDoc["server_names"].append(serverRec->defn_name);
+		} else {
+			vhostDoc["server_names"].append("NOT_RECEIVED");
+		}
 
 		Json::Value locationMatcherDoc;
 		locationMatcherDoc["value"] = cdconf->d;

data/src/cxx_supportlib/Constants.h

@@ -80,7 +80,7 @@
 #define PASSENGER_API_VERSION_MAJOR 0
 #define PASSENGER_API_VERSION_MINOR 3
 #define PASSENGER_DEFAULT_USER "nobody"
-#define PASSENGER_VERSION "5.2.0"
+#define PASSENGER_VERSION "5.2.1"
 #define POOL_HELPER_THREAD_STACK_SIZE 262144
 #define PROCESS_SHUTDOWN_TIMEOUT 60
 #define PROCESS_SHUTDOWN_TIMEOUT_DISPLAY "1 minute"

data/src/cxx_supportlib/Crypto.cpp

@@ -162,6 +162,7 @@ OSStatus Crypto::copyIdentityFromPKCS12File(const char *cPath,
 	return status;
 }
 
+#if PRE_HIGH_SIERRA
 void Crypto::killKey(const char *cLabel) {
 	SecIdentityRef id = NULL;
 	OSStatus status = lookupKeychainItem(cLabel, &id);
@@ -238,6 +239,7 @@ bool Crypto::preAuthKey(const char *path, const char *passwd, const char *cLabel
 		return false;
 	}
 }
+#endif
 
 bool Crypto::generateRandomChars(unsigned char *rndChars, int rndLen) {
 	FILE *fPtr = fopen("/dev/random", "r");

data/src/cxx_supportlib/Crypto.h

@@ -31,8 +31,13 @@
 #include <modp_b64.h>
 
 #if BOOST_OS_MACOS
+#include <Availability.h>
+#ifndef __MAC_10_13
+#define __MAC_10_13 101300
+#endif
 #include <CoreFoundation/CoreFoundation.h>
 #include <Security/Security.h>
+#define PRE_HIGH_SIERRA (__MAC_OS_X_VERSION_MIN_REQUIRED < __MAC_10_13)
 #else
 #include <openssl/pem.h>
 #include <openssl/rand.h>
@@ -105,11 +110,13 @@ public:
 	bool generateAndAppendNonce(string &nonce);
 
 #if BOOST_OS_MACOS
+#if PRE_HIGH_SIERRA
 	/**
 	 * sets the permissions on the certificate so that curl doesn't prompt
 	 */
 	bool preAuthKey(const char *path, const char *passwd, const char *cLabel);
 	void killKey(const char *cLabel);
+#endif
 	bool generateRandomChars(unsigned char *rndChars, int rndLen);
 #endif
 

data/src/cxx_supportlib/Hooks.h

@@ -38,6 +38,7 @@
 #include <cstring>
 #include <cctype>
 #include <stdlib.h>
+#include <sys/wait.h>
 
 #include <jsoncpp/json.h>
 

data/src/cxx_supportlib/ProcessManagement/Utils.cpp

@@ -422,7 +422,7 @@ closeAllFileDescriptors(int lastToKeepOpen, bool asyncSignalSafe) {
 	for (int i = getHighestFileDescriptor(asyncSignalSafe); i > lastToKeepOpen; i--) {
 		/* Even though we normally shouldn't retry on EINTR
 		 * (http://news.ycombinator.com/item?id=3363819)
-		 * it's okay to do that here because because this function
+		 * it's okay to do that here because this function
 		 * may only be called in a single-threaded environment.
 		 */
 		int ret;
@@ -434,7 +434,7 @@ closeAllFileDescriptors(int lastToKeepOpen, bool asyncSignalSafe) {
 
 void
 printExecError(const char **command, int errcode) {
-	char buf[1024];
+	char buf[1024] = { };
 	printExecError2(command, errcode, buf, sizeof(buf));
 }
 
@@ -452,7 +452,7 @@ printExecError2(const char **command, int errcode, char *buf, size_t size) {
 	pos = AsyncSignalSafeUtils::appendInteger<int, 10>(pos, end, errcode);
 	pos = AsyncSignalSafeUtils::appendData(pos, end, ")\n");
 
-	AsyncSignalSafeUtils::printError(buf, end - pos);
+	AsyncSignalSafeUtils::printError(buf, pos - buf);
 }
 
