sqlite3 1.5.0 → 1.5.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +44 -0
- data/CONTRIBUTING.md +2 -2
- data/README.md +3 -1
- data/dependencies.yml +14 -0
- data/ext/sqlite3/extconf.rb +38 -28
- data/lib/sqlite3/version.rb +2 -2
- data/ports/archives/sqlite-autoconf-3400000.tar.gz +0 -0
- metadata +4 -3
- data/ports/archives/sqlite-autoconf-3380500.tar.gz +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2b90b6b29818fed972c55598d50dd2e395e4c7b9f3c0709d34cb99a462ea8ec5
|
|
4
|
+
data.tar.gz: e28aa12b3bac56cb43f8935bd654274cc79464cbef355a07aab3f0a19321b656
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1b8eb37dbf8097870eec21db848c51494834790d547896f1769da7ad7a40d5f2857dc3c09271ab4ec2e242527b993d105fe813f0e13efbc4b0977570cb45aedd
|
|
7
|
+
data.tar.gz: a0a2b779e97adb130490734a5b0699aa63064681fea662f61a8a5dc03b75664c0da929cd8f8be8a7f74ddc1925b0192ed9447e6f47bc3161151df4759a91ca8b
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,49 @@
|
|
|
1
1
|
# sqlite3-ruby Changelog
|
|
2
2
|
|
|
3
|
+
## 1.5.4 / 2022-11-18
|
|
4
|
+
|
|
5
|
+
### Dependencies
|
|
6
|
+
|
|
7
|
+
* Vendored sqlite is updated to [v3.40.0](https://sqlite.org/releaselog/3_40_0.html).
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
## 1.5.3 / 2022-10-11
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
|
|
14
|
+
* Fixed installation of the "ruby" platform gem when building from source on Fedora. In v1.5.0..v1.5.2, installation failed on some systems due to the behavior of Fedora's pkg-config implementation. [#355]
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
## 1.5.2 / 2022-10-01
|
|
18
|
+
|
|
19
|
+
### Packaging
|
|
20
|
+
|
|
21
|
+
This version correctly vendors the tarball for sqlite v3.39.4 in the vanilla "ruby" platform gem package, so that users will not require network access at installation.
|
|
22
|
+
|
|
23
|
+
v1.5.0 and v1.5.1 mistakenly packaged the tarball for sqlite v3.38.5 in the vanilla "ruby" platform gem, resulting in downloading the intended tarball over the network at installation time (or, if the network was not available, failure to install). Note that the precompiled native gems were not affected by this issue. [#352]
|
|
24
|
+
|
|
25
|
+
|
|
26
|
+
## 1.5.1 / 2022-09-29
|
|
27
|
+
|
|
28
|
+
### Dependencies
|
|
29
|
+
|
|
30
|
+
* Vendored sqlite is updated to [v3.39.4](https://sqlite.org/releaselog/3_39_4.html).
|
|
31
|
+
|
|
32
|
+
### Security
|
|
33
|
+
|
|
34
|
+
The vendored version of sqlite, v3.39.4, should be considered to be a security release. From the release notes:
|
|
35
|
+
|
|
36
|
+
> Version 3.39.4 is a minimal patch against the prior release that addresses issues found since the
|
|
37
|
+
> prior release. In particular, a potential vulnerability in the FTS3 extension has been fixed, so
|
|
38
|
+
> this should be considered a security update.
|
|
39
|
+
>
|
|
40
|
+
> In order to exploit the vulnerability, an attacker must have full SQL access and must be able to
|
|
41
|
+
> construct a corrupt database with over 2GB of FTS3 content. The problem arises from a 32-bit
|
|
42
|
+
> signed integer overflow.
|
|
43
|
+
|
|
44
|
+
For more information please see [GHSA-mgvv-5mxp-xq67](https://github.com/sparklemotion/sqlite3-ruby/security/advisories/GHSA-mgvv-5mxp-xq67).
|
|
45
|
+
|
|
46
|
+
|
|
3
47
|
## 1.5.0 / 2022-09-08
|
|
4
48
|
|
|
5
49
|
### Packaging
|
data/CONTRIBUTING.md
CHANGED
|
@@ -17,8 +17,8 @@ Run `bin/build-gems` which will package gems for all supported platforms, and ru
|
|
|
17
17
|
A quick checklist:
|
|
18
18
|
|
|
19
19
|
- [ ] make sure CI is green!
|
|
20
|
-
- [
|
|
21
|
-
- [
|
|
20
|
+
- [x] update `CHANGELOG.md` and `lib/sqlite3/version.rb` including `VersionProxy::{MINOR,TINY}`
|
|
21
|
+
- [x] create a git tag using a format that matches the pattern `v\d+\.\d+\.\d+`, e.g. `v1.3.13`
|
|
22
22
|
- [ ] run `bin/build-gems` and make sure it completes and all the tests pass
|
|
23
23
|
- [ ] `for g in gems/*.gem ; do gem push $g ; done`
|
|
24
24
|
- [ ] create a release at https://github.com/sparklemotion/sqlite3-ruby/releases and include sha2 checksums
|
data/README.md
CHANGED
|
@@ -107,7 +107,8 @@ If you're on a platform that supports a native gem but you want to avoid using i
|
|
|
107
107
|
|
|
108
108
|
- If you're not using Bundler, then run `gem install sqlite3 --platform=ruby`
|
|
109
109
|
- If you are using Bundler
|
|
110
|
-
- version 2.
