roda 3.51.0 → 3.52.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f935481900b15707f29c41122e9ba1101e4a1bb7b6e53ef6c7819f8e0113fb23
-  data.tar.gz: 3f4938ea16d81085a0b9ee365f1cc8d317fbafd06674f1cf0e8dda37b70f3b05
+  metadata.gz: df634d0506d88725400ff1b82d04da87928761e9b65937c443e95cd0c084b18f
+  data.tar.gz: fd7e182f69a5f01cc33a654f2a94602aa121562c7b0e46b75c6bfb3e28b320bf
 SHA512:
-  metadata.gz: 00b35a151be77f3ed93ee0b664ce2b77162b1f14c02194e0228ec99969194c54c4ca0ddd538e0eb8bfcb4109ea6712428b554da06d69e572aaffa4d854e76559
-  data.tar.gz: ceb138da62c24fa2a3be1a57eda9187190f96b974483719894e0368ad47402258123d651403b373c09ff801d816cae2d0f9c88dcf154e2226fba4a864b9ed64d
+  metadata.gz: 9985fce952a85040aca26f103d82ae5762c0fb70d2c31ee9539bd053bbb700fcb97461114ca6c7f17f7be68eaa2a9e79e89826a54c5caad7c0004ea0d3eaefb5
+  data.tar.gz: baf99483bd37a9c74c38c3a28bb78d030e5107fceae437065cd7d7237db3ac106535ded55727b339898c398d6198872fbd6ec8c2be23854c88d7a908502c89a4

data/CHANGELOG

@@ -1,3 +1,15 @@
+= 3.52.0 (2022-01-14)
+
+* Fix return value of Roda.freeze when multi_route plugin is used (jeremyevans) (#240)
+
+* Use faster OpenSSL::Digest instead of Digest for assets plugin SRI support (jeremyevans)
+
+* Drop development dependency on haml (jeremyevans)
+
+* Make the path method in the path plugin handle blocks that accept keyword arguments in Ruby 3+ (adam12) (#227)
+
+* Support typecast_params :date_parse_input_handler plugin option for handling input to date parsing methods (jeremyevans)
+
 = 3.51.0 (2021-12-15)
 
 * Avoid method redefinition warning in error_handler plugin in verbose warning mode (jeremyevans)

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014-2021 Jeremy Evans
+Copyright (c) 2014-2022 Jeremy Evans
 Copyright (c) 2010-2014 Michel Martens, Damian Janowski and Cyril David
 Copyright (c) 2008-2009 Christian Neukirchen
 

data/doc/release_notes/3.52.0.txt

@@ -0,0 +1,20 @@
+= New Features
+
+* The typecast_params plugin now supports a :date_parse_input_handler
+  option that will be called with all input that will be passed to
+  the date parsing methods.  You can use this option to automatically
+  truncate input, if that is perferable to raising an error (which is
+  how recent versions of Ruby handle too-long input).
+
+= Other Improvements
+
+* The path helper methods added by the path plugin now support
+  blocks that use keyword arguments on Ruby 3+.
+
+* The assets plugin now uses OpenSSL::Digest instead of Digest (if
+  available) for calculating SRI digests.  This is faster on Ruby 3+,
+  where Digest no longer uses the faster OpenSSL::Digest automatically
+  if available.
+
+* Roda.freeze now returns self when the multi_route plugin is used.
+  This was broken (not returning self) starting in 3.48.0.

data/lib/roda/plugins/assets.rb

@@ -641,9 +641,17 @@ class Roda
         # a different digest type or to return a static string if you don't
         # want to use a unique value.
         def asset_digest(content)
-          require 'digest/sha2'
           algo = assets_opts[:sri] || :sha256
-          ::Digest.const_get(algo.to_s.upcase).hexdigest(content)
+          digest = begin
+            require 'openssl'
+            ::OpenSSL::Digest
+          # :nocov:
+          rescue LoadError
+            require 'digest/sha2'
+            ::Digest
+          # :nocov:
+          end
+          digest.const_get(algo.to_s.upcase).hexdigest(content)
         end
       end
 

data/lib/roda/plugins/multi_route.rb

@@ -98,6 +98,7 @@ class Roda
             self::RodaRequest.named_route_regexp(k)
           end
           self::RodaRequest.instance_variable_get(:@namespaced_route_regexps).freeze
+          self
         end
 
         # Copy the named routes into the subclass when inheriting.

data/lib/roda/plugins/path.rb

@@ -148,11 +148,17 @@ class Roda
                 # Allow calling private _method to get path
                 relative_path(request.script_name.to_s + send(_meth, *a, &blk))
               end
+              # :nocov:
+              ruby2_keywords(meth) if respond_to?(:ruby2_keywords, true)
+              # :nocov:
             elsif add_script_name
               define_method(meth) do |*a, &blk|
                 # Allow calling private _method to get path
                 request.script_name.to_s + send(_meth, *a, &blk)
               end
+              # :nocov:
+              ruby2_keywords(meth) if respond_to?(:ruby2_keywords, true)
+              # :nocov:
             else
               define_method(meth, &block)
             end
@@ -171,6 +177,9 @@ class Roda
             end
 
             define_method(url_meth, &url_block)
+            # :nocov:
+            ruby2_keywords(url_meth) if respond_to?(:ruby2_keywords, true)
+            # :nocov:
           end
 
           nil

data/lib/roda/plugins/typecast_params.rb

@@ -265,6 +265,23 @@ class Roda
     # If you would like to skip this check and allow null bytes in param string values,
     # you can do by passing the <tt>:allow_null_bytes</tt> option when loading the plugin.
     #
+    # You can use the :date_parse_input_handler option to specify custom handling of date
+    # parsing input.  Modern versions of Ruby and the date gem internally raise if the input to
+    # date parsing methods is too large to prevent denial of service.  If you are using an
+    # older version of Ruby, you can use this option to enforce the same check:
+    #
+    #   plugin :typecast_params, date_parse_input_handler: proc {|string|
+    #       raise ArgumentError, "too big" if string.bytesize > 128
+    #       string
+    #     }
+    #
+    # You can also use this option to modify the input, such as truncating it to the first
+    # 128 bytes:
+    #
+    #   plugin :typecast_params, date_parse_input_handler: proc {|string|
+    #       string.b[0, 128]
+    #     }
+    #
     # By design, typecast_params only deals with string keys, it is not possible to use
     # symbol keys as arguments to the conversion methods and have them converted.
     module TypecastParams
@@ -384,6 +401,14 @@ class Roda
         end
       end
 
+      module DateParseInputHandler
+        # Pass input string to date parsing through handle_date_parse_input.
+        def _string_parse!(klass, v)
+          v = handle_date_parse_input(v)
+          super
+        end
+      end
+
       # Class handling conversion of submitted parameters to desired types.
       class Params
         # Handle conversions for the given type using the given block.
@@ -999,11 +1024,16 @@ class Roda
           when ''
             nil
           when String
-            klass.parse(v)
+            _string_parse!(klass, v)
           else
             raise Error, "unexpected value received: #{v.inspect}"
           end
         end
+
+        # Handle parsing for string values passed to parse!.
+        def _string_parse!(klass, v)
+          klass.parse(v)
+        end
       end
 
       # Set application-specific Params subclass unless one has been set,
@@ -1019,6 +1049,14 @@ class Roda
         if opts[:allow_null_bytes]
           app::TypecastParams.send(:include, AllowNullByte)
         end
+        if opts[:date_parse_input_handler]
+          app::TypecastParams.class_eval do
+            include DateParseInputHandler
+            define_method(:handle_date_parse_input, &opts[:date_parse_input_handler])
+            private :handle_date_parse_input
+            alias handle_date_parse_input handle_date_parse_input
+          end
+        end
       end
 
       module ClassMethods

data/lib/roda/version.rb

@@ -4,7 +4,7 @@ class Roda
   RodaMajorVersion = 3
 
   # The minor version of Roda, updated for new feature releases of Roda.
-  RodaMinorVersion = 51
+  RodaMinorVersion = 52
 
   # The patch version of Roda, updated only for bug fixes from the last
   # feature release.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: roda
 version: !ruby/object:Gem::Version
-  version: 3.51.0
+  version: 3.52.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-12-15 00:00:00.000000000 Z
+date: 2022-01-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -94,20 +94,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: haml
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: rack_csrf
   requirement: !ruby/object:Gem::Requirement
@@ -223,6 +209,7 @@ extra_rdoc_files:
 - doc/release_notes/3.5.0.txt
 - doc/release_notes/3.50.0.txt
 - doc/release_notes/3.51.0.txt
+- doc/release_notes/3.52.0.txt
 - doc/release_notes/3.6.0.txt
 - doc/release_notes/3.7.0.txt
 - doc/release_notes/3.8.0.txt
@@ -281,6 +268,7 @@ files:
 - doc/release_notes/3.5.0.txt
 - doc/release_notes/3.50.0.txt
 - doc/release_notes/3.51.0.txt
+- doc/release_notes/3.52.0.txt
 - doc/release_notes/3.6.0.txt
 - doc/release_notes/3.7.0.txt
 - doc/release_notes/3.8.0.txt
@@ -425,7 +413,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
+rubygems_version: 3.3.3
 signing_key: 
 specification_version: 4
 summary: Routing tree web toolkit