RubyGems - sinatra - Versions diffs - 2.1.0 → 2.2.4 - Mend

sinatra 2.1.0 → 2.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of sinatra might be problematic. Click here for more details.

Files changed (15) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +82 -0
data/Gemfile +4 -5
data/MAINTENANCE.md +2 -15
data/README.de.md +13 -13
data/README.es.md +59 -30
data/README.ja.md +61 -31
data/README.md +27 -27
data/README.pt-br.md +60 -60
data/VERSION +1 -1
data/lib/sinatra/base.rb +59 -46
data/lib/sinatra/indifferent_hash.rb +14 -0
data/lib/sinatra/version.rb +1 -1
data/sinatra.gemspec +3 -9
metadata +11 -22

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 2.1.0
1	+ 2.2.4

data/lib/sinatra/base.rb CHANGED Viewed

@@ -78,6 +78,8 @@ module Sinatra
       super
     rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
       raise BadRequest, "Invalid query parameters: #{Rack::Utils.escape_html(e.message)}"
+    rescue EOFError => e
+      raise BadRequest, "Invalid multipart/form-data: #{Rack::Utils.escape_html(e.message)}"
     end
     class AcceptEntry
@@ -188,7 +190,7 @@ module Sinatra
         headers["Content-Length"] = body.map(&:bytesize).reduce(0, :+).to_s
       end
-      [status.to_i, headers, result]
+      [status, headers, result]
     end
     private
@@ -198,11 +200,11 @@ module Sinatra
     end
     def drop_content_info?
-      status.to_i / 100 == 1 or drop_body?
+      informational? or drop_body?
     end
     def drop_body?
-      DROP_BODY_RESPONSES.include?(status.to_i)
+      DROP_BODY_RESPONSES.include?(status)
     end
   end
@@ -379,16 +381,23 @@ module Sinatra
       response['Content-Type'] = mime_type
     end
+    # https://html.spec.whatwg.org/#multipart-form-data
+    MULTIPART_FORM_DATA_REPLACEMENT_TABLE = {
+      '"'  => '%22',
+      "\r" => '%0D',
+      "\n" => '%0A'
+    }.freeze
     # Set the Content-Disposition to "attachment" with the specified filename,
     # instructing the user agents to prompt to save.
     def attachment(filename = nil, disposition = :attachment)
       response['Content-Disposition'] = disposition.to_s.dup
-      if filename
-        params = '; filename="%s"' % File.basename(filename)
-        response['Content-Disposition'] << params
-        ext = File.extname(filename)
-        content_type(ext) unless response['Content-Type'] or ext.empty?
-      end
+      return unless filename
+      params = format('; filename="%s"', File.basename(filename).gsub(/["\r\n]/, MULTIPART_FORM_DATA_REPLACEMENT_TABLE))
+      response['Content-Disposition'] << params
+      ext = File.extname(filename)
+      content_type(ext) unless response['Content-Type'] || ext.empty?
     end
     # Use the contents of the file at +path+ as the response body.
@@ -869,12 +878,12 @@ module Sinatra
     def compile_template(engine, data, options, views)
       eat_errors = options.delete :eat_errors
-      template_cache.fetch engine, data, options, views do
-        template = Tilt[engine]
-        raise "Template engine not found: #{engine}" if template.nil?
+      template = Tilt[engine]
+      raise "Template engine not found: #{engine}" if template.nil?
-        case data
-        when Symbol
+      case data
+      when Symbol
+        template_cache.fetch engine, data, options, views do
           body, path, line = settings.templates[data]
           if body
             body = body.call if body.respond_to?(:call)
@@ -892,17 +901,24 @@ module Sinatra
             throw :layout_missing if eat_errors and not found
             template.new(path, 1, options)
           end
-        when Proc, String
-          body = data.is_a?(String) ? Proc.new { data } : data
-          caller = settings.caller_locations.first
-          path = options[:path] || caller[0]
-          line = options[:line] || caller[1]
-          template.new(path, line.to_i, options, &body)
-        else
-          raise ArgumentError, "Sorry, don't know how to render #{data.inspect}."
         end
+      when Proc
+        compile_block_template(template, options, &data)
+      when String
+        template_cache.fetch engine, data, options, views do
+          compile_block_template(template, options) { data }
+        end
+      else
+        raise ArgumentError, "Sorry, don't know how to render #{data.inspect}."
       end
     end
+    def compile_block_template(template, options, &body)
+      caller = settings.caller_locations.first
+      path = options[:path] || caller[0]
+      line = options[:line] || caller[1]
+      template.new(path, line.to_i, options, &body)
+    end
   end
   # Base class for all Sinatra applications and middleware.
@@ -916,7 +932,7 @@ module Sinatra
     attr_accessor :app, :env, :request, :response, :params
     attr_reader   :template_cache
-    def initialize(app = nil)
+    def initialize(app = nil, **kwargs)
       super()
       @app = app
       @template_cache = Tilt::Cache.new
@@ -934,6 +950,7 @@ module Sinatra
       @params   = IndifferentHash.new
       @request  = Request.new(env)
       @response = Response.new
+      @pinned_response = nil
       template_cache.clear if settings.reload_templates
       invoke { dispatch! }
@@ -994,11 +1011,11 @@ module Sinatra
     # Run filters defined on the class and all superclasses.
     # Accepts an optional block to call after each filter is applied.
-    def filter!(type, base = settings)
-      filter! type, base.superclass if base.superclass.respond_to?(:filters)
+    def filter!(type, base = settings, &block)
+      filter!(type, base.superclass, &block) if base.superclass.respond_to?(:filters)
       base.filters[type].each do |args|
         result = process_route(*args)
-        yield result if block_given?
+        block.call(result) if block_given?
       end
     end
@@ -1006,7 +1023,7 @@ module Sinatra
     def route!(base = settings, pass_block = nil)
       if routes = base.routes[@request.request_method]
         routes.each do |pattern, conditions, block|
-          @response.delete_header('Content-Type') unless @pinned_response
+          response.delete_header('Content-Type') unless @pinned_response
           returned_pass_block = process_route(pattern, conditions) do |*args|
             env['sinatra.route'] = "#{@request.request_method} #{pattern}"
@@ -1089,6 +1106,7 @@ module Sinatra
       return unless valid_path?(path)
       path = File.expand_path(path)
+      return unless path.start_with?(File.expand_path(public_dir) + '/')
       return unless File.file?(path)
       env['sinatra.static_file'] = path
@@ -1124,7 +1142,7 @@ module Sinatra
       invoke do
         static! if settings.static? && (request.get? || request.head?)
         filter! :before do
-          @pinned_response = !@response['Content-Type'].nil?
+          @pinned_response = !response['Content-Type'].nil?
         end
         route!
       end
@@ -1145,7 +1163,7 @@ module Sinatra
       end
       @env['sinatra.error'] = boom
-      if boom.respond_to? :http_status
+      if boom.respond_to? :http_status and boom.http_status.between? 400, 599
         status(boom.http_status)
       elsif settings.use_code? and boom.respond_to? :code and boom.code.between? 400, 599
         status(boom.code)
@@ -1153,8 +1171,6 @@ module Sinatra
         status(500)
       end
-      status(500) unless status.between? 400, 599
       if server_error?
         dump_errors! boom if settings.dump_errors?
         raise boom if settings.show_exceptions? and settings.show_exceptions != :after_handler
@@ -1168,7 +1184,7 @@ module Sinatra
       if not_found? || bad_request?
         if boom.message && boom.message != boom.class.name
-          body boom.message
+          body Rack::Utils.escape_html(boom.message)
         else
           content_type 'text/html'
           body '<h1>' + (not_found? ? 'Not Found' : 'Bad Request') + '</h1>'
@@ -1221,6 +1237,10 @@ module Sinatra
       attr_reader :routes, :filters, :templates, :errors
+      def callers_to_ignore
+        CALLERS_TO_IGNORE
+      end
       # Removes all routes, filters, middleware and extension hooks from the
       # current class (not routes/filters/... defined by its superclass).
       def reset!
@@ -1442,7 +1462,7 @@ module Sinatra
       # in `extensions` available to the handlers and templates
       def helpers(*extensions, &block)
         class_eval(&block)   if block_given?
-        prepend(*extensions) if extensions.any?
+        include(*extensions) if extensions.any?
       end
       # Register an extension. Alternatively take a block from which an
@@ -1471,6 +1491,7 @@ module Sinatra
         @prototype = nil
         @middleware << [middleware, args, block]
       end
+      ruby2_keywords(:use) if respond_to?(:ruby2_keywords, true)
       # Stop the self-hosted server if running.
       def quit!
@@ -1490,7 +1511,7 @@ module Sinatra
       def run!(options = {}, &block)
         return if running?
         set options
-        handler         = detect_rack_handler
+        handler         = Rack::Handler.pick(server)
         handler_name    = handler.name.gsub(/.*::/, '')
         server_settings = settings.respond_to?(:server_settings) ? settings.server_settings : {}
         server_settings.merge!(:Port => port, :Host => bind)
@@ -1527,6 +1548,7 @@ module Sinatra
         instance = new!(*args, &bk)
         Wrapper.new(build(instance).to_app, instance)
       end
+      ruby2_keywords :new if respond_to?(:ruby2_keywords, true)
       # Creates a Rack::Builder instance with all the middleware set up and
       # the given +app+ as end point.
@@ -1744,17 +1766,6 @@ module Sinatra
         builder.use session_store, options
       end
-      def detect_rack_handler
-        servers = Array(server)
-        servers.each do |server_name|
-          begin
-            return Rack::Handler.get(server_name.to_s)
-          rescue LoadError, NameError
-          end
-        end
-        fail "Server handler (#{servers.join(',')}) not found."
-      end
       def inherited(subclass)
         subclass.reset!
         subclass.set :app_file, caller_files.first unless subclass.app_file?
@@ -1779,7 +1790,7 @@ module Sinatra
       def cleaned_caller(keep = 3)
         caller(1).
           map!    { |line| line.split(/:(?=\d|in )/, 3)[0,keep] }.
-          reject { |file, *_| CALLERS_TO_IGNORE.any? { |pattern| file =~ pattern } }
+          reject { |file, *_| callers_to_ignore.any? { |pattern| file =~ pattern } }
       end
     end
@@ -1958,6 +1969,8 @@ module Sinatra
           return super(*args, &block) if respond_to? method_name
           Delegator.target.send(method_name, *args, &block)
         end
+        # ensure keyword argument passing is compatible with ruby >= 2.7
+        ruby2_keywords(method_name) if respond_to?(:ruby2_keywords, true)
         private method_name
       end
     end