|
|
110
|
+
- version 2.3.18 or later, you can specify [`gem "sqlite3", force_ruby_platform: true`](https://bundler.io/v2.3/man/gemfile.5.html#FORCE_RUBY_PLATFORM)
|
|
111
|
+
- version 2.1 or later, then you'll need to run `bundle config set force_ruby_platform true`
|
|
111
112
|
- version 2.0 or earlier, then you'll need to run `bundle config force_ruby_platform true`
|
|
112
113
|
|
|
113
114
|
|
|
@@ -143,6 +144,7 @@ If you would prefer to build the sqlite3-ruby gem against your system libsqlite3
|
|
|
143
144
|
|
|
144
145
|
PLEASE NOTE:
|
|
145
146
|
|
|
147
|
+
- you must avoid installing a precompiled native gem (see [previous section](#avoiding-the-precompiled-native-gem))
|
|
146
148
|
- only versions of libsqlite3 `>= 3.5.0` are supported,
|
|
147
149
|
- and some library features may depend on how your libsqlite3 was compiled.
|
|
148
150
|
|
data/dependencies.yml
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# TODO: stop using symbols here once we no longer support Ruby 2.7 and can rely on symbolize_names
|
|
2
|
+
:sqlite3:
|
|
3
|
+
# checksum verified by first checking the published sha3(256) checksum against https://sqlite.org/download.html:
|
|
4
|
+
#
|
|
5
|
+
# $ sha3sum -a 256 ports/archives/sqlite-autoconf-3400000.tar.gz
|
|
6
|
+
# 7ee8f02b21edb4489df5082b5cf5b7ef47bcebcdb0e209bf14240db69633c878 ports/archives/sqlite-autoconf-3400000.tar.gz
|
|
7
|
+
#
|
|
8
|
+
# $ sha256sum ports/archives/sqlite-autoconf-3400000.tar.gz
|
|
9
|
+
# 0333552076d2700c75352256e91c78bf5cd62491589ba0c69aed0a81868980e7 ports/archives/sqlite-autoconf-3400000.tar.gz
|
|
10
|
+
#
|
|
11
|
+
:version: "3.40.0"
|
|
12
|
+
:files:
|
|
13
|
+
- :url: "https://sqlite.org/2022/sqlite-autoconf-3400000.tar.gz"
|
|
14
|
+
:sha256: "0333552076d2700c75352256e91c78bf5cd62491589ba0c69aed0a81868980e7"
|
data/ext/sqlite3/extconf.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require "mkmf"
|
|
2
2
|
require "mini_portile2"
|
|
3
|
+
require "yaml"
|
|
3
4
|
|
|
4
5
|
module Sqlite3
|
|
5
6
|
module ExtConf
|
|
@@ -65,15 +66,24 @@ module Sqlite3
|
|
|
65
66
|
end
|
|
66
67
|
recipe.activate
|
|
67
68
|
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
69
|
+
# on macos, pkg-config will not return --cflags without this
|
|
70
|
+
ENV["PKG_CONFIG_ALLOW_SYSTEM_CFLAGS"] = "t"
|
|
71
|
+
|
|
72
|
+
lib_path = File.join(recipe.path, "lib")
|
|
73
|
+
pcfile = File.join(lib_path, "pkgconfig", "sqlite3.pc")
|
|
74
|
+
abort_pkg_config("pkg_config") unless pkg_config(pcfile)
|
|
75
|
+
|
|
76
|
+
# see https://bugs.ruby-lang.org/issues/18490
|
|
77
|
+
flags = xpopen(["pkg-config", "--libs", "--static", pcfile], err: [:child, :out], &:read)
|
|
78
|
+
abort_pkg_config("xpopen") unless $?.success?
|
|
79
|
+
flags = flags.split
|
|
80
|
+
|
|
81
|
+
# see https://github.com/flavorjones/mini_portile/issues/118
|
|
82
|
+
"-L#{lib_path}".tap do |lib_path_flag|
|
|
83
|
+
flags.prepend(lib_path_flag) unless flags.include?(lib_path_flag)
|
|
76
84
|
end
|
|
85
|
+
|
|
86
|
+
flags.each { |flag| append_ldflags(flag) }
|
|
77
87
|
end
|
|
78
88
|
end
|
|
79
89
|
|
|
@@ -116,9 +126,13 @@ module Sqlite3
|
|
|
116
126
|
|
|
117
127
|
def minimal_recipe
|
|
118
128
|
MiniPortile.new(libname, sqlite3_config[:version]).tap do |recipe|
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
129
|
+
if sqlite_source_dir
|
|
130
|
+
recipe.source_directory = sqlite_source_dir
|
|
131
|
+
else
|
|
132
|
+
recipe.files = sqlite3_config[:files]
|
|
133
|
+
recipe.target = File.join(package_root_dir, "ports")
|
|
134
|
+
recipe.patch_files = Dir[File.join(package_root_dir, "patches", "*.patch")].sort
|
|
135
|
+
end
|
|
122
136
|
end
|
|
123
137
|
end
|
|
124
138
|
|
|
@@ -131,33 +145,26 @@ module Sqlite3
|
|
|
131
145
|
end
|
|
132
146
|
|
|
133
147
|
def mini_portile_config
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
# checksum verified by first checking the published sha3(256) checksum against https://sqlite.org/download.html:
|
|
137
|
-
#
|
|
138
|
-
# $ sha3sum -a 256 ports/archives/sqlite-autoconf-3390300.tar.gz
|
|
139
|
-
# dfa055c70724cd63f0b7da6e9f53530d8da51fe021e3f864d58c7c847d590e1d ports/archives/sqlite-autoconf-3390300.tar.gz
|
|
140
|
-
#
|
|
141
|
-
# $ sha256sum ports/archives/sqlite-autoconf-3390300.tar.gz
|
|
142
|
-
# 7868fb3082be3f2cf4491c6fba6de2bddcbc293a35fefb0624ee3c13f01422b9 ports/archives/sqlite-autoconf-3390300.tar.gz
|
|
143
|
-
#
|
|
144
|
-
version: "3.39.3",
|
|
145
|
-
files: [{
|
|
146
|
-
url: "https://www.sqlite.org/2022/sqlite-autoconf-3390300.tar.gz",
|
|
147
|
-
sha256: "7868fb3082be3f2cf4491c6fba6de2bddcbc293a35fefb0624ee3c13f01422b9",
|
|
148
|
-
}],
|
|
149
|
-
}
|
|
150
|
-
}
|
|
148
|
+
# TODO: once Ruby 2.7 is no longer supported, use symbolize_names: true
|
|
149
|
+
YAML.load_file(File.join(package_root_dir, "dependencies.yml"))
|
|
151
150
|
end
|
|
152
151
|
|
|
153
152
|
def abort_could_not_find(missing)
|
|
154
153
|
abort("\nCould not find #{missing}.\nPlease visit https://github.com/sparklemotion/sqlite3-ruby for installation instructions.\n\n")
|
|
155
154
|
end
|
|
156
155
|
|
|
156
|
+
def abort_pkg_config(id)
|
|
157
|
+
abort("\nCould not configure the build properly (#{id}). Please install either the `pkg-config` utility or the `pkg-config` rubygem.\n\n")
|
|
158
|
+
end
|
|
159
|
+
|
|
157
160
|
def cross_build?
|
|
158
161
|
enable_config("cross-build")
|
|
159
162
|
end
|
|
160
163
|
|
|
164
|
+
def sqlite_source_dir
|
|
165
|
+
arg_config("--with-sqlite-source-dir")
|
|
166
|
+
end
|
|
167
|
+
|
|
161
168
|
def download
|
|
162
169
|
minimal_recipe.download
|
|
163
170
|
end
|
|
@@ -179,6 +186,9 @@ module Sqlite3
|
|
|
179
186
|
Use libsqlcipher instead of libsqlite3.
|
|
180
187
|
(Implies `--enable-system-libraries`.)
|
|
181
188
|
|
|
189
|
+
--with-sqlite-source-dir=DIRECTORY
|
|
190
|
+
(dev only) Build sqlite from the source code in DIRECTORY
|
|
191
|
+
|
|
182
192
|
--help
|
|
183
193
|
Display this message.
|
|
184
194
|
|
data/lib/sqlite3/version.rb
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sqlite3
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.5.
|
|
4
|
+
version: 1.5.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jamis Buck
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2022-
|
|
13
|
+
date: 2022-11-18 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: mini_portile2
|
|
@@ -118,6 +118,7 @@ files:
|
|
|
118
118
|
- LICENSE
|
|
119
119
|
- LICENSE-DEPENDENCIES
|
|
120
120
|
- README.md
|
|
121
|
+
- dependencies.yml
|
|
121
122
|
- ext/sqlite3/aggregator.c
|
|
122
123
|
- ext/sqlite3/aggregator.h
|
|
123
124
|
- ext/sqlite3/backup.c
|
|
@@ -144,7 +145,7 @@ files:
|
|
|
144
145
|
- lib/sqlite3/translator.rb
|
|
145
146
|
- lib/sqlite3/value.rb
|
|
146
147
|
- lib/sqlite3/version.rb
|
|
147
|
-
- ports/archives/sqlite-autoconf-
|
|
148
|
+
- ports/archives/sqlite-autoconf-3400000.tar.gz
|
|
148
149
|
- test/helper.rb
|
|
149
150
|
- test/test_backup.rb
|
|
150
151
|
- test/test_collation.rb
|
|
Binary file
|