railties 6.0.4.3 → 6.1.1

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2004-2019 David Heinemeier Hansson
+Copyright (c) 2004-2020 David Heinemeier Hansson
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/RDOC_MAIN.rdoc

@@ -68,7 +68,7 @@ and may also be used independently outside \Rails.
 3. Change directory to +myapp+ and start the web server:
 
     $ cd myapp
-    $ rails server
+    $ bin/rails server
 
    Run with <tt>--help</tt> or <tt>-h</tt> for options.
 

data/README.rdoc

@@ -17,7 +17,7 @@ The latest version of Railties can be installed with RubyGems:
 
 Source code can be downloaded as part of the Rails project on GitHub
 
-* https://github.com/rails/rails/tree/main/railties
+* https://github.com/rails/rails/tree/master/railties
 
 == License
 

data/lib/minitest/rails_plugin.rb

@@ -5,6 +5,19 @@ require "rails/test_unit/reporter"
 require "rails/test_unit/runner"
 
 module Minitest
+  class BacktraceFilterWithFallback
+    def initialize(preferred, fallback)
+      @preferred = preferred
+      @fallback = fallback
+    end
+
+    def filter(backtrace)
+      filtered = @preferred.filter(backtrace)
+      filtered = @fallback.filter(backtrace) if filtered.empty?
+      filtered
+    end
+  end
+
   class SuppressedSummaryReporter < SummaryReporter
     # Disable extra failure output after a run if output is inline.
     def aggregated_results(*)
@@ -40,7 +53,9 @@ module Minitest
   def self.plugin_rails_init(options)
     unless options[:full_backtrace] || ENV["BACKTRACE"]
       # Plugin can run without Rails loaded, check before filtering.
-      Minitest.backtrace_filter = ::Rails.backtrace_cleaner if ::Rails.respond_to?(:backtrace_cleaner)
+      if ::Rails.respond_to?(:backtrace_cleaner)
+        Minitest.backtrace_filter = BacktraceFilterWithFallback.new(::Rails.backtrace_cleaner, Minitest.backtrace_filter)
+      end
     end
 
     # Suppress summary reports when outputting inline rerun snippets.

data/lib/rails/api/task.rb

@@ -189,7 +189,7 @@ module Rails
 
     class EdgeTask < RepoTask
       def rails_version
-        "main@#{`git rev-parse HEAD`[0, 7]}"
+        "master@#{`git rev-parse HEAD`[0, 7]}"
       end
     end
 

data/lib/rails/application/bootstrap.rb

@@ -19,12 +19,12 @@ module Rails
 
       initializer :set_eager_load, group: :all do
         if config.eager_load.nil?
-          warn <<-INFO
-config.eager_load is set to nil. Please update your config/environments/*.rb files accordingly:
+          warn <<~INFO
+            config.eager_load is set to nil. Please update your config/environments/*.rb files accordingly:
 
-  * development - set it to false
-  * test - set it to false (unless you use a tool that preloads your test environment)
-  * production - set it to true
+              * development - set it to false
+              * test - set it to false (unless you use a tool that preloads your test environment)
+              * production - set it to true
 
           INFO
           config.eager_load = config.cache_classes

data/lib/rails/application/configuration.rb

@@ -2,7 +2,9 @@
 
 require "ipaddr"
 require "active_support/core_ext/kernel/reporting"
+require "active_support/core_ext/symbol/starts_ends_with"
 require "active_support/file_update_checker"
+require "active_support/configuration_file"
 require "rails/engine/configuration"
 require "rails/source_annotation_extractor"
 
@@ -12,14 +14,15 @@ module Rails
       attr_accessor :allow_concurrency, :asset_host, :autoflush_log,
                     :cache_classes, :cache_store, :consider_all_requests_local, :console,
                     :eager_load, :exceptions_app, :file_watcher, :filter_parameters,
-                    :force_ssl, :helpers_paths, :hosts, :logger, :log_formatter, :log_tags,
-                    :railties_order, :relative_url_root, :secret_key_base,
+                    :force_ssl, :helpers_paths, :hosts, :host_authorization, :logger, :log_formatter,
+                    :log_tags, :railties_order, :relative_url_root, :secret_key_base,
                     :ssl_options, :public_file_server,
                     :session_options, :time_zone, :reload_classes_only_on_change,
                     :beginning_of_week, :filter_redirect, :x, :enable_dependency_loading,
                     :read_encrypted_secrets, :log_level, :content_security_policy_report_only,
                     :content_security_policy_nonce_generator, :content_security_policy_nonce_directives,
-                    :require_master_key, :credentials, :disable_sandbox, :add_autoload_paths_to_load_path
+                    :require_master_key, :credentials, :disable_sandbox, :add_autoload_paths_to_load_path,
+                    :rake_eager_load
 
       attr_reader :encoding, :api_only, :loaded_config_version, :autoloader
 
@@ -31,7 +34,8 @@ module Rails
         @filter_parameters                       = []
         @filter_redirect                         = []
         @helpers_paths                           = []
-        @hosts                                   = Rails.env.development? ? ActionDispatch::HostAuthorization::ALLOWED_HOSTS_IN_DEVELOPMENT : []
+        @hosts                                   = Array(([".localhost", IPAddr.new("0.0.0.0/0"), IPAddr.new("::/0")] if Rails.env.development?))
+        @host_authorization                      = {}
         @public_file_server                      = ActiveSupport::OrderedOptions.new
         @public_file_server.enabled              = true
         @public_file_server.index_name           = "index"
@@ -69,6 +73,8 @@ module Rails
         @autoloader                              = :classic
         @disable_sandbox                         = false
         @add_autoload_paths_to_load_path         = true
+        @permissions_policy                      = nil
+        @rake_eager_load                         = false
       end
 
       # Loads default configurations. See {the result of the method for each version}[https://guides.rubyonrails.org/configuring.html#results-of-config-load-defaults].
@@ -110,7 +116,7 @@ module Rails
 
           if respond_to?(:active_support)
             active_support.use_authenticated_message_encryption = true
-            active_support.use_sha1_digests = true
+            active_support.hash_digest_class = ::Digest::SHA1
           end
 
           if respond_to?(:action_controller)
@@ -131,17 +137,12 @@ module Rails
 
           if respond_to?(:action_dispatch)
             action_dispatch.use_cookies_with_metadata = true
-            action_dispatch.return_only_media_type_on_content_type = false
           end
 
           if respond_to?(:action_mailer)
             action_mailer.delivery_job = "ActionMailer::MailDeliveryJob"
           end
 
-          if respond_to?(:active_job)
-            active_job.return_false_on_aborted_enqueue = true
-          end
-
           if respond_to?(:active_storage)
             active_storage.queues.analysis = :active_storage_analysis
             active_storage.queues.purge    = :active_storage_purge
@@ -152,6 +153,54 @@ module Rails
           if respond_to?(:active_record)
             active_record.collection_cache_versioning = true
           end
+        when "6.1"
+          load_defaults "6.0"
+
+          self.autoloader = :zeitwerk if %w[ruby truffleruby].include?(RUBY_ENGINE)
+
+          if respond_to?(:active_record)
+            active_record.has_many_inversing = true
+            active_record.legacy_connection_handling = false
+          end
+
+          if respond_to?(:active_storage)
+            active_storage.track_variants = true
+          end
+
+          if respond_to?(:active_job)
+            active_job.retry_jitter = 0.15
+            active_job.skip_after_callbacks_if_terminated = true
+          end
+
+          if respond_to?(:action_dispatch)
+            action_dispatch.cookies_same_site_protection = :lax
+            action_dispatch.ssl_default_redirect_status = 308
+          end
+
+          if respond_to?(:action_controller)
+            action_controller.urlsafe_csrf_tokens = true
+          end
+
+          if respond_to?(:action_view)
+            action_view.form_with_generates_remote_forms = false
+            action_view.preload_links_header = true
+          end
+
+          if respond_to?(:active_storage)
+            active_storage.queues.analysis = nil
+            active_storage.queues.purge = nil
+          end
+
+          if respond_to?(:action_mailbox)
+            action_mailbox.queues.incineration = nil
+            action_mailbox.queues.routing = nil
+          end
+
+          if respond_to?(:action_mailer)
+            action_mailer.deliver_later_queue_name = nil
+          end
+
+          ActiveSupport.utc_to_local_returns_utc_offset_times = true
         else
           raise "Unknown version #{target_version.to_s.inspect}"
         end
@@ -222,12 +271,9 @@ module Rails
         path = paths["config/database"].existent.first
         yaml = Pathname.new(path) if path
 
-        config = if yaml && yaml.exist?
-          require "yaml"
-          require "erb"
-          loaded_yaml = YAML.load(ERB.new(yaml.read).result) || {}
-          shared = loaded_yaml.delete("shared")
-          if shared
+        config = if yaml&.exist?
+          loaded_yaml = ActiveSupport::ConfigurationFile.parse(yaml)
+          if (shared = loaded_yaml.delete("shared"))
             loaded_yaml.each do |_k, values|
               values.reverse_merge!(shared)
             end
@@ -242,10 +288,6 @@ module Rails
         end
 
         config
-      rescue Psych::SyntaxError => e
-        raise "YAML syntax error occurred while parsing #{paths["config/database"].first}. " \
-              "Please note that YAML must be consistently indented using spaces. Tabs are not allowed. " \
-              "Error: #{e.message}"
       rescue => e
         raise e, "Cannot load database configuration:\n#{e.message}", e.backtrace
       end
@@ -302,6 +344,14 @@ module Rails
         end
       end
 
+      def permissions_policy(&block)
+        if block_given?
+          @permissions_policy = ActionDispatch::PermissionsPolicy.new(&block)
+        else
+          @permissions_policy
+        end
+      end
+
       def autoloader=(autoloader)
         case autoloader
         when :classic
@@ -332,8 +382,8 @@ module Rails
         end
 
         def method_missing(method, *args)
-          if method =~ /=$/
-            @configurations[$`.to_sym] = args.first
+          if method.end_with?("=")
+            @configurations[:"#{method[0..-2]}"] = args.first
           else
             @configurations.fetch(method) {
               @configurations[method] = ActiveSupport::OrderedOptions.new

data/lib/rails/application/default_middleware_stack.rb

@@ -13,10 +13,11 @@ module Rails
 
       def build_stack
         ActionDispatch::MiddlewareStack.new do |middleware|
-          middleware.use ::ActionDispatch::HostAuthorization, config.hosts, config.action_dispatch.hosts_response_app
+          middleware.use ::ActionDispatch::HostAuthorization, config.hosts, config.action_dispatch.hosts_response_app, **config.host_authorization
 
           if config.force_ssl
-            middleware.use ::ActionDispatch::SSL, **config.ssl_options
+            middleware.use ::ActionDispatch::SSL, **config.ssl_options,
+              ssl_default_redirect_status: config.action_dispatch.ssl_default_redirect_status
           end
 
           middleware.use ::Rack::Sendfile, config.action_dispatch.x_sendfile_header
@@ -43,7 +44,7 @@ module Rails
 
           middleware.use ::Rack::Runtime
           middleware.use ::Rack::MethodOverride unless config.api_only
-          middleware.use ::ActionDispatch::RequestId
+          middleware.use ::ActionDispatch::RequestId, header: config.action_dispatch.request_id_header
           middleware.use ::ActionDispatch::RemoteIp, config.action_dispatch.ip_spoofing_check, config.action_dispatch.trusted_proxies
 
           middleware.use ::Rails::Rack::Logger, config.log_tags
@@ -68,6 +69,7 @@ module Rails
 
           unless config.api_only
             middleware.use ::ActionDispatch::ContentSecurityPolicy::Middleware
+            middleware.use ::ActionDispatch::PermissionsPolicy::Middleware
           end
 
           middleware.use ::Rack::Head

data/lib/rails/application/finisher.rb

@@ -60,7 +60,18 @@ module Rails
 
           #{unload_message}
 
-          Please, check the "Autoloading and Reloading Constants" guide for solutions.
+          In order to autoload safely at boot time, please wrap your code in a reloader
+          callback this way:
+
+              Rails.application.reloader.to_prepare do
+                # Autoload classes and modules needed at boot time here.
+              end
+
+          That block runs when the application boots, and every time there is a reload.
+          For historical reasons, it may run twice, so it has to be idempotent.
+
+          Check the "Autoloading and Reloading Constants" guide to learn more about how
+          Rails autoloads and reloads.
         WARNING
       end
 
@@ -216,7 +227,9 @@ module Rails
           app.reloader.check = lambda { true }
         end
 
-        if config.reload_classes_only_on_change
+        if config.cache_classes
+          # No reloader
+        elsif config.reload_classes_only_on_change
           reloader = config.file_watcher.new(*watchable_args, &callback)
           reloaders << reloader
 

data/lib/rails/application/routes_reloader.rb

@@ -5,13 +5,14 @@ require "active_support/core_ext/module/delegation"
 module Rails
   class Application
     class RoutesReloader
-      attr_reader :route_sets, :paths
+      attr_reader :route_sets, :paths, :external_routes
       attr_accessor :eager_load
       delegate :execute_if_updated, :execute, :updated?, to: :updater
 
       def initialize
         @paths      = []
         @route_sets = []
+        @external_routes = []
         @eager_load = false
       end
 
@@ -26,7 +27,13 @@ module Rails
 
     private
       def updater
-        @updater ||= ActiveSupport::FileUpdateChecker.new(paths) { reload! }
+        @updater ||= begin
+          dirs = @external_routes.each_with_object({}) do |dir, hash|
+            hash[dir.to_s] = %w(rb)
+          end
+
+          ActiveSupport::FileUpdateChecker.new(paths, dirs) { reload! }
+        end
       end
 
       def clear!

data/lib/rails/application.rb

@@ -6,8 +6,8 @@ require "active_support/core_ext/object/blank"
 require "active_support/key_generator"
 require "active_support/message_verifier"
 require "active_support/encrypted_configuration"
-require "active_support/deprecation"
 require "active_support/hash_with_indifferent_access"
+require "active_support/configuration_file"
 require "rails/engine"
 require "rails/secrets"
 
@@ -45,7 +45,7 @@ module Rails
   # process. From the moment you require "config/application.rb" in your app,
   # the booting process goes like this:
   #
-  #   1)  require "config/boot.rb" to setup load paths
+  #   1)  require "config/boot.rb" to set up load paths
   #   2)  require railties and engines
   #   3)  Define Rails.application as "class MyApp::Application < Rails::Application"
   #   4)  Run config.before_configuration callbacks
@@ -205,12 +205,13 @@ module Rails
 
     # Convenience for loading config/foo.yml for the current Rails env.
     #
-    # Example:
+    # Examples:
     #
     #     # config/exception_notification.yml:
     #     production:
     #       url: http://127.0.0.1:8080
     #       namespace: my_app_production
+    #
     #     development:
     #       url: http://localhost:3001
     #       namespace: my_app_development
@@ -219,28 +220,40 @@ module Rails
     #     Rails.application.configure do
     #       config.middleware.use ExceptionNotifier, config_for(:exception_notification)
     #     end
+    #
+    #     # You can also store configurations in a shared section which will be
+    #     # merged with the environment configuration
+    #
+    #     # config/example.yml
+    #     shared:
+    #       foo:
+    #         bar:
+    #           baz: 1
+    #
+    #     development:
+    #       foo:
+    #         bar:
+    #           qux: 2
+    #
+    #     # development environment
+    #     Rails.application.config_for(:example)[:foo][:bar]
+    #     # => { baz: 1, qux: 2 }
     def config_for(name, env: Rails.env)
       yaml = name.is_a?(Pathname) ? name : Pathname.new("#{paths["config"].existent.first}/#{name}.yml")
 
       if yaml.exist?
         require "erb"
-        all_configs    = YAML.load(ERB.new(yaml.read).result) || {}
-        config, shared = all_configs[env], all_configs["shared"]
-
-        config ||= {} if shared.nil? || shared.is_a?(Hash)
+        all_configs    = ActiveSupport::ConfigurationFile.parse(yaml).deep_symbolize_keys
+        config, shared = all_configs[env.to_sym], all_configs[:shared]
 
         if config.is_a?(Hash)
-          ActiveSupport::OrderedOptions.new.update(NonSymbolAccessDeprecatedHash.new(shared&.deep_merge(config) || config))
+          ActiveSupport::OrderedOptions.new.update(shared&.deep_merge(config) || config)
         else
           config || shared
         end
       else
         raise "Could not load configuration. No such file - #{yaml}"
       end
-    rescue Psych::SyntaxError => error
-      raise "YAML syntax error occurred while parsing #{yaml}. " \
-        "Please note that YAML must be consistently indented using spaces. Tabs are not allowed. " \
-        "Error: #{error.message}"
     end
 
     # Stores some of the Rails initial environment parameters which
@@ -267,11 +280,13 @@ module Rails
           "action_dispatch.cookies_serializer" => config.action_dispatch.cookies_serializer,
           "action_dispatch.cookies_digest" => config.action_dispatch.cookies_digest,
           "action_dispatch.cookies_rotations" => config.action_dispatch.cookies_rotations,
+          "action_dispatch.cookies_same_site_protection" => coerce_same_site_protection(config.action_dispatch.cookies_same_site_protection),
           "action_dispatch.use_cookies_with_metadata" => config.action_dispatch.use_cookies_with_metadata,
           "action_dispatch.content_security_policy" => config.content_security_policy,
           "action_dispatch.content_security_policy_report_only" => config.content_security_policy_report_only,
           "action_dispatch.content_security_policy_nonce_generator" => config.content_security_policy_nonce_generator,
-          "action_dispatch.content_security_policy_nonce_directives" => config.content_security_policy_nonce_directives
+          "action_dispatch.content_security_policy_nonce_directives" => config.content_security_policy_nonce_directives,
+          "action_dispatch.permissions_policy" => config.permissions_policy,
         )
       end
     end
@@ -307,6 +322,12 @@ module Rails
       self.class.generators(&blk)
     end
 
+    # Sends any server called in the instance of a new application up
+    # to the +server+ method defined in Rails::Railtie.
+    def server(&blk)
+      self.class.server(&blk)
+    end
+
     # Sends the +isolate_namespace+ method up to the class method.
     def isolate_namespace(mod)
       self.class.isolate_namespace(mod)
@@ -377,20 +398,6 @@ module Rails
 
     attr_writer :config
 
-    # Returns secrets added to config/secrets.yml.
-    #
-    # Example:
-    #
-    #     development:
-    #       secret_key_base: 836fa3665997a860728bcb9e9a1e704d427cfc920e79d847d79c8a9a907b9e965defa4154b2b86bdec6930adbe33f21364523a6f6ce363865724549fdfc08553
-    #     test:
-    #       secret_key_base: 5a37811464e7d378488b0f073e2193b093682e4e21f5d6f3ae0a4e1781e61a351fdc878a843424e81c73fb484a40d23f92c8dafac4870e74ede6e5e174423010
-    #     production:
-    #       secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
-    #       namespace: my_app_production
-    #
-    # +Rails.application.secrets.namespace+ returns +my_app_production+ in the
-    # production environment.
     def secrets
       @secrets ||= begin
         secrets = ActiveSupport::OrderedOptions.new
@@ -405,7 +412,7 @@ module Rails
       end
     end
 
-    attr_writer :secrets
+    attr_writer :secrets, :credentials
 
     # The secret_key_base is used as the input secret to the application's key generator, which in turn
     # is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies.
@@ -481,10 +488,6 @@ module Rails
       config.helpers_paths
     end
 
-    console do
-      require "pp"
-    end
-
     console do
       unless ::Kernel.private_method_defined?(:y)
         require "psych/y"
@@ -516,9 +519,9 @@ module Rails
     def run_tasks_blocks(app) #:nodoc:
       railties.each { |r| r.run_tasks_blocks(app) }
       super
-      require "rails/tasks"
+      load "rails/tasks.rb"
       task :environment do
-        ActiveSupport.on_load(:before_initialize) { config.eager_load = false }
+        ActiveSupport.on_load(:before_initialize) { config.eager_load = config.rake_eager_load }
 
         require_environment!
       end
@@ -539,6 +542,11 @@ module Rails
       super
     end
 
+    def run_server_blocks(app) #:nodoc:
+      railties.each { |r| r.run_server_blocks(app) }
+      super
+    end
+
     # Returns the ordered railties for this application considering railties_order.
     def ordered_railties #:nodoc:
       @ordered_railties ||= begin
@@ -585,7 +593,7 @@ module Rails
       elsif secret_key_base
         raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String`"
       else
-        raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `rails credentials:edit`"
+        raise ArgumentError, "Missing `secret_key_base` for '#{Rails.env}' environment, set this string with `bin/rails credentials:edit`"
       end
     end
 
@@ -617,50 +625,8 @@ module Rails
         config.app_middleware + super
       end
 
-      class NonSymbolAccessDeprecatedHash < HashWithIndifferentAccess # :nodoc:
-        def initialize(value = nil)
-          if value.is_a?(Hash)
-            value.each_pair { |k, v| self[k] = v }
-          else
-            super
-          end
-        end
-
-        def []=(key, value)
-          regular_writer(key.to_sym, convert_value(value, for: :assignment))
-        end
-
-        private
-          def convert_key(key)
-            unless key.kind_of?(Symbol)
-              ActiveSupport::Deprecation.warn(<<~MESSAGE.squish)
-                Accessing hashes returned from config_for by non-symbol keys
-                is deprecated and will be removed in Rails 6.1.
-                Use symbols for access instead.
-              MESSAGE
-
-              key = key.to_sym
-            end
-
-            key
-          end
-
-          def convert_value(value, options = {}) # :doc:
-            if value.is_a? Hash
-              if options[:for] == :to_hash
-                value.to_hash
-              else
-                self.class.new(value)
-              end
-            elsif value.is_a?(Array)
-              if options[:for] != :assignment || value.frozen?
-                value = value.dup
-              end
-              value.map! { |e| convert_value(e, options) }
-            else
-              value
-            end
-          end
+      def coerce_same_site_protection(protection)
+        protection.respond_to?(:call) ? protection : proc { protection }
       end
   end
 end

data/lib/rails/backtrace_cleaner.rb

@@ -1,21 +1,26 @@
 # frozen_string_literal: true
 
 require "active_support/backtrace_cleaner"
+require "active_support/core_ext/string/access"
 
 module Rails
   class BacktraceCleaner < ActiveSupport::BacktraceCleaner
-    APP_DIRS_PATTERN = /^\/?(app|config|lib|test|\(\w*\))/
+    APP_DIRS_PATTERN = /\A(?:\.\/)?(?:app|config|lib|test|\(\w*\))/
     RENDER_TEMPLATE_PATTERN = /:in `.*_\w+_{2,3}\d+_\d+'/
-    EMPTY_STRING = ""
-    SLASH        = "/"
-    DOT_SLASH    = "./"
 
     def initialize
       super
       @root = "#{Rails.root}/"
-      add_filter { |line| line.sub(@root, EMPTY_STRING) }
-      add_filter { |line| line.sub(RENDER_TEMPLATE_PATTERN, EMPTY_STRING) }
-      add_filter { |line| line.sub(DOT_SLASH, SLASH) } # for tests
+      add_filter do |line|
+        line.start_with?(@root) ? line.from(@root.size) : line
+      end
+      add_filter do |line|
+        if RENDER_TEMPLATE_PATTERN.match?(line)
+          line.sub(RENDER_TEMPLATE_PATTERN, "")
+        else
+          line
+        end
+      end
       add_silencer { |line| !APP_DIRS_PATTERN.match?(line) }
     end
   end

data/lib/rails/code_statistics.rb

@@ -40,13 +40,13 @@ class CodeStatistics #:nodoc:
       Hash[@pairs.map { |pair| [pair.first, calculate_directory_statistics(pair.last)] }]
     end
 
-    def calculate_directory_statistics(directory, pattern = /^(?!\.).*?\.(rb|js|coffee|rake)$/)
+    def calculate_directory_statistics(directory, pattern = /^(?!\.).*?\.(rb|js|ts|coffee|rake)$/)
       stats = CodeStatisticsCalculator.new
 
       Dir.foreach(directory) do |file_name|
         path = "#{directory}/#{file_name}"
 
-        if File.directory?(path) && (/^\./ !~ file_name)
+        if File.directory?(path) && !file_name.start_with?(".")
           stats.add(calculate_directory_statistics(path, pattern))
         elsif file_name&.match?(pattern)
           stats.add_by_file_path(path)
@@ -75,7 +75,7 @@ class CodeStatistics #:nodoc:
     end
 
     def width_for(label)
-      [@statistics.values.sum { |s| s.send(label) }.to_s.size, HEADERS[label].length].max
+      [@statistics.values.sum { |s| s.public_send(label) }.to_s.size, HEADERS[label].length].max
     end
 
     def print_header