rack-cors 2.0.2 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14eb27e856c7cdd90b79cfc7236f3b71e10cfdcb2e282bb1a93546b8a97a053e
-  data.tar.gz: c9a2d87407a44c7df88129ece2d8ac5b8f5f6c46414b742c762d63cb99ae2278
+  metadata.gz: 6ec00fa74e332230fa5a169a7de9b04f09cdc062653f1cc09ca05806fb25152f
+  data.tar.gz: a628117ab53ce1ec3ade0bef0f073d5edc4ce7a908122a741534f64ff4e90a3e
 SHA512:
-  metadata.gz: e7a4136f89a39be61d5d1c7cdc1d5d4c85a883ee72f9a0f16c13fdd0218918d9c67a379974bae60271f3a7b1e2aebdaf8c187aa65c9e97b4d12427a9c606af60
-  data.tar.gz: a6798527bc3b3463f93d63bb42e901ff11de4512c63e10baf2ccb413526fff0cbee04bd9c2c38025b840c5ce9281fd60cd473d4dd0631a1cb6ba704d7d4d28f0
+  metadata.gz: 7f3ffafae36ad8e08a5d5f4347628ef6efaf9dcd669d008e1ea4022998e6d36bef652c9b99fc5c89d36af10cfbc508269154df722ca7629831642206ee3b078c
+  data.tar.gz: f849c6fa986e0e601dc18532591fcde9c03557ee2fb1ecbf2e19f518e7ec0824a8d665c4c8764872fccbd674d754c7453fc333eb72c93d27c586b4ebf5c1b913

data/CHANGELOG.md

@@ -1,9 +1,16 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## 3.0.0 - 2025-05-16
+### Changed
+- Update Rack dependency to >= 3.0.14
+- Remove support for Ruby 2.3
+- Add logger as explicit dependency
+
 ## 2.0.2 - 2024-03-04
 ### Changed
 - Fix file permission issues with 2.0.1 release
+  - Security: Fixes CVE-2024-27456, GHSA-785g-282q-pwvx
 
 ## 2.0.1 - 2023-02-17
 ### Changed

data/README.md

@@ -107,7 +107,9 @@ A Resource path can be specified as exact string match (`/path/to/file.txt`) or
 
 ### Origin Matching
 
-When specifying an origin, make sure that it does not have a trailing slash.
+* When specifying an origin, make sure that it does not have a trailing slash.
+
+* When specifying an HTTP origin that uses the scheme's default port (e.g. `http://example.test:80`), some clients may not strip the port which could result in unexpected blocked requests (additional context [here](https://github.com/request/request/pull/2904)).
 
 ### Testing Postman and/or cURL
 
@@ -129,13 +131,13 @@ Here are some scenarios where incorrect positioning have created issues:
 You can run the following command to see what the middleware stack looks like:
 
 ```bash
-bundle exec rake middleware
+bundle exec rails middleware
 ```
 
 Note that the middleware stack is different in production.  For example, the `ActionDispatch::Static` middleware will not be part of the stack if `config.serve_static_assets = false`.  You can run this to see what your middleware stack looks like in production:
 
 ```bash
-RAILS_ENV=production bundle exec rake middleware
+RAILS_ENV=production bundle exec rails middleware
 ```
 
 ### Serving static files

data/lib/rack/cors/version.rb

@@ -2,6 +2,6 @@
 
 module Rack
   class Cors
-    VERSION = '2.0.2'
+    VERSION = '3.0.0'
   end
 end

metadata

@@ -1,29 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: rack-cors
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 3.0.0
 platform: ruby
 authors:
 - Calvin Yu
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-04 00:00:00.000000000 Z
+date: 2025-05-16 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 3.0.14
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 3.0.14
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -48,30 +62,30 @@ dependencies:
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 5.11.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 5.11.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -148,7 +162,9 @@ files:
 homepage: https://github.com/cyu/rack-cors
 licenses:
 - MIT
-metadata: {}
+metadata:
+  changelog_uri: https://github.com/cyu/rack-cors/blob/master/CHANGELOG.md
+  funding_uri: https://github.com/sponsors/cyu
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -164,7 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.4.19
 signing_key:
 specification_version: 4
 summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps