sprockets 3.0.1 → 3.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1bd725a04a1285df9ad884d11fa77a3f2e00857b
-  data.tar.gz: b2d4ca0a8689c24ba57a971147aeadccbcbfd9ce
+  metadata.gz: fce2476cd245660b43d7f43d8c73e49e8dba8f8b
+  data.tar.gz: 04a112134ed6023fc75a5f5932b9ce1e51200d55
 SHA512:
-  metadata.gz: cb7d070feb9768f6b08fd19a9231ac16eda299732fdc60555eff057956009c11b87dd327761e5f9a010f1157dbcf74ce008dcda406fdebc839f9050300d230df
-  data.tar.gz: 40360fc4bedbc30323ea5a02ddf3013af39bc1e6ae7723c0ad7b1c889c98236be061c14207c3d645eeae9e9d3aedbbdadbcddac56abc1d61fa11ce53d09f9dc4
+  metadata.gz: 67ae5f33aea980377bbab8a8f70b0fb0364a12696bc1c76c6813b03a11be59091d3630562d16cd0eeccfce1348661dc447989bdc54e34d0598578497f2d14c78
+  data.tar.gz: 611067448c1962a8a1fea6d50d0e236834f0244f66274ebd87f3bd0b2f2216ad67cdbe548186c3e34e28079bbbf4395286ad384eb13f48680c02a290478c7cd2

data/README.md

@@ -449,193 +449,7 @@ submit a pull request.
 
