view_component 4.9.0 → 4.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/view_components_system_test_controller.rb +2 -0
  3. data/docs/CHANGELOG.md +10 -0
  4. data/lib/view_component/base.rb +17 -0
  5. data/lib/view_component/compiler.rb +1 -0
  6. data/lib/view_component/config.rb +4 -0
  7. data/lib/view_component/system_test_helpers.rb +1 -0
  8. data/lib/view_component/test_helpers.rb +3 -0
  9. data/lib/view_component/version.rb +1 -1
  10. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bd12f6e6a2acbb991781956cb7677076cc652b7f90519649d6d5503073feb364
4
- data.tar.gz: bd5b8a5ef52c8f88c718c534f75626a208cba7a77f2bbced2cf22fcde70a226d
3
+ metadata.gz: af6c301478d5448d3784a0dd502e0baee242ee766a48aa0a9615aa1612bd9ceb
4
+ data.tar.gz: e58be6763cb626c356f002a87d354297471eed752a912315b5fcd885f66b5652
5
5
  SHA512:
6
- metadata.gz: d580739f741633eb2db4f16a45a21ad0b23118021383395fb4435ff63a381b2fb08b800a1acb2b997f7d6e7f6d28f654e55d6a14cd261944b8820787b988751c
7
- data.tar.gz: 40592ea9f341b2cd8c11971028825e6456bf5092799f69d7cfc753443c5c6672208c102522c3ec47cfbbdf282049251800f14a8dfc6a7895c3c4e8a4b275be75
6
+ metadata.gz: 58728c661bc715b65307ecce22fcd97552be486e788be3e3fedd7f308c214ab318d5a92fdf71c43330f376b134c0c6ae4f3588f1e3685eb0796aa7fead47da8e
7
+ data.tar.gz: 845b3ffbd2fcfe4732f0970867568de978152a2fc3360b8b8b0d2038ee3dc03df0b7e0784e3cefc9b96c5cc57672fe56e5917ce7f072efd4f68c218cd843cc6d
data/app/controllers/view_components_system_test_controller.rb CHANGED
@@ -1,5 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "view_component/errors"
4
+
3
5
  class ViewComponentsSystemTestController < ActionController::Base # :nodoc:
4
6
  if Rails.env.test?
5
7
  before_action :validate_file_path
data/docs/CHANGELOG.md CHANGED
@@ -10,6 +10,16 @@ nav_order: 6
10
10
 
11
11
  ## main
12
12
 
13
+ ## 4.10.0
14
+
15
+ * Fix `NameError: uninitialized constant ViewComponent::SystemTestControllerNefariousPathError` when booting in the test environment with `eager_load = true`.
16
+
17
+ *Joel Hawksley*
18
+
19
+ * Fix yielded content rendered at wrong location when using form helpers.
20
+
21
+ *Joel Hawksley*, *Markus*
22
+
13
23
  ## 4.9.0
14
24
 
15
25
  * Fix path traversal vulnerability in `ViewComponentsSystemTestController` where sibling directories sharing a string prefix with the allowed temp directory could bypass the path containment check. The `start_with?` check has been replaced with a separator-aware prefix check, and nefarious path errors now return a 404 instead of an unhandled exception.
data/lib/view_component/base.rb CHANGED
@@ -82,6 +82,7 @@ module ViewComponent
82
82
  # so helpers, etc work as expected.
83
83
  #
84
84
  # @param view_context [ActionView::Base] The original view context.
85
+ #
85
86
  # @return [void]
86
87
  def set_original_view_context(view_context)
87
88
  # noop
@@ -278,6 +279,22 @@ module ViewComponent
278
279
  end
279
280
  end
280
281
 
282
+ # Sync @output_buffer with the view context's current output buffer before
283
+ # capturing. Form helpers create builders with @template_object pointing to
284
+ # the component. When those builders later call capture inside a partial
285
+ # (whose _run allocated a fresh OutputBuffer on the view context), the
286
+ # component's stale @output_buffer would capture from the wrong buffer.
287
+ # Temporarily switching to the view context's buffer keeps both in sync.
288
+ #
289
+ # @private
290
+ def capture(...)
291
+ old_output_buffer = @output_buffer
292
+ @output_buffer = view_context.output_buffer if view_context
293
+ super
294
+ ensure
295
+ @output_buffer = old_output_buffer
296
+ end
297
+
281
298
  # The current controller. Use sparingly as doing so introduces coupling
282
299
  # that inhibits encapsulation & reuse, often making testing difficult.
283
300
  #
data/lib/view_component/compiler.rb CHANGED
@@ -58,6 +58,7 @@ module ViewComponent
58
58
  end
59
59
 
60
60
  # @param requested_details [ActionView::TemplateDetails::Requested] i.e. locales, formats, variants
61
+ #
61
62
  # @return all matching compiled templates, in priority order based on the requested details from LookupContext
62
63
  def find_templates_for(requested_details)
63
64
  filtered_templates = @templates.select do |template|
data/lib/view_component/config.rb CHANGED
@@ -19,6 +19,7 @@ module ViewComponent
19
19
  end
20
20
 
21
21
  # @!attribute generate
22
+ #
22
23
  # @return [ActiveSupport::OrderedOptions]
23
24
  # The subset of configuration options relating to generators.
24
25
  #
@@ -95,6 +96,7 @@ module ViewComponent
95
96
  # in `spec/views/components/` rather than the default `spec/components/`.
96
97
 
97
98
  # @!attribute previews
99
+ #
98
100
  # @return [ActiveSupport::OrderedOptions]
99
101
  # The subset of configuration options relating to previews.
100
102
  #
@@ -124,6 +126,7 @@ module ViewComponent
124
126
  #
125
127
 
126
128
  # @!attribute instrumentation_enabled
129
+ #
127
130
  # @return [Boolean]
128
131
  # Whether ActiveSupport notifications are enabled.
129
132
  # Defaults to `false`.
@@ -171,6 +174,7 @@ module ViewComponent
171
174
  end
172
175
 
173
176
  # @!attribute current
177
+ #
174
178
  # @return [ViewComponent::Config]
175
179
  # Returns the current ViewComponent::Config. This is persisted against this
176
180
  # class so that config options remain accessible before the rest of
data/lib/view_component/system_test_helpers.rb CHANGED
@@ -7,6 +7,7 @@ module ViewComponent
7
7
  # Returns a block that can be used to visit the path of the inline rendered component.
8
8
  # @param fragment [Nokogiri::Fragment] The fragment returned from `render_inline`.
9
9
  # @param layout [String] The (optional) layout to use.
10
+ #
10
11
  # @return [Proc] A block that can be used to visit the path of the inline rendered component.
11
12
  def with_rendered_component_path(fragment, layout: false, &block)
12
13
  file = Tempfile.new(
data/lib/view_component/test_helpers.rb CHANGED
@@ -35,6 +35,7 @@ module ViewComponent
35
35
  # ```
36
36
  #
37
37
  # @param component [ViewComponent::Base, ViewComponent::Collection] The instance of the component to be rendered.
38
+ #
38
39
  # @return [Nokogiri::HTML5]
39
40
  def render_inline(component, **args, &block)
40
41
  @page = nil
@@ -74,7 +75,9 @@ module ViewComponent
74
75
  # @param name [String] The name of the preview to be rendered.
75
76
  # @param from [ViewComponent::Preview] The class of the preview to be rendered.
76
77
  # @param params [Hash] Parameters to be passed to the preview.
78
+ #
77
79
  # @return [Nokogiri::HTML5]
80
+ #
78
81
  # @note `#rendered_preview` expects a preview to be defined with the same class
79
82
  # name as the calling test, but with `Test` replaced with `Preview`:
80
83
  #
data/lib/view_component/version.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  module ViewComponent
4
4
  module VERSION
5
5
  MAJOR = 4
6
- MINOR = 9
6
+ MINOR = 10
7
7
  PATCH = 0
8
8
  PRE = nil
9
9
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: view_component
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.9.0
4
+ version: 4.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - ViewComponent Team