RubyGems - savon - Versions diffs - 2.17.0 → 2.17.1 - Mend

savon 2.17.0 → 2.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/README.md +38 -63
data/lib/savon/operation.rb +6 -2
data/lib/savon/transport/faraday.rb +4 -5
data/lib/savon/transport/httpi.rb +0 -2
data/lib/savon/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e494bfc08714bcce13c230100c2d5677ac2b40cca1a5afb2312534b41c4c81e9
-  data.tar.gz: fb3b31cb0684a0e7742f247f121a9d3d5749fc932ea089ae26bf4af59fd48e24
+  metadata.gz: 00ae14802f108cb0df2757b85888a35df4b6b0e462ae0d01c1eedc9b4f9c123c
+  data.tar.gz: cee1d2d13ed6e869611817271c43352c470c4c7fb79e72dc7e6e7a4d9ac37191
 SHA512:
-  metadata.gz: b79c099e954cb9bb176a898f515d12bcaaa557d5d15045155029e6322f3121b5304daf76e07d0927323f3e6481b43aee754d0bfa516eb0890807f12ecc6c6053
-  data.tar.gz: f39e6773c7c20d254857a420f6c54f38b74e1e0e64cf2e51254ca4ab43b482e2bb910860fc1f86ce86c18653e940caae115b5ace3dcad8c83db819370dd77b8c
+  metadata.gz: 8b754234ac51e2213f92254a88345743cc54e09026e220d85931b8bfe0ba78f5a417f81e561047b37410f52713f3583120c6d3095ab68a2b9705427f03822d07
+  data.tar.gz: 49a3260e064073d9370b80b376db5f9c75bab5e38dbdf7db2ffc8533dc2a58652bb0699830468f1e59319a98fd7210503a6c999b386e3ec6c9f4d23ac7f813e1

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,10 @@
 # Savon changelog
+## 2.17.1 (2026-05-21)
+* Fix: [#1008](https://github.com/savonrb/savon/pull/1008) - The HTTPI and Faraday transports no longer set an explicit `Content-Length` request header. The underlying HTTP library already computes it from the body; sending it as well produced a duplicate header on adapters that do not deduplicate (e.g. httpclient), which some servers reject.
+* Fix: Requests using `attachments` were sent with a plain `text/xml` Content-Type instead of `multipart/related`. The 2.17.0 transport refactor assembled the request headers before the multipart body was built, leaving `Builder#multipart` empty at header time, so servers received a multipart body labelled as plain XML. 2.16.x and earlier are unaffected.
 ## 2.17.0 (2026-05-19)
 **Add opt-in Faraday transport**

data/README.md CHANGED Viewed

@@ -2,103 +2,78 @@
 Heavy metal SOAP client
-[Documentation](https://www.rubydoc.info/gems/savon/) | [Support](https://stackoverflow.com/questions/tagged/savon) |
-[Mailing list](https://groups.google.com/forum/#!forum/savonrb)
 [![Ruby](https://github.com/savonrb/savon/actions/workflows/ci.yml/badge.svg)](https://github.com/savonrb/savon/actions/workflows/ci.yml)
 [![Gem Version](https://badge.fury.io/rb/savon.svg)](http://badge.fury.io/rb/savon)
 [![Coverage Status](https://coveralls.io/repos/savonrb/savon/badge.svg)](https://coveralls.io/r/savonrb/savon)
+Savon is a SOAP client for Ruby. [SOAP is the protocol](https://www.w3.org/TR/soap/) spoken by many enterprise systems in banking, government, ERP or payroll. When they hand you a WSDL URL or file instead of a REST spec, it's SOAP. Savon reads the WSDL, maps available operations to Ruby symbols, converts Ruby hashes to SOAP envelopes and turns XML responses into hashes you can work with.
-## Installation
-Savon is available through [Rubygems](http://rubygems.org/gems/savon) and can be installed via:
-```
-$ gem install savon
-```
+Full documentation is at [savonrb.com](https://savonrb.com).
-or add it to your Gemfile like this:
+## Installation
-```
-gem 'savon', '~> 2.15.0'
+```ruby
+gem 'savon', '~> 2.17'
 ```
-## Usage example
+## Usage
-``` ruby
+```ruby
 require 'savon'
-# create a client for the service
-client = Savon.client(wsdl: 'http://service.example.com?wsdl')
-# or: create a client with a wsdl provided as a string
-client = Savon.client do |config|
-  wsdl_content = File.read("/path/to/wsdl")
-  config.wsdl wsdl_content
-end
+# Point Savon to a local or remote WSDL document
+client = Savon.client(wsdl: 'https://service.example.com?wsdl')
+# See what the service exposes
 client.operations
-# => [:find_user, :list_users]
+# => [:find_user, :create_user]
-# call the 'findUser' operation
+# Make a request and work with the response
 response = client.call(:find_user, message: { id: 42 })
+response.body[:find_user_response]
+# => { id: 42, name: "Hoff" }
-response.body
-# => { find_user_response: { id: 42, name: 'Hoff' } }
+# Savon raises a Savon::SOAPFault when the server returns a SOAP fault
+rescue Savon::SOAPFault => e
+  puts e.to_hash.dig(:fault, :faultstring)
 ```
-For more examples, you should check out the
-[integration tests](https://github.com/savonrb/savon/tree/version2/spec/integration).
-## Faraday transport
-Savon uses HTTPI for HTTP by default. To opt into Faraday instead, add `faraday` to your Gemfile and set `transport: :faraday`:
+Enable logging to see the raw SOAP envelopes. That's probably the single most useful thing while getting a new integration working:
 ```ruby
 client = Savon.client(
-  transport: :faraday,
-  wsdl: "http://service.example.com?wsdl"
+  wsdl: 'https://service.example.com?wsdl',
+  pretty_print_xml: true,
+  log: true
 )
 ```
-Configure SSL, auth, timeouts, middleware, and anything else transport-related on the `Faraday::Connection` before making calls:
+### Authentication
-```ruby
-client.faraday.ssl.verify               = false
-client.faraday.options.timeout          = 30
-client.faraday.options.open_timeout     = 5
-client.faraday.headers["Authorization"] = "Bearer #{token}"
-client.faraday.use Faraday::Response::Logger
-```
+Most enterprise services require authentication. Common options:
-## Ruby version support
-Every savon release is tested with contemporary supported versions of ruby. Historical compatibility information:
+```ruby
+# HTTP basic auth
+Savon.client(wsdl: '...', basic_auth: ['user', 'secret'])
-* `main` - same support as Ruby
-* 2.15.x - MRI 3.0, 3.1, 3.2, 3.3
-* 2.13.x, 2.14.x - MRI 2.7, 3.0, 3.1
-* 2.12.x - MRI 2.2, 2.3, 2.4, 2.5
-* 2.11.x - MRI 2.0, 2.1, 2.2, and 2.3
+# WS-Security (WSSE)
+Savon.client(wsdl: '...', wsse_auth: ['user', 'secret', :digest], wsse_timestamp: true)
+```
-If you are running MRI 1.8.7, try a 2.6.x release.
+See [Authentication](https://savonrb.com/version2/globals.html) on the website for HTTP digest, NTLM, and certificate-based options.
-Most changes are not backported to older versions of savon, or unsupported ruby versions.
+### Transport
-## Running tests
+Savon uses [HTTPI](https://github.com/savonrb/httpi) for HTTP by default. Since v2.17.0 you can opt-in to use Faraday by passing `transport: :faraday` which exposes the Faraday connection at `client.faraday` for you to configure. Savon is only adding some SOAP-specifics on top.
-```bash
-$ bundle install
-$ bundle exec rspec
-```
+## Ruby support
-## FAQ
+Savon 2.x requires Ruby 3.0 or later. See the [changelog](CHANGELOG.md) for historical compatibility.
-* URI::InvalidURIError -- if you see this error, then it is likely that the http client you are using cannot parse the URI for your WSDL. Try `gem install httpclient` or add it to your `Gemfile`.
-  - See https://github.com/savonrb/savon/issues/488 for more info
+## Known limitations
+**WSDL imports are not followed.** Savon parses only the root WSDL document via [Wasabi](https://github.com/savonrb/wasabi). Messages, port types, and bindings defined in imported files are invisible to Savon. If you control the WSDL, merge the imported elements into the root document and pass that to Savon as a string. If you need full import support, the [WSDL](https://rubygems.org/gems/wsdl) gem is an alternative.
-## Documentation
+## Contributing
-Please be sure to [read the documentation](https://www.rubydoc.info/github/savonrb/savon/).
+See [CONTRIBUTING.md](CONTRIBUTING.md). MIT licensed.

data/lib/savon/operation.rb CHANGED Viewed

@@ -78,7 +78,9 @@ module Savon
       response =
         if response.nil?
-          @transport.post(endpoint.to_s, soap_headers(builder), builder.to_s, @locals)
+          body = builder.to_s
+          headers = soap_headers(builder)
+          @transport.post(endpoint.to_s, headers, body, @locals)
         else
           normalize_observer_response(response)
         end
@@ -97,7 +99,9 @@ module Savon
       end
       builder = build(locals, &block)
-      @transport.to_httpi_request(endpoint.to_s, soap_headers(builder), builder.to_s, @locals)
+      # Build the body before soap_headers - see #call.
+      body = builder.to_s
+      @transport.to_httpi_request(endpoint.to_s, soap_headers(builder), body, @locals)
     end
     private

data/lib/savon/transport/faraday.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Savon
     # Faraday-backed HTTP transport for the opt-in Faraday path.
     #
     # Encapsulates everything Faraday-specific:
-    #   * header assembly (SOAP + global + local + cookies + Content-Length)
+    #   * header assembly (SOAP + global + local + cookies)
     #   * request execution via the caller-configured Faraday::Connection
     #
     # Transport-level concerns (SSL, auth, proxy, timeouts, middleware) are
@@ -33,7 +33,7 @@ module Savon
       # @param locals       [Savon::LocalOptions] per-request options
       # @return             [Transport::Response]
       def post(url, soap_headers, body, locals)
-        headers = build_headers(soap_headers, body, locals)
+        headers = build_headers(soap_headers, locals)
         log_request(url, headers, body) if log?
@@ -49,8 +49,8 @@ module Savon
       # Merges all header sources in precedence order:
       # locals[:headers] > globals[:headers] > soap_headers
-      # Appends Cookie from locals[:cookies] and Content-Length from body.
-      def build_headers(soap_headers, body, locals)
+      # Appends Cookie from locals[:cookies].
+      def build_headers(soap_headers, locals)
         headers = {}
         headers.merge!(@globals[:headers]) if @globals.include?(:headers)
         headers.merge!(locals[:headers])   if locals.include?(:headers)
@@ -62,7 +62,6 @@ module Savon
           headers["Cookie"] = locals[:cookies].map(&:name_and_value).join(";")
         end
-        headers["Content-Length"] = body.bytesize.to_s
         headers
       end
     end

data/lib/savon/transport/httpi.rb CHANGED Viewed

@@ -60,8 +60,6 @@ module Savon
           headers["Cookie"] = locals[:cookies].map(&:name_and_value).join(";")
         end
-        headers["Content-Length"] = body.bytesize.to_s
         http_request = ::HTTPI::Request.new
         http_request.url = url
         http_request.body = body

data/lib/savon/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Savon
-  VERSION = '2.17.0'
+  VERSION = '2.17.1'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: savon
 version: !ruby/object:Gem::Version
-  version: 2.17.0
+  version: 2.17.1
 platform: ruby
 authors:
 - Daniel Harrington