sinatra 2.2.3 → 2.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sinatra might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -0
- data/VERSION +1 -1
- data/lib/sinatra/base.rb +5 -1
- data/lib/sinatra/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1e7c0f0444061d6ca90cf2956cb78a750065625116500dafde2da94ec133c1c4
|
|
4
|
+
data.tar.gz: 03ae4a16304045e5a52a8f98e07922ab0c5351889a1106942a22d89445dfcef4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 41c6dc03102ac2ca8735d30a4cd1646d803be5a7fbd9cae0702cb3b41419e6b17451707498749baf0c06d2002b075e3f9d06a1eef1d4a4ee35dee95c73dd2bc3
|
|
7
|
+
data.tar.gz: 4c7ebcf714cb7f73f8fa5b179f41f978994126c90c775d4a3a4aa944c6146ece45cb9c797b130ab8a2575e177fd7128b8c5da7f6cdb440a18a2110cc7aca215e
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
* Fix: Escape filename in the Content-Disposition header. [#1841](https://github.com/sinatra/sinatra/pull/1841) by Kunpei Sakai
|
|
4
4
|
|
|
5
|
+
* Fix: fixed ReDoS for Rack::Protection::IPSpoofing. [#1823](https://github.com/sinatra/sinatra/pull/1823) by @ooooooo-q
|
|
6
|
+
|
|
5
7
|
## 2.2.2 / 2022-07-23
|
|
6
8
|
|
|
7
9
|
* Update mustermann dependency to version 2.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.2.
|
|
1
|
+
2.2.4
|
data/lib/sinatra/base.rb
CHANGED
|
@@ -1237,6 +1237,10 @@ module Sinatra
|
|
|
1237
1237
|
|
|
1238
1238
|
attr_reader :routes, :filters, :templates, :errors
|
|
1239
1239
|
|
|
1240
|
+
def callers_to_ignore
|
|
1241
|
+
CALLERS_TO_IGNORE
|
|
1242
|
+
end
|
|
1243
|
+
|
|
1240
1244
|
# Removes all routes, filters, middleware and extension hooks from the
|
|
1241
1245
|
# current class (not routes/filters/... defined by its superclass).
|
|
1242
1246
|
def reset!
|
|
@@ -1786,7 +1790,7 @@ module Sinatra
|
|
|
1786
1790
|
def cleaned_caller(keep = 3)
|
|
1787
1791
|
caller(1).
|
|
1788
1792
|
map! { |line| line.split(/:(?=\d|in )/, 3)[0,keep] }.
|
|
1789
|
-
reject { |file, *_|
|
|
1793
|
+
reject { |file, *_| callers_to_ignore.any? { |pattern| file =~ pattern } }
|
|
1790
1794
|
end
|
|
1791
1795
|
end
|
|
1792
1796
|
|
data/lib/sinatra/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sinatra
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.2.
|
|
4
|
+
version: 2.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Blake Mizerany
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2022-
|
|
14
|
+
date: 2022-12-16 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rack
|
|
@@ -47,14 +47,14 @@ dependencies:
|
|
|
47
47
|
requirements:
|
|
48
48
|
- - '='
|
|
49
49
|
- !ruby/object:Gem::Version
|
|
50
|
-
version: 2.2.
|
|
50
|
+
version: 2.2.4
|
|
51
51
|
type: :runtime
|
|
52
52
|
prerelease: false
|
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
|
54
54
|
requirements:
|
|
55
55
|
- - '='
|
|
56
56
|
- !ruby/object:Gem::Version
|
|
57
|
-
version: 2.2.
|
|
57
|
+
version: 2.2.4
|
|
58
58
|
- !ruby/object:Gem::Dependency
|
|
59
59
|
name: mustermann
|
|
60
60
|
requirement: !ruby/object:Gem::Requirement
|