zero-rails_openapi 1.5.5 → 1.5.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e530c334773b9ef483102a2cd2c829704ac41ab4
-  data.tar.gz: 2cabf4dc3335eeea103fbca8863c01ba46b9988a
+  metadata.gz: dec6a3ea12a29b24fa6b0ebcedb7ce02ba8e61d9
+  data.tar.gz: 05c67721c53cbdd173068f1ae9df0d629d97e3aa
 SHA512:
-  metadata.gz: 1bee517abfc870ee6cac040f9a61cc03e724e9e240fdc3aa2b4a7ce217f99ed57724d00d00b00741a1694e75cba9e4368f554cdddddad6c6d407a607a3daba96
-  data.tar.gz: 73da6d4109dc89c1e079e83dac675099f203c83b00dad28e6da023a1cb1f97344feb0bb283d25e6f0a5ceff25c033cc2d703cac2f3d95240f986d329e420b9a5
+  metadata.gz: 660c9cbc7567fa48f70fe3be7638f221a8c0be88ca3c7ea487d7d12535bc155e8a28834ea7577dfb77d1b9161eacc79a05dc702d2d23913b261512a6e6576a3e
+  data.tar.gz: 30f0533d1fcdbb05392152f9f742e31501fc196076e946485d679ecd831e280bfaacfc4a33907702c28286e32582f40bb27edadf212bca218b2b613969e793e2

data/CHANGELOG.md

@@ -2,6 +2,13 @@
 
 ## [Unreleased]
 
+## [1.5.6] - 2018/3/23 - [view diff](https://github.com/zhandao/zero-rails_openapi/compare/v1.5.5...v1.5.6)
+
+## Changed
+
+1. Update `loofah` and `rails-html-sanitizer` cause XSS vulnerability.
+2. Refactor and document DSL for Rspec (spec_dsl.rb).
+
 ## [1.5.5] - 2018/2/21 - [view diff](https://github.com/zhandao/zero-rails_openapi/compare/v1.5.4...v1.5.5)
 
 ## Added

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    zero-rails_openapi (1.5.5)
+    zero-rails_openapi (1.5.6)
       activesupport (>= 3)
       colorize (= 0.8.1)
       rails (>= 3)
@@ -52,14 +52,14 @@ GEM
     concurrent-ruby (1.0.5)
     crass (1.0.3)
     diff-lcs (1.3)
-    docile (1.1.5)
+    docile (1.3.0)
     erubi (1.7.0)
     globalid (0.4.1)
       activesupport (>= 4.2.0)
     i18n (0.9.5)
       concurrent-ruby (~> 1.0)
     json (2.1.0)
-    loofah (2.2.0)
+    loofah (2.2.2)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.0)
@@ -89,8 +89,8 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
     railties (5.1.5)
       actionpack (= 5.1.5)
       activesupport (= 5.1.5)
@@ -98,21 +98,21 @@ GEM
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rake (10.5.0)
-    rspec (3.6.0)
-      rspec-core (~> 3.6.0)
-      rspec-expectations (~> 3.6.0)
-      rspec-mocks (~> 3.6.0)
-    rspec-core (3.6.0)
-      rspec-support (~> 3.6.0)
-    rspec-expectations (3.6.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.1)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-mocks (3.6.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-support (3.6.0)
-    simplecov (0.15.1)
-      docile (~> 1.1.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.1)
+    simplecov (0.16.1)
+      docile (~> 1.1)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)

data/README.md

@@ -14,7 +14,7 @@
   I'm looking forward to your issue and PR!**
 
   If you have any questions, please read the test code first.  
-  such as [api DSL](spec/api_info_obj_spec.rb) and [schema Obj](spec/oas_objs/schema_obj_spec.rb).
+  such as [api DSL](spec/api_spec.rb) and [schema Obj](spec/oas_objs/schema_obj_spec.rb).
 
 ## Table of Contents
 

data/README_zh.md

@@ -18,7 +18,7 @@
   另外，走过路过不妨来个 star？**
   
   另外，如果对其行为表现有任何疑惑，请先阅读测试代码，这其中已表明我的大多数考量。  
-  可一读：[api DSL](spec/api_info_obj_spec.rb) 以及 [schema Obj](spec/oas_objs/schema_obj_spec.rb)。
+  可一读：[api DSL](spec/api_spec.rb) 以及 [schema Obj](spec/oas_objs/schema_obj_spec.rb)。
 
 
 ## Table of Contents

data/Rakefile

@@ -1,5 +1,5 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 

data/lib/oas_objs/callback_obj.rb

@@ -35,8 +35,8 @@ module OpenApi
       end
 
       def processed_block
-        api = ApiInfo.new.merge! parameters: [ ], requestBody: '',  responses: { }
-        api.instance_exec(&(self.block || ->{ }))
+        api = Api.new.merge! parameters: [ ], requestBody: '', responses: { }
+        api.instance_exec(&(self.block || -> { }))
         api.process_objs
         api.delete_if { |_, v| v.blank? }
       end

data/lib/oas_objs/schema_obj.rb

@@ -22,7 +22,7 @@ module OpenApi
 
       def process(options = { inside_desc: false })
         processed.merge!(processed_type)
-        reducx(enum_and_length, range, is_and_format, pattern_default_and_other, desc(options)).then_merge!
+        reducx(enum_and_length, range, format, pattern_default_and_other, desc(options)).then_merge!
       end
 
       def desc(inside_desc:)
@@ -82,7 +82,7 @@ module OpenApi
         }.keep_if &value_present
       end
 
