sinatra 3.0.2 → 3.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -2
- data/Gemfile +6 -2
- data/README.md +4 -4
- data/VERSION +1 -1
- data/lib/sinatra/base.rb +15 -3
- data/lib/sinatra/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 253794a685657aa33414a6384abfa99f0c4b0a8aa97a9f15aa6d5ae88bcd747e
|
|
4
|
+
data.tar.gz: 455faa2397e06210cdeeb6e90eb5b8ec56908695585c869bb9241afc1e480cca
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b8ca8d0630ca6a5b420a6066ac6bb0375092e92a549bf623974a8780b576b859a227eccf32402ffb4628a04523c107420cda5982bcc69a14dbb3779ff299b255
|
|
7
|
+
data.tar.gz: 85352987ea63bcbdfa6a80af67a59e5e3e4e812f1aaf4f28016ebd085805934ffa2787278b3034cef623ee5ed278bb5b66eeb02f390b6b8fea5326f7f039c4d7
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,20 @@
|
|
|
2
2
|
|
|
3
3
|
* _Your new feature here._
|
|
4
4
|
|
|
5
|
+
## 3.0.5 / 2022-12-16
|
|
6
|
+
|
|
7
|
+
* Fix: Add Zeitwerk compatibility. [#1831](https://github.com/sinatra/sinatra/pull/1831) by Dawid Janczak
|
|
8
|
+
|
|
9
|
+
* Fix: Allow CALLERS_TO_IGNORE to be overridden
|
|
10
|
+
|
|
11
|
+
## 3.0.4 / 2022-11-25
|
|
12
|
+
|
|
13
|
+
* Fix: Escape filename in the Content-Disposition header. [#1841](https://github.com/sinatra/sinatra/pull/1841) by Kunpei Sakai
|
|
14
|
+
|
|
15
|
+
## 3.0.3 / 2022-11-11
|
|
16
|
+
|
|
17
|
+
* Fix: fixed ReDoS for Rack::Protection::IPSpoofing. [#1823](https://github.com/sinatra/sinatra/pull/1823) by @ooooooo-q
|
|
18
|
+
|
|
5
19
|
## 3.0.2 / 2022-10-01
|
|
6
20
|
|
|
7
21
|
* New: Add Haml 6 support. [#1820](https://github.com/sinatra/sinatra/pull/1820) by Jordan Owens
|
|
@@ -58,6 +72,12 @@
|
|
|
58
72
|
|
|
59
73
|
* Docs: Japanese documentation: Make Session section reflect changes done to README.md. [#1731](https://github.com/sinatra/sinatra/pull/1731) by @shu-i-chi
|
|
60
74
|
|
|
75
|
+
## 2.2.3 / 2022-11-25
|
|
76
|
+
|
|
77
|
+
* Fix: Escape filename in the Content-Disposition header. [#1841](https://github.com/sinatra/sinatra/pull/1841) by Kunpei Sakai
|
|
78
|
+
|
|
79
|
+
* Fix: fixed ReDoS for Rack::Protection::IPSpoofing. [#1823](https://github.com/sinatra/sinatra/pull/1823) by @ooooooo-q
|
|
80
|
+
|
|
61
81
|
## 2.2.2 / 2022-07-23
|
|
62
82
|
|
|
63
83
|
* Update mustermann dependency to version 2.
|
|
@@ -70,6 +90,8 @@
|
|
|
70
90
|
|
|
71
91
|
## 2.2.0 / 2022-02-15
|
|
72
92
|
|
|
93
|
+
* Breaking change: Add `#select`, `#reject` and `#compact` methods to `Sinatra::IndifferentHash`. If hash keys need to be converted to symbols, call `#to_h` to get a `Hash` instance first. [#1711](https://github.com/sinatra/sinatra/pull/1711) by Olivier Bellone
|
|
94
|
+
|
|
73
95
|
* Handle EOFError raised by Rack and return Bad Request 400 status. [#1743](https://github.com/sinatra/sinatra/pull/1743) by tamazon
|
|
74
96
|
|
|
75
97
|
* Minor refactors in `base.rb`. [#1640](https://github.com/sinatra/sinatra/pull/1640) by ceclinux
|
|
@@ -100,8 +122,6 @@
|
|
|
100
122
|
|
|
101
123
|
* Remove unnecessary `test_files` from the gemspec. [#1712](https://github.com/sinatra/sinatra/pull/1712) by Masataka Pocke Kuwabara
|
|
102
124
|
|
|
103
|
-
* Add `#select`, `#reject` and `#compact` methods to `Sinatra::IndifferentHash`. [#1711](https://github.com/sinatra/sinatra/pull/1711) by Olivier Bellone
|
|
104
|
-
|
|
105
125
|
* Docs: Spanish documentation: Update README.es.md with removal of Thin. [#1630](https://github.com/sinatra/sinatra/pull/1630) by Espartaco Palma
|
|
106
126
|
|
|
107
127
|
* Docs: German documentation: Fixed typos in German README.md. [#1648](https://github.com/sinatra/sinatra/pull/1648) by Juri
|
data/Gemfile
CHANGED
|
@@ -15,9 +15,14 @@ gem 'rake'
|
|
|
15
15
|
|
|
16
16
|
rack_version = ENV['rack'].to_s
|
|
17
17
|
rack_version = nil if rack_version.empty? || (rack_version == 'stable')
|
|
18
|
-
rack_version = { github: 'rack/rack' } if rack_version == '
|
|
18
|
+
rack_version = { github: 'rack/rack' } if rack_version == 'latest'
|
|
19
19
|
gem 'rack', rack_version
|
|
20
20
|
|
|
21
|
+
puma_version = ENV['puma'].to_s
|
|
22
|
+
puma_version = nil if puma_version.empty? || (puma_version == 'stable')
|
|
23
|
+
puma_version = { github: 'puma/puma' } if puma_version == 'latest'
|
|
24
|
+
gem 'puma', puma_version
|
|
25
|
+
|
|
21
26
|
gem 'minitest', '~> 5.0'
|
|
22
27
|
gem 'rack-test', github: 'rack/rack-test'
|
|
23
28
|
gem 'rubocop', '~> 1.32.0', require: false
|
|
@@ -40,7 +45,6 @@ gem 'liquid'
|
|
|
40
45
|
gem 'markaby'
|
|
41
46
|
gem 'nokogiri', '> 1.5.0'
|
|
42
47
|
gem 'pandoc-ruby', '~> 2.0.2'
|
|
43
|
-
gem 'puma'
|
|
44
48
|
gem 'rabl'
|
|
45
49
|
gem 'rainbows', platforms: [:mri] # uses #fork
|
|
46
50
|
gem 'rdiscount', platforms: [:ruby]
|
data/README.md
CHANGED
|
@@ -938,7 +938,7 @@ __END__
|
|
|
938
938
|
|
|
939
939
|
@@ layout
|
|
940
940
|
%html
|
|
941
|
-
|
|
941
|
+
!= yield
|
|
942
942
|
|
|
943
943
|
@@ index
|
|
944
944
|
%div.title Hello world.
|
|
@@ -984,7 +984,7 @@ To associate a file extension with a template engine, use
|
|
|
984
984
|
`tt` for Haml templates, you can do the following:
|
|
985
985
|
|
|
986
986
|
```ruby
|
|
987
|
-
Tilt.register
|
|
987
|
+
Tilt.register Tilt[:haml], :tt
|
|
988
988
|
```
|
|
989
989
|
|
|
990
990
|
### Adding Your Own Template Engine
|
|
@@ -992,7 +992,7 @@ Tilt.register :tt, Tilt[:haml]
|
|
|
992
992
|
First, register your engine with Tilt, then create a rendering method:
|
|
993
993
|
|
|
994
994
|
```ruby
|
|
995
|
-
Tilt.register :myat
|
|
995
|
+
Tilt.register MyAwesomeTemplateEngine, :myat
|
|
996
996
|
|
|
997
997
|
helpers do
|
|
998
998
|
def myat(*args) render(:myat, *args) end
|
|
@@ -2903,4 +2903,4 @@ SemVerTag.
|
|
|
2903
2903
|
* API documentation for the [latest release](http://www.rubydoc.info/gems/sinatra)
|
|
2904
2904
|
or the [current HEAD](http://www.rubydoc.info/github/sinatra/sinatra) on
|
|
2905
2905
|
[RubyDoc](http://www.rubydoc.info/)
|
|
2906
|
-
* [CI
|
|
2906
|
+
* [CI Actions](https://github.com/sinatra/sinatra/actions)
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.0.
|
|
1
|
+
3.0.5
|
data/lib/sinatra/base.rb
CHANGED
|
@@ -396,13 +396,20 @@ module Sinatra
|
|
|
396
396
|
response['Content-Type'] = mime_type
|
|
397
397
|
end
|
|
398
398
|
|
|
399
|
+
# https://html.spec.whatwg.org/#multipart-form-data
|
|
400
|
+
MULTIPART_FORM_DATA_REPLACEMENT_TABLE = {
|
|
401
|
+
'"' => '%22',
|
|
402
|
+
"\r" => '%0D',
|
|
403
|
+
"\n" => '%0A'
|
|
404
|
+
}.freeze
|
|
405
|
+
|
|
399
406
|
# Set the Content-Disposition to "attachment" with the specified filename,
|
|
400
407
|
# instructing the user agents to prompt to save.
|
|
401
408
|
def attachment(filename = nil, disposition = :attachment)
|
|
402
409
|
response['Content-Disposition'] = disposition.to_s.dup
|
|
403
410
|
return unless filename
|
|
404
411
|
|
|
405
|
-
params = format('; filename="%s"', File.basename(filename))
|
|
412
|
+
params = format('; filename="%s"', File.basename(filename).gsub(/["\r\n]/, MULTIPART_FORM_DATA_REPLACEMENT_TABLE))
|
|
406
413
|
response['Content-Disposition'] << params
|
|
407
414
|
ext = File.extname(filename)
|
|
408
415
|
content_type(ext) unless response['Content-Type'] || ext.empty?
|
|
@@ -1209,11 +1216,16 @@ module Sinatra
|
|
|
1209
1216
|
%r{rubygems/(custom|core_ext/kernel)_require\.rb$}, # rubygems require hacks
|
|
1210
1217
|
/active_support/, # active_support require hacks
|
|
1211
1218
|
%r{bundler(/(?:runtime|inline))?\.rb}, # bundler require hacks
|
|
1212
|
-
/<internal
|
|
1219
|
+
/<internal:/, # internal in ruby >= 1.9.2
|
|
1220
|
+
%r{zeitwerk/kernel\.rb} # Zeitwerk kernel#require decorator
|
|
1213
1221
|
].freeze
|
|
1214
1222
|
|
|
1215
1223
|
attr_reader :routes, :filters, :templates, :errors
|
|
1216
1224
|
|
|
1225
|
+
def callers_to_ignore
|
|
1226
|
+
CALLERS_TO_IGNORE
|
|
1227
|
+
end
|
|
1228
|
+
|
|
1217
1229
|
# Removes all routes, filters, middleware and extension hooks from the
|
|
1218
1230
|
# current class (not routes/filters/... defined by its superclass).
|
|
1219
1231
|
def reset!
|
|
@@ -1780,7 +1792,7 @@ module Sinatra
|
|
|
1780
1792
|
def cleaned_caller(keep = 3)
|
|
1781
1793
|
caller(1)
|
|
1782
1794
|
.map! { |line| line.split(/:(?=\d|in )/, 3)[0, keep] }
|
|
1783
|
-
.reject { |file, *_|
|
|
1795
|
+
.reject { |file, *_| callers_to_ignore.any? { |pattern| file =~ pattern } }
|
|
1784
1796
|
end
|
|
1785
1797
|
end
|
|
1786
1798
|
|
data/lib/sinatra/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sinatra
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Blake Mizerany
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2022-
|
|
14
|
+
date: 2022-12-16 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: mustermann
|
|
@@ -53,14 +53,14 @@ dependencies:
|
|
|
53
53
|
requirements:
|
|
54
54
|
- - '='
|
|
55
55
|
- !ruby/object:Gem::Version
|
|
56
|
-
version: 3.0.
|
|
56
|
+
version: 3.0.5
|
|
57
57
|
type: :runtime
|
|
58
58
|
prerelease: false
|
|
59
59
|
version_requirements: !ruby/object:Gem::Requirement
|
|
60
60
|
requirements:
|
|
61
61
|
- - '='
|
|
62
62
|
- !ruby/object:Gem::Version
|
|
63
|
-
version: 3.0.
|
|
63
|
+
version: 3.0.5
|
|
64
64
|
- !ruby/object:Gem::Dependency
|
|
65
65
|
name: tilt
|
|
66
66
|
requirement: !ruby/object:Gem::Requirement
|