 ### Version History
 
-**3.0.1** (April 14, 2015)
-
-* Fixed `Context#depend_on` with paths outside the load path
-
-**3.0.0** (April 12, 2015)
-
-* New processor API. Tilt interface is deprecated.
-* Improved file store caching backend.
-* MIME Types now accept charset custom charset detecters. Improves support for UTF-16/32 files.
-* Environment#version no longer affects asset digests. Only used for busting the asset cache.
-* Removed builtin support for LESS.
-* Removed `//= include` directive support.
-* Deprecated `BundledAsset#to_a`. Use `BundledAsset#included` to access debugging subcomponents.
-* Support circular dependencies. For parity with ES6 modules.
-* Manifest compilation will no longer generate .gz files by default. [Mixing
-  Content-Encoding and ETags is just a bad
-  idea](https://issues.apache.org/bugzilla/show_bug.cgi?id=39727)
-* Added linked or referenced assets. When an asset is compiled, any of its links will be compiled as well.
-* Introduce some limitations around enumerating all logical paths. 4.x will deprecate it and favor linked manifests for compliation.
-* Add Asset integrity attribute for Subresource Integrity
-* Default digest changed to SHA256. Configuring `digest_class` is deprecated.
-* Rename `Asset#digest` to `Asset#hexdigest`. `Asset#digest` is deprecated and will
-  return a raw byte String in 4.x.
-* Added transitional compatibility flag to `Environment#resolve(path, compat: true)`. 2.x mode operates with `compat: true` and 4.x with `compat: false`
-* `manifest-abc123.json` renamed to `.sprockets-abc123.json`
-
-**2.12.3** (October 28, 2014)
-
-* Security: Fix directory traversal bug in development mode server.
-
-**2.12.2** (September 5, 2014)
-
-* Ensure internal asset lookups calls are still restricted to load paths within
-  asset compiles. Though, you should not depend on internal asset resolves to be
-  completely restricted for security reasons. Assets themselves should be
-  considered full scripting environments with filesystem access.
-
-**2.12.1** (April 17, 2014)
-
-* Fix making manifest target directory when its different than the output directory.
-
-**2.12.0** (March 13, 2014)
-
-* Avoid context reference in SassImporter hack so its Marshallable. Fixes
- issues with Sass 3.3.x.
-
-**2.11.0** (February 19, 2014)
-
-* Cache store must now be an LRU implementation.
-* Default digest changed to SHA1. To continue using MD5.
-  `env.digest_class = Digest::MD5`.
-
-**2.10.0** (May 24, 2013)
-
-* Support for `bower.json`
-
-**2.9.3** (April 20, 2013)
-
-* Fixed sass caching bug
-
-**2.9.2** (April 8, 2013)
-
-* Improve file freshness check performance
-* Directive processor encoding fixes
-
-**2.9.1** (April 6, 2013)
-
-* Support for Uglifier 2.x
-
-**2.9.0** (February 25, 2013)
-
-* Write out gzipped variants of bundled assets.
-
-**2.8.2** (December 10, 2012)
-
-* Fixed top level Sass constant references
-* Fixed manifest logger when environment is disabled
-
-**2.8.1** (October 31, 2012)
-
-* Fixed Sass importer bug
-
-**2.8.0** (October 16, 2012)
-
-* Allow manifest location to be separated from output directory
-* Pass logical path and absolute path to each_logical_path iterator
-
-**2.7.0** (October 10, 2012)
-
-* Added --css-compressor and --js-compressor command line flags
-* Added css/js compressor shorthand
-* Change default manifest.json filename to be a randomized manifest-16HEXBYTES.json
-* Allow nil environment to be passed to manifest
-* Allow manifest instance to be set on rake task
-
-**2.6.0** (September 19, 2012)
-
-* Added bower component.json require support
-
-**2.5.0** (September 4, 2012)
-
-* Fixed Ruby 2.0 RegExp warning
-* Provide stubbed implementation of context *_path helpers
-* Add SassCompressor
-
-**2.4.5** (July 10, 2012)
-
-* Tweaked some logger levels
-
-**2.4.4** (July 2, 2012)
-
-* Canonicalize logical path extensions
-* Check absolute paths passed to depend_on
-
-**2.4.3** (May 16, 2012)
-
-* Exposed :sprockets in sass options
-* Include dependency paths in asset mtime
-
-**2.4.2** (May 7, 2012)
-
-* Fixed MultiJson feature detect
-
-**2.4.1** (April 26, 2012)
-
-* Fixed MultiJson API change
-* Fixed gzip mtime
-
-**2.4.0** (March 27, 2012)
-
-* Added global path registry
-* Added global processor registry
-
-**2.3.2** (March 26, 2012)
-
-* Fix Context#logical_path with dots
-
-**2.3.1** (February 11, 2012)
-
-* Added bytesize to manifest
-* Added Asset#bytesize alias
-* Security: Check path for forbidden access after unescaping
-
-**2.3.0** (January 16, 2012)
-
-* Added special Sass importer that automatically tracks any `@import`ed files.
-
-**2.2.0** (January 10, 2012)
-
-* Added `sprockets` command line utility.
-* Added rake/sprocketstask.
-* Added json manifest log of compiled assets.
-* Added `stub` directive that allows you to exclude files from the bundle.
-* Added per environment external encoding (Environment#default_external_encoding). Defaults to UTF-8. Fixes issues where LANG is not set correctly and Rubys default external is set to ASCII.
-
-**2.1.2** (November 20, 2011)
-
-* Disabled If-Modified-Since server checks. Fixes some browser caching issues when serving the asset body only. If-None-Match caching is sufficient.
-
-**2.1.1** (November 18, 2011)
-
-* Fix windows absolute path check bug.
-
-**2.1.0** (November 11, 2011)
-
-* Directive comment lines are now turned into empty lines instead of removed. This way line numbers in
-  CoffeeScript syntax errors are correct.
-* Performance and caching bug fixes.
-
-**2.0.3** (October 17, 2011)
-
-* Detect format extensions from right to left.
-* Make JST namespace configurable.
-
-**2.0.2** (October 4, 2011)
-
-* Fixed loading stale cache from bundler gems.
-
-**2.0.1** (September 30, 2011)
-
-* Fixed bug with fingerprinting file names with multiple dots.
-* Decode URIs as default internal.
-* Fix symlinked asset directories.
-
-**2.0.0** (August 29, 2011)
-
-* Initial public release.
+Please see the [CHANGELOG](https://github.com/rails/sprockets/tree/master/CHANGELOG.md)
 
 ## License
 

data/lib/sprockets.rb

@@ -1,3 +1,4 @@
+# encoding: utf-8
 require 'sprockets/version'
 require 'sprockets/cache'
 require 'sprockets/environment'
@@ -101,8 +102,8 @@ module Sprockets
   register_bundle_processor 'application/javascript', Bundle
   register_bundle_processor 'text/css', Bundle
 
-  register_bundle_metadata_reducer '*/*', :data, :+
-  register_bundle_metadata_reducer 'application/javascript', :data, Utils.method(:concat_javascript_sources)
+  register_bundle_metadata_reducer '*/*', :data, proc { "" }, :concat
+  register_bundle_metadata_reducer 'application/javascript', :data, proc { "" }, Utils.method(:concat_javascript_sources)
   register_bundle_metadata_reducer '*/*', :links, :+
 
   require 'sprockets/closure_compressor'

data/lib/sprockets/bundle.rb

@@ -44,7 +44,11 @@ module Sprockets
     def self.process_bundle_reducers(assets, reducers)
       initial = {}
       reducers.each do |k, (v, _)|
-        initial[k] = v if !v.nil?
+        if v.respond_to?(:call)
+          initial[k] = v.call
+        elsif !v.nil?
+          initial[k] = v
+        end
       end
 
       assets.reduce(initial) do |h, asset|

data/lib/sprockets/encoding_utils.rb

@@ -104,7 +104,7 @@ module Sprockets
         charlock_detect(str)
       end
 
-      # Fallback to UTF-8
+      # Fallback to environment's external encoding
       if str.encoding == Encoding::BINARY
         str.force_encoding(Encoding.default_external)
       end
@@ -233,7 +233,10 @@ module Sprockets
       nil
     end
 
-    # Public: Detect charset from HTML document. Defaults to ISO-8859-1.
+    # Public: Detect charset from HTML document.
+    #
+    # Attempts to parse any Unicode BOM otherwise attempt Charlock detection
+    # and finally falls back to the environment's external encoding.
     #
     # str - String.
     #
@@ -246,9 +249,9 @@ module Sprockets
         charlock_detect(str)
       end
 
-      # Fallback to ISO-8859-1
+      # Fallback to environment's external encoding
       if str.encoding == Encoding::BINARY
-        str.force_encoding(Encoding::ISO_8859_1)
+        str.force_encoding(Encoding.default_external)
       end
 
       str

data/lib/sprockets/http_utils.rb

@@ -76,7 +76,9 @@ module Sprockets
         end
       end
 
-      matches.sort_by { |match, quality| -quality }.map { |match, quality| match }
+      matches.sort_by! { |match, quality| -quality }
+      matches.map! { |match, quality| match }
+      matches
     end
 
     # Internal: Find the best qvalue match from an Array of available options.

data/lib/sprockets/legacy_proc_processor.rb

@@ -29,7 +29,7 @@ module Sprockets
     def call(input)
       context = input[:environment].context_class.new(input)
       data = @proc.call(context, input[:data])
-      context.metadata.merge(data: data)
+      context.metadata.merge(data: data.to_str)
     end
   end
 end

data/lib/sprockets/legacy_tilt_processor.rb

@@ -23,7 +23,7 @@ module Sprockets
       context  = input[:environment].context_class.new(input)
 
       data = @klass.new(filename) { data }.render(context)
-      context.metadata.merge(data: data)
+      context.metadata.merge(data: data.to_str)
     end
   end
 end

data/lib/sprockets/loader.rb

@@ -110,6 +110,7 @@ module Sprockets
             content_type: type,
             metadata: { dependencies: dependencies }
           })
+          validate_processor_result!(result)
           source = result.delete(:data)
           metadata = result.merge!(
             charset: source.encoding.name.downcase,
@@ -144,9 +145,9 @@ module Sprockets
         asset[:mtime] = metadata[:dependencies].map { |u|
           if u.start_with?("file-digest:")
             s = self.stat(parse_file_digest_uri(u))
-            s ? s.mtime.to_i : 0
+            s ? s.mtime.to_i : 1211698800
           else
-            0
+            1211698800
           end
         }.max
 