 

data/src/cxx_supportlib/Utils/SystemMetricsCollector.h

@@ -1154,7 +1154,7 @@ private:
 				&count);
 			if (status == KERN_SUCCESS) {
 				metrics.ramUsed = ((ssize_t) vmStat.active_count + vmStat.wire_count);
-				#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090
+				#if __MAC_OS_X_VERSION_MIN_REQUIRED >= __MAC_10_9
 					metrics.ramUsed += vmStat.compressor_page_count;
 				#endif
 				metrics.ramUsed = metrics.ramUsed * (pageSize / 1024);

data/src/ruby_supportlib/phusion_passenger.rb

@@ -31,7 +31,7 @@ module PhusionPassenger
 
   PACKAGE_NAME = 'passenger'
   # Run 'rake src/cxx_supportlib/Constants.h configkit_schemas_inline_comments' after changing this number.
-  VERSION_STRING = '5.2.0'
+  VERSION_STRING = '5.2.1'
 
   PREFERRED_NGINX_VERSION = '1.12.2'
   NGINX_SHA256_CHECKSUM = '305f379da1d5fb5aefa79e45c829852ca6983c7cd2a79328f8e084a324cf0416'

data/src/ruby_supportlib/phusion_passenger/platform_info/compiler.rb

@@ -141,6 +141,15 @@ module PhusionPassenger
     end
     private_class_method :cc_or_cxx_supports_feliminate_unused_debug?
 
+    def self.cc_or_cxx_supports_blocks?(language)
+      ext = detect_language_extension(language)
+      compiler_type_name = detect_compiler_type_name(language)
+      command = create_compiler_command(language,"-E -dM",'- </dev/null')
+      result = `#{command}`
+      return result.include? "__BLOCKS__"
+    end
+    private_class_method :cc_or_cxx_supports_blocks?
+
   public
     def self.cc
       return string_env('CC', default_cc)
@@ -429,6 +438,16 @@ module PhusionPassenger
     end
     memoize :cxx_supports_feliminate_unused_debug?, true
 
+    def self.cc_block_support_ok?
+      return (os_name_simple != 'macosx' || cc_or_cxx_supports_blocks?(:c) || os_version >= "10.13" )
+    end
+    memoize :cc_block_support_ok?, true
+
+    def self.cxx_block_support_ok?
+      return (os_name_simple != 'macosx' || cc_or_cxx_supports_blocks?(:cxx) || os_version >= "10.13" )
+    end
+    memoize :cxx_block_support_ok?, true
+
     # Returns whether compiling C++ with -fvisibility=hidden might result
     # in tons of useless warnings, like this:
     # http://code.google.com/p/phusion-passenger/issues/detail?id=526

data/src/ruby_supportlib/phusion_passenger/platform_info/depcheck_specs/compiler_toolchain.rb

@@ -3,7 +3,7 @@ define 'cc' do
   website "http://gcc.gnu.org/"
   define_checker do
     PhusionPassenger.require_passenger_lib 'platform_info/compiler'
-    check_for_command(PlatformInfo.cc, false)
+    PlatformInfo.cc_block_support_ok? && check_for_command(PlatformInfo.cc, false)
   end
 
   on :debian do
@@ -20,6 +20,7 @@ define 'cc' do
   end
   on :macosx do
     install_osx_command_line_tools
+    append_install_instructions("   You must use an Apple compiler, with BLOCKS support.") unless PlatformInfo.cc_block_support_ok?
   end
 end
 
@@ -28,7 +29,7 @@ define 'c++' do
   website "http://gcc.gnu.org/"
   define_checker do
     PhusionPassenger.require_passenger_lib 'platform_info/compiler'
-    check_for_command(PlatformInfo.cxx, false)
+    PlatformInfo.cxx_block_support_ok? && check_for_command(PlatformInfo.cxx, false)
   end
 
   on :debian do
@@ -45,6 +46,7 @@ define 'c++' do
   end
   on :macosx do
     install_osx_command_line_tools
+    append_install_instructions("   You must use an Apple compiler, with BLOCKS support.") unless PlatformInfo.cxx_block_support_ok?
   end
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passenger
 version: !ruby/object:Gem::Version
-  version: 5.2.0
+  version: 5.2.1
 platform: ruby
 authors:
 - Phusion - http://www.phusion.nl/
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-01-26 00:00:00.000000000 Z
+date: 2018-02-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake