RubyGems - unicorn-lockdown - Versions diffs - 1.2.0 → 1.3.0 - Mend

unicorn-lockdown 1.2.0 → 1.3.0

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5f259ec0943a03a9e2a80a569eea0bb121c0fac02eec20236f8882820f59d512
-  data.tar.gz: c2a19c1f58425582eb16654aadfac8d8fa2717f5265e27aaf882a49fdf9fa42d
+  metadata.gz: 1d6578be3b39fdc48fdc0acaab810ef3029bc4e3f6484ecd3585d8dbf5b11d67
+  data.tar.gz: 6e7f7ceff3497829eb86504d03c2cf243a331ced69331da2c8d18ec518366ff9
 SHA512:
-  metadata.gz: 53c95408bc17f6d1285b7d48c35ae3c42b9d327075b6829f504b40d2ebc600d87279cc66c0134f40f2457cf00ce646d2c43475e7c825abc28e564ecf57d9c130
-  data.tar.gz: d5db79ff12242b857b03b7bacc058dec630436c20a73bf3308c76008cd67cb87ce9182b4fffd7eaf606cc2404f2dac1a448bed5eae3af369a2341db1e832ad6e
+  metadata.gz: 171877502073283aaefaf6724065ea3057dca70c6bc2e84363c093c57be916421b72d631b54e52aaed2ad4a332b31ac07d8560307efda170372458f4e7d27331
+  data.tar.gz: 357794d05df3022e0511b20db4dc72b6021e176b217b085959fdf8bce4eada097dca3a41c80576c312ddd54c640329decda5a6402a09b1d3481d4a4d4bbe9bdb

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,11 @@
+= 1.3.0 (2024-05-22)
+* Eagerly require strscan to avoid issues if it is lazy loaded by rack's multipart parser (jeremyevans)
+* Avoid string literal modifications to avoid warnings on Ruby 3.4 (jeremyevans)
+* Remove X-XSS-Protection from generated nginx files, as MDN now recommends against it (jeremyevans)
 = 1.2.0 (2022-11-16)
 * Remove access_log format from generated nginx configurations (jeremyevans)

data/files/unicorn_lockdown_add.rb CHANGED Viewed

@@ -180,7 +180,6 @@ server {
     proxy_redirect    off;
     add_header X-Content-Type-Options nosniff;
     add_header X-Frame-Options deny;
-    add_header X-XSS-Protection "1; mode=block";
     try_files $uri @#{app}_unicorn;
     location @#{app}_unicorn {
         proxy_pass http://#{app}_unicorn;

data/lib/unicorn-lockdown.rb CHANGED Viewed

@@ -8,10 +8,13 @@
 require 'pledge'
 require 'unveil'
+# Eagerly require strscan, lazily loaded by rack's multipart parser
+require 'strscan'
 # Load common encodings
-"\255".force_encoding('ISO8859-1').encode('UTF-8')
-''.force_encoding('UTF-16LE')
-''.force_encoding('UTF-16BE')
+"\255".dup.force_encoding('ISO8859-1').encode('UTF-8')
+''.dup.force_encoding('UTF-16LE')
+''.dup.force_encoding('UTF-16BE')
 class Unicorn::HttpServer
   # The file name in which to store request information.

data/lib/unveiler.rb CHANGED Viewed

@@ -1,10 +1,13 @@
 require 'pledge'
 require 'unveil'
+# Eagerly require strscan, lazily loaded by rack's multipart parser
+require 'strscan'
 # Load encodings
-"\255".force_encoding('ISO8859-1').encode('UTF-8')
-''.force_encoding('UTF-16LE')
-''.force_encoding('UTF-16BE')
+"\255".dup.force_encoding('ISO8859-1').encode('UTF-8')
+''.dup.force_encoding('UTF-16LE')
+''.dup.force_encoding('UTF-16BE')
 # Don't run external diff program for failures
 Minitest::Assertions.diff = false if defined?(Minitest::Assertions)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: unicorn-lockdown
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-16 00:00:00.000000000 Z
+date: 2024-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pledge
@@ -138,7 +138,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.5.9
 signing_key:
 specification_version: 4
 summary: Helper library for running Unicorn with fork+exec/unveil/pledge on OpenBSD