data/lib/sprockets/processor_utils.rb

@@ -1,3 +1,5 @@
+require 'set'
+
 module Sprockets
   # Functional utilities for dealing with Processor functions.
   #
@@ -99,5 +101,71 @@ module Sprockets
     def processors_cache_keys(processors)
       processors.map { |processor| processor_cache_key(processor) }
     end
+
+    # Internal: Set of all "simple" value types allowed to be returned in
+    # processor metadata.
+    VALID_METADATA_VALUE_TYPES = Set.new([
+      String,
+      Symbol,
+      Fixnum,
+      Bignum,
+      TrueClass,
+      FalseClass,
+      NilClass
+    ]).freeze
+
+    # Internal: Set of all nested compound metadata types that can nest values.
+    VALID_METADATA_COMPOUND_TYPES = Set.new([
+      Array,
+      Hash,
+      Set
+    ]).freeze
+
+    # Internal: Set of all allowed metadata types.
+    VALID_METADATA_TYPES = (VALID_METADATA_VALUE_TYPES + VALID_METADATA_COMPOUND_TYPES).freeze
+
+    # Internal: Validate returned result of calling a processor pipeline and
+    # raise a friendly user error message.
+    #
+    # result - Metadata Hash returned from call_processors
+    #
+    # Returns result or raises a TypeError.
+    def validate_processor_result!(result)
+      if !result.instance_of?(Hash)
+        raise TypeError, "processor metadata result was expected to be a Hash, but was #{result.class}"
+      end
+
+      if !result[:data].instance_of?(String)
+        raise TypeError, "processor :data was expected to be a String, but as #{result[:data].class}"
+      end
+
+      result.each do |key, value|
+        if !key.instance_of?(Symbol)
+          raise TypeError, "processor metadata[#{key.inspect}] expected to be a Symbol"
+        end
+
+        if !valid_processor_metadata_value?(value)
+          raise TypeError, "processor metadata[:#{key}] returned a complex type: #{value.inspect}\n" +
+            "Only #{VALID_METADATA_TYPES.to_a.join(", ")} maybe used."
+        end
+      end
+
+      result
+    end
+
+    # Internal: Validate object is in validate metadata whitelist.
+    #
+    # value - Any Object
+    #
+    # Returns true if class is in whitelist otherwise false.
+    def valid_processor_metadata_value?(value)
+      if VALID_METADATA_VALUE_TYPES.include?(value.class)
+        true
+      elsif VALID_METADATA_COMPOUND_TYPES.include?(value.class)
+        value.all? { |v| valid_processor_metadata_value?(v) }
+      else
+        false
+      end
+    end
   end
 end

data/lib/sprockets/resolve.rb

@@ -53,7 +53,14 @@ module Sprockets
 
       unless uri
         message = "couldn't find file '#{path}'"
+
+        if relative_path?(path) && options[:base_path]
+          load_path, _ = paths_split(config[:paths], options[:base_path])
+          message << " under '#{load_path}'"
+        end
+
         message << " with type '#{options[:accept]}'" if options[:accept]
+
         raise FileNotFound, message
       end
 

data/lib/sprockets/uri_utils.rb

@@ -51,7 +51,7 @@ module Sprockets
       path.force_encoding(Encoding::UTF_8)
 
       # Hack for parsing Windows "file:///C:/Users/IEUser" paths
-      path = path.gsub(/^\/([a-zA-Z]:)/, '\1')
+      path.gsub!(/^\/([a-zA-Z]:)/, '\1')
 
       [scheme, host, path, query]
     end
@@ -183,7 +183,8 @@ module Sprockets
       query.to_s.split('&').reduce({}) do |h, p|
         k, v = p.split('=', 2)
         v = URI::Generic::DEFAULT_PARSER.unescape(v) if v
-        h.merge(k.to_sym => v || true)
+        h[k.to_sym] = v || true
+        h
       end
     end
   end

data/lib/sprockets/utils.rb

@@ -90,15 +90,15 @@ module Sprockets
     # Internal: Accumulate asset source to buffer and append a trailing
     # semicolon if necessary.
     #
-    # buf   - String memo
-    # asset - Asset
+    # buf    - String buffer to append to
+    # source - String source to append
     #
-    # Returns appended buffer String.
+    # Returns buf String.
     def concat_javascript_sources(buf, source)
       if string_end_with_semicolon?(buf)
-        buf + source
+        buf << source
       else
-        buf + ";\n" + source
+        buf << ";\n" << source
       end
     end
 

data/lib/sprockets/version.rb

@@ -1,3 +1,3 @@
 module Sprockets
-  VERSION = "3.0.1"
+  VERSION = "3.0.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sprockets
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Sam Stephenson
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-14 00:00:00.000000000 Z
+date: 2015-04-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack