rack-mini-profiler 1.1.3 → 1.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +29 -25
- data/README.md +3 -4
- data/lib/html/includes.js +1 -1
- data/lib/mini_profiler/asset_version.rb +1 -1
- data/lib/mini_profiler/gc_profiler.rb +1 -1
- data/lib/mini_profiler/storage/file_store.rb +2 -2
- data/lib/mini_profiler/timer_struct/sql.rb +1 -1
- data/lib/mini_profiler/version.rb +1 -1
- data/lib/patches/db/mongo.rb +1 -1
- data/lib/patches/db/moped.rb +1 -1
- data/lib/patches/db/plucky.rb +4 -4
- data/lib/patches/sql_patches.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 23beddd8a924076759b5f25229f0e9a2c91dee5b916f2e4712381c247ad4922d
|
|
4
|
+
data.tar.gz: af7fc0fbe8008e5159e86b4cdf4fb19d694e15ea125eae2c776b0815df3dca0f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bc6a2e360c45f76f9a66f12e649932ced7a2fdad4e6102eb551df688065970ef47d6b3a4871fa3f642c6b86884b236b547c98fc14de5ba93ee44c4fdbf4a6f90
|
|
7
|
+
data.tar.gz: f6d0ea244eac7b8a40adb7556a7185a245d378402248bd9317be18a616ed2d4c4ba4203401600bb9416f38f875762d688a1191a52a17c643793d4a5a4607f6b5
|
data/CHANGELOG.md
CHANGED
|
@@ -1,20 +1,24 @@
|
|
|
1
1
|
# CHANGELOG
|
|
2
2
|
|
|
3
|
-
## 1.1.
|
|
3
|
+
## 1.1.4 - 2019-12-12
|
|
4
|
+
|
|
5
|
+
- [SECURITY] carefully crafted SQL could cause an XSS on sites that do not use CSPs
|
|
6
|
+
|
|
7
|
+
## 1.1.3 - 2019-10-28
|
|
4
8
|
|
|
5
9
|
- [FEATURE] precompile all templates to avoid need for unsafe-eval
|
|
6
10
|
|
|
7
|
-
## 1.1.2 2019-24
|
|
11
|
+
## 1.1.2 - 2019-10-24
|
|
8
12
|
|
|
9
13
|
- [FIX] JS payload was not working on IE11 and leading to errors
|
|
10
14
|
- [FIX] Remove global singleton_class which was injected
|
|
11
15
|
- [FIX] Regressions post removal of jQuery
|
|
12
16
|
|
|
13
|
-
## 1.1.1 2019-22
|
|
17
|
+
## 1.1.1 - 2019-10-22
|
|
14
18
|
|
|
15
19
|
- [FIX] correct JavaScript fetch support header iteration (Jorge Manrubia)
|
|
16
20
|
|
|
17
|
-
## 1.1.0 2019-10-01
|
|
21
|
+
## 1.1.0 - 2019-10-01
|
|
18
22
|
|
|
19
23
|
- [FEATURE] remove jQuery dependency, switch template library to dot.js
|
|
20
24
|
- [FEATURE] disable all sensitive debugging methods by default (env, memory profiling) can be enabled with enable_advanced_debugging_tools.
|
|
@@ -22,11 +26,11 @@
|
|
|
22
26
|
- [FEATURE] `/rack-mini-profiler/requests` can be used to monitor all requests for apps that do not have a UI (like API apps)
|
|
23
27
|
- [SECURITY] XSS injection in `?pp=help` via rogue uri
|
|
24
28
|
|
|
25
|
-
## 1.0.2 2019-02-05
|
|
29
|
+
## 1.0.2 - 2019-02-05
|
|
26
30
|
|
|
27
31
|
- [FIX] correct script injection to work with Rails 6 and above
|
|
28
32
|
|
|
29
|
-
## 1.0.1 2018-12-10
|
|
33
|
+
## 1.0.1 - 2018-12-10
|
|
30
34
|
|
|
31
35
|
- [FIX] add support for exec_params instrumentation in PG, this method as of PG 1.1.0 no longer
|
|
32
36
|
routes calls to exec / async_exec
|
|
@@ -36,7 +40,7 @@
|
|
|
36
40
|
- [FIX] getEntriesByName is missing in iOS, workaround
|
|
37
41
|
- [FEATURE] drop support for Ruby 2.2.0 we require 2.3.0 and up (EOL Ruby no longer supported)
|
|
38
42
|
|
|
39
|
-
## 1.0.0
|
|
43
|
+
## 1.0.0 - 2018-03-29
|
|
40
44
|
|
|
41
45
|
- [BREAKING CHANGE] Ruby version 2.2.0 or later is required
|
|
42
46
|
- [FEATURE] use new web performance API to avoid warning @MikeRogers0
|
|
@@ -44,16 +48,16 @@
|
|
|
44
48
|
- [FIX] correct jQuery 3.0 deprecations @TiSer
|
|
45
49
|
- [FIX] JS in IFRAME @naiyt
|
|
46
50
|
|
|
47
|
-
## 0.10.8 2017-12-01
|
|
51
|
+
## 0.10.8 - 2017-12-01
|
|
48
52
|
|
|
49
53
|
- [FEATURE] Add `# frozen_string_literal: true` to all `lib/**/*.rb` files
|
|
50
54
|
|
|
51
|
-
## 0.10.7 2017-11-24
|
|
55
|
+
## 0.10.7 - 2017-11-24
|
|
52
56
|
|
|
53
57
|
- [FEATURE] Replace Time.now with Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
|
54
58
|
- [FIX] Error with webrick and empty cache control
|
|
55
59
|
|
|
56
|
-
## 0.10.6 2017-10-30
|
|
60
|
+
## 0.10.6 - 2017-10-30
|
|
57
61
|
|
|
58
62
|
- [FEATURE] Support for vertical positions (top/bottom)
|
|
59
63
|
- [FEATURE] Suppress profiler results in print media @Mike Dillon
|
|
@@ -61,11 +65,11 @@
|
|
|
61
65
|
- [FEATURE] install generator @yhirano
|
|
62
66
|
- [FEATURE] store initial cache control headers in X-MiniProfiler-Original-Cache-Control @mrasu
|
|
63
67
|
|
|
64
|
-
## 0.10.5 2017-05-22
|
|
68
|
+
## 0.10.5 - 2017-05-22
|
|
65
69
|
|
|
66
70
|
- [FIX] revert PG bind sniffing until it is properly tested
|
|
67
71
|
|
|
68
|
-
## 0.10.4 2017-05-17
|
|
72
|
+
## 0.10.4 - 2017-05-17
|
|
69
73
|
|
|
70
74
|
- [FEATURE] log binds for pg @neznauy
|
|
71
75
|
- [FIX] use async exec pg monkey patch instead of exec
|
|
@@ -74,25 +78,25 @@
|
|
|
74
78
|
- [FIX] ensure redis get_unviewed_ids returns only ids that exist
|
|
75
79
|
- [FIX] correctly respect SCRIPT in env if it is sniffed by middleware
|
|
76
80
|
|
|
77
|
-
## 0.10.2 2017-02-08
|
|
81
|
+
## 0.10.2 - 2017-02-08
|
|
78
82
|
|
|
79
83
|
- [FIX] improve turbolinks support
|
|
80
84
|
- [FEATURE] make location of mini_profiler injection customizable
|
|
81
85
|
|
|
82
|
-
## 0.10.1 2016-05-18
|
|
86
|
+
## 0.10.1 - 2016-05-18
|
|
83
87
|
|
|
84
88
|
- [FEATURE] push forward the security checks so no work is ever done if a valid production
|
|
85
89
|
cookie is not available (@sam)
|
|
86
90
|
|
|
87
|
-
## 0.9.9.2 2016-03-06
|
|
91
|
+
## 0.9.9.2 - 2016-03-06
|
|
88
92
|
|
|
89
93
|
- [FEATURE] on pageTransition collapse previously expanded timings
|
|
90
94
|
|
|
91
|
-
## 0.9.9.1 2016-03-06
|
|
95
|
+
## 0.9.9.1 - 2016-03-06
|
|
92
96
|
|
|
93
97
|
- [FEATURE] expost MiniProfiler.pageTransition() for use by SPA web apps (@sam)
|
|
94
98
|
|
|
95
|
-
## 0.9.9 2016-03-06
|
|
99
|
+
## 0.9.9 - 2016-03-06
|
|
96
100
|
|
|
97
101
|
- [FIX] removes alias_method_chain in favor of alias_method until Ruby 1.9.3 (@ayfredlund)
|
|
98
102
|
- [FIX] Dont block mongo when already patched for another db (@rrooding @kbrock)
|
|
@@ -148,7 +152,7 @@
|
|
|
148
152
|
- [FIXED] Possible XSS (admin only)
|
|
149
153
|
- [FIXED] Corrected Sql patching to avoid setting instance vars on nil which is frozen (thanks Andy, huoxito)
|
|
150
154
|
|
|
151
|
-
## 0.9.0.pre - 2013-12-
|
|
155
|
+
## 0.9.0.pre - 2013-12-05 (Sam Saffron)
|
|
152
156
|
- Bumped up version to reflect the stability of the project
|
|
153
157
|
- [IMPROVED] Reports for pp=profile-gc
|
|
154
158
|
- [IMPROVED] pp=flamegraph&flamegraph_sample_rate=1 , allow you to specify sampling rates
|
|
@@ -158,7 +162,7 @@
|
|
|
158
162
|
config.assets.prefix path since developers can rename the path to serve Asset Pipeline
|
|
159
163
|
files from
|
|
160
164
|
|
|
161
|
-
## 2013-09-03
|
|
165
|
+
## 0.1.31 - 2013-09-03
|
|
162
166
|
- [IMPROVED] Flamegraph now has much increased fidelity
|
|
163
167
|
- [REMOVED] Ripped out flamegraph so it can be isolated into a gem
|
|
164
168
|
- [REMOVED] Ripped out pp=sample it just was never really used
|
|
@@ -214,13 +218,13 @@
|
|
|
214
218
|
- [ADDED] New MemchacedStore
|
|
215
219
|
- [ADDED] Rails 4 support
|
|
216
220
|
|
|
217
|
-
## 2012-09-12 (Sam Saffron)
|
|
221
|
+
## 0.1.20 - 2012-09-12 (Sam Saffron)
|
|
218
222
|
- [ADDED] pp=profile-gc: allows you to profile the GC in Ruby 1.9.3
|
|
219
223
|
|
|
220
224
|
## 0.1.19 - 2012-09-10 (Sam Saffron)
|
|
221
225
|
- [FIXED] Compatibility issue with Ruby 1.8.7
|
|
222
226
|
|
|
223
|
-
## 0.1.17 - 2012-09-
|
|
227
|
+
## 0.1.17 - 2012-09-07 (Sam Saffron)
|
|
224
228
|
- [FIXED] pp=sample was bust unless stacktrace was installed
|
|
225
229
|
|
|
226
230
|
## 0.1.16 - 2012-09-05 (Sam Saffron)
|
|
@@ -244,10 +248,10 @@
|
|
|
244
248
|
## 0.1.12.pre - 2012-08-20 (Sam Saffron)
|
|
245
249
|
- [IMPROVED] Cap X-MiniProfiler-Ids at 10, otherwise the header can get killed
|
|
246
250
|
|
|
247
|
-
## 2012-08-10 (Sam Saffron)
|
|
251
|
+
## 0.1.11.pre - 2012-08-10 (Sam Saffron)
|
|
248
252
|
- [ADDED] Basic prepared statement profiling for Postgres
|
|
249
253
|
|
|
250
|
-
## 2012-08-07 (Sam Saffron)
|
|
254
|
+
## 0.1.10 - 2012-08-07 (Sam Saffron)
|
|
251
255
|
- [ADDED] Option to disable profiler for the current session (pp=disable / pp=enable)
|
|
252
256
|
- [ADDED] yajl compatability contributed by Sven Riedel
|
|
253
257
|
|
|
@@ -261,7 +265,7 @@
|
|
|
261
265
|
- [ADDED] First Paint time for Google Chrome
|
|
262
266
|
- [FIXED] Ensure non Rails installs have mini profiler
|
|
263
267
|
|
|
264
|
-
## 2012-07-12 (Sam Saffron)
|
|
268
|
+
## 0.1.6 - 2012-07-12 (Sam Saffron)
|
|
265
269
|
- [ADDED] Native PG and MySql2 interceptors, this gives way more accurate times
|
|
266
270
|
- [ADDED] some more client probing built in to rails
|
|
267
271
|
- [IMPROVED] Refactored context so its a proper class and not a hash
|
|
@@ -275,7 +279,7 @@
|
|
|
275
279
|
production
|
|
276
280
|
- [IMPROVED] Cleaned up railties, got rid of the post authorize callback
|
|
277
281
|
|
|
278
|
-
## 2012-06-28 (Sam Saffron)
|
|
282
|
+
## 0.1.1 - 2012-06-28 (Sam Saffron)
|
|
279
283
|
- [ADDED] Started change log
|
|
280
284
|
- [ADDED] added MemcacheStore
|
|
281
285
|
- [IMPROVED] Corrected profiler so it properly captures POST requests (was supressing non 200s)
|
data/README.md
CHANGED
|
@@ -19,7 +19,7 @@ Middleware that displays speed badge for every html page. Designed to work both
|
|
|
19
19
|
|
|
20
20
|
## rack-mini-profiler needs your help
|
|
21
21
|
|
|
22
|
-
We have decided to restructure our repository so there is a central UI repo and the various language
|
|
22
|
+
We have decided to restructure our repository so there is a central UI repo and the various language implementations have their own.