data/lib/sinatra/indifferent_hash.rb CHANGED Viewed

@@ -180,6 +180,20 @@ module Sinatra
       end
     end
+    def select(*args, &block)
+      return to_enum(:select) unless block_given?
+      dup.tap { |hash| hash.select!(*args, &block) }
+    end
+    def reject(*args, &block)
+      return to_enum(:reject) unless block_given?
+      dup.tap { |hash| hash.reject!(*args, &block) }
+    end
+    def compact
+      dup.tap(&:compact!)
+    end if method_defined?(:compact) # Added in Ruby 2.4
     private
     def convert_key(key)

data/lib/sinatra/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Sinatra
-  VERSION = '2.1.0'
+  VERSION = '2.2.3'
 end

data/sinatra.gemspec CHANGED Viewed

@@ -19,9 +19,8 @@ Gem::Specification.new 'sinatra', version do |s|
     "SECURITY.md",
     "sinatra.gemspec",
     "VERSION"]
-  s.test_files        = s.files.select { |p| p =~ /^test\/.*_test.rb/ }
-  s.extra_rdoc_files  = s.files.select { |p| p =~ /^README/ } << 'LICENSE'
-  s.rdoc_options      = %w[--line-numbers --inline-source --title Sinatra --main README.rdoc --encoding=UTF-8]
+  s.extra_rdoc_files  = %w[README.md LICENSE]
+  s.rdoc_options      = %w[--line-numbers --title Sinatra --main README.rdoc --encoding=UTF-8]
   if s.respond_to?(:metadata)
     s.metadata = {
@@ -33,11 +32,6 @@ Gem::Specification.new 'sinatra', version do |s|
       'documentation_uri' => 'https://www.rubydoc.info/gems/sinatra'
     }
   else
-    msg = "RubyGems 2.0 or newer is required to protect against public "\
-          "gem pushes. You can update your rubygems version by running:\n\n"\
-          "gem install rubygems-update\n"\
-          "update_rubygems\n"\
-          "gem update --system"
     raise <<-EOF
 RubyGems 2.0 or newer is required to protect against public gem pushes. You can update your rubygems version by running:
   gem install rubygems-update
@@ -51,5 +45,5 @@ EOF
   s.add_dependency 'rack', '~> 2.2'
   s.add_dependency 'tilt', '~> 2.0'
   s.add_dependency 'rack-protection', version
-  s.add_dependency 'mustermann', '~> 1.0'
+  s.add_dependency 'mustermann', '~> 2.0'
 end

metadata CHANGED Viewed

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: sinatra
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.4
 platform: ruby
 authors:
 - Blake Mizerany
 - Ryan Tomayko
 - Simon Rozet
 - Konstantin Haase
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-04 00:00:00.000000000 Z
+date: 2022-12-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -47,46 +47,35 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.4
 - !ruby/object:Gem::Dependency
   name: mustermann
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
 description: Sinatra is a DSL for quickly creating web applications in Ruby with minimal
   effort.
 email: sinatrarb@googlegroups.com
 executables: []
 extensions: []
 extra_rdoc_files:
-- README.de.md
-- README.es.md
-- README.fr.md
-- README.hu.md
-- README.ja.md
-- README.ko.md
-- README.malayalam.md
 - README.md
-- README.pt-br.md
-- README.pt-pt.md
-- README.ru.md
-- README.zh.md
 - LICENSE
 files:
 - ".yardopts"
@@ -135,10 +124,9 @@ metadata:
   bug_tracker_uri: https://github.com/sinatra/sinatra/issues
   mailing_list_uri: http://groups.google.com/group/sinatrarb
   documentation_uri: https://www.rubydoc.info/gems/sinatra
-post_install_message:
+post_install_message:
 rdoc_options:
 - "--line-numbers"
-- "--inline-source"
 - "--title"
 - Sinatra
 - "--main"
@@ -157,8 +145,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key:
+rubyforge_project:
+rubygems_version: 2.7.6.3
+signing_key:
 specification_version: 4
 summary: Classy web-development dressed in a DSL
 test_files: []