|
|
23
23
|
|
|
24
24
|
**WE NEED HELP.**
|
|
25
25
|
|
|
@@ -53,7 +53,7 @@ All you have to do is to include the Gem and you're good to go in development. S
|
|
|
53
53
|
|
|
54
54
|
#### Rails and manual initialization
|
|
55
55
|
|
|
56
|
-
In case you need to make sure rack_mini_profiler initialized
|
|
56
|
+
In case you need to make sure rack_mini_profiler is initialized after all other gems, or you want to execute some code before rack_mini_profiler required:
|
|
57
57
|
|
|
58
58
|
```ruby
|
|
59
59
|
gem 'rack-mini-profiler', require: false
|
|
@@ -227,8 +227,7 @@ Rack::MiniProfiler.config.storage = Rack::MiniProfiler::MemoryStore
|
|
|
227
227
|
|
|
228
228
|
# set RedisStore
|
|
229
229
|
if Rails.env.production?
|
|
230
|
-
|
|
231
|
-
Rack::MiniProfiler.config.storage_options = { :host => uri.host, :port => uri.port, :password => uri.password }
|
|
230
|
+
Rack::MiniProfiler.config.storage_options = { url: ENV["REDIS_SERVER_URL"] }
|
|
232
231
|
Rack::MiniProfiler.config.storage = Rack::MiniProfiler::RedisStore
|
|
233
232
|
end
|
|
234
233
|
```
|
data/lib/html/includes.js
CHANGED
|
@@ -36,7 +36,7 @@ module Rack
|
|
|
36
36
|
start_millis = ((Process.clock_gettime(Process::CLOCK_MONOTONIC) * 1000).to_i - page[:started]) - duration_ms
|
|
37
37
|
super(
|
|
38
38
|
execute_type: 3, # TODO
|
|
39
|
-
formatted_command_string: query,
|
|
39
|
+
formatted_command_string: ERB::Util.html_escape(query),
|
|
40
40
|
stack_trace_snippet: stack_trace,
|
|
41
41
|
start_milliseconds: start_millis,
|
|
42
42
|
duration_milliseconds: duration_ms,
|
data/lib/patches/db/mongo.rb
CHANGED
|
@@ -8,7 +8,7 @@ class Mongo::Server::Connection
|
|
|
8
8
|
result, _record = SqlPatches.record_sql(args[0][0].payload.inspect) do
|
|
9
9
|
dispatch_without_timing(*args, &blk)
|
|
10
10
|
end
|
|
11
|
-
|
|
11
|
+
result
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
# TODO: change to Module#prepend as soon as Ruby 1.9.3 support is dropped
|
data/lib/patches/db/moped.rb
CHANGED
data/lib/patches/db/plucky.rb
CHANGED
|
@@ -9,19 +9,19 @@ class Plucky::Query
|
|
|
9
9
|
alias_method :remove_without_profiling, :remove
|
|
10
10
|
|
|
11
11
|
def find_each(*args, &blk)
|
|
12
|
-
|
|
12
|
+
profile_database_operation(__callee__, filtered_inspect(), *args, &blk)
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def find_one(*args, &blk)
|
|
16
|
-
|
|
16
|
+
profile_database_operation(__callee__, filtered_inspect(args[0]), *args, &blk)
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def count(*args, &blk)
|
|
20
|
-
|
|
20
|
+
profile_database_operation(__callee__, filtered_inspect(), *args, &blk)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def remove(*args, &blk)
|
|
24
|
-
|
|
24
|
+
profile_database_operation(__callee__, filtered_inspect(), *args, &blk)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
private
|
data/lib/patches/sql_patches.rb
CHANGED
|
@@ -11,7 +11,7 @@ class SqlPatches
|
|
|
11
11
|
start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
|
12
12
|
result = yield
|
|
13
13
|
record = ::Rack::MiniProfiler.record_sql(statement, elapsed_time(start), parameters)
|
|
14
|
-
|
|
14
|
+
[result, record]
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def self.should_measure?
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-mini-profiler
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sam Saffron
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2019-
|
|
13
|
+
date: 2019-12-12 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rack
|