-      def is_and_format
+      def format
         result = { is: _is }
         # `format` that generated in process_type() may be overwrote here.
         result[:format] = _format || _is if processed[:format].blank? || _format.present?
@@ -91,7 +91,7 @@ module OpenApi
 
       def pattern_default_and_other
         {
-            pattern:    _pattern.is_a?(String)? _pattern : _pattern&.inspect&.delete('/'),
+            pattern:    _pattern.is_a?(String) ? _pattern : _pattern&.inspect&.delete('/'),
             default:    _default,
             examples:   self[:examples].present? ? ExampleObj.new(self[:examples], self[:exp_by]).process : nil,
             as: _as, permit: _permit, not_permit: _npermit, req_if: _req_if, opt_if: _opt_if, blankable: _blank
@@ -122,7 +122,7 @@ module OpenApi
           aliases.each { |alias_name| self[key] = self[alias_name] if self[key].nil? }
           self[key]
         end
-        define_method "#{key}=" do |value| self[key] = value end
+        define_method("#{key}=") { |value| self[key] = value }
       end
     end
   end

data/lib/oas_objs/schema_obj_helpers.rb

@@ -36,14 +36,14 @@ module OpenApi
       end
 
       def process_range_enum_and_lth
-        self[:_enum] = str_range_toa(_enum) if _enum.is_a?(Range)
-        self[:_length] = str_range_toa(_length) if _length.is_a?(Range)
+        self[:_enum] = str_range_to_a(_enum) if _enum.is_a?(Range)
+        self[:_length] = str_range_to_a(_length) if _length.is_a?(Range)
 
         values = _enum || _value
         self._enum = Array(values) if truly_present?(values)
       end
 
-      def str_range_toa(val)
+      def str_range_to_a(val)
         val_class = val.first.class
         action = :"to_#{val_class.to_s.downcase[0]}"
         (val.first.to_s..val.last.to_s).to_a.map(&action)
@@ -55,7 +55,7 @@ module OpenApi
         #     'all_desc': :all,
         #     'one_desc': :one
         # }
-        self._enum ||= e = self[:enum!]
+        self._enum ||= (e = self[:enum!])
         return unless e.is_a? Hash
         @enum_info = e
         self._enum = e.values

data/lib/open_api/dsl.rb

@@ -1,4 +1,4 @@
-require 'open_api/dsl/api_info'
+require 'open_api/dsl/api'
 require 'open_api/dsl/components'
 
 module OpenApi
@@ -38,10 +38,10 @@ module OpenApi
         routes = ctrl_routes_list&.select { |api| api[:action_path].match?(/^#{action_path}$/) }
         return puts '    ZRO'.red + " Route mapping failed: #{@route_base}##{action}" if routes.blank?
 
-        api = ApiInfo.new(action_path, skip: Array(skip), use: Array(use))
-                     .merge! description: '', summary: summary, operationId: action, tags: [@doc_tag],
-                             parameters: [ ], requestBody: '',  responses: { },  callbacks: { },
-                             links: { }, security: [ ], servers: [ ]
+        api = Api.new(action_path, skip: Array(skip), use: Array(use))
+                 .merge! description: '', summary: summary, operationId: action, tags: [@doc_tag],
+                         parameters: [ ], requestBody: '',  responses: { },  callbacks: { },
+                         links: { }, security: [ ], servers: [ ]
         [action, :all].each { |blk_key| @zro_dry_blocks&.[](blk_key)&.each { |blk| api.instance_eval(&blk) } }
         api.param_use = api.param_skip = [ ] # `skip` and `use` only affect `api_dry`'s blocks
         api.instance_exec(&block) if block_given?

data/lib/open_api/dsl/{api_info.rb → api.rb}

@@ -2,7 +2,7 @@ require 'open_api/dsl/common_dsl'
 
 module OpenApi
   module DSL
-    class ApiInfo < Hash
+    class Api < Hash
       include DSL::CommonDSL
       include DSL::Helpers
 

data/lib/open_api/dsl/components.rb

@@ -9,7 +9,7 @@ module OpenApi
       def schema component_key, type = nil, **schema_info
         schema = process_schema_info(type, schema_info, model: component_key)
         return puts '    ZRO'.red + " Syntax Error: component schema `#{component_key}` has no type!" if schema[:illegal?]
-        self[:schemas][component_key.to_s.to_sym] = (schema[:combined] || SchemaObj.new(type = schema[:info], { })).process
+        self[:schemas][component_key.to_s.to_sym] = (schema[:combined] or SchemaObj.new(type = schema[:info], { })).process
       end
 
       arrow_enable :schema
@@ -46,7 +46,7 @@ module OpenApi
 
       arrow_enable :_request_body_agent
 
-      arrow_enable :resp # alias_method 竟然也会指向旧的方法？
+      arrow_enable :resp
       arrow_enable :response
 
       def security_scheme scheme_name, other_info# = { }

data/lib/open_api/generator.rb

@@ -3,7 +3,7 @@ require 'open_api/config'
 
 module OpenApi
   module Generator
-    extend self
+    module_function
 
     def self.included(base)
       base.extend ClassMethods

data/lib/open_api/version.rb

@@ -1,3 +1,3 @@
 module OpenApi
-  VERSION = '1.5.5'
+  VERSION = '1.5.6'
 end

data/zero-rails_openapi.gemspec

@@ -27,10 +27,10 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'simplecov'
-  
+
   spec.add_runtime_dependency 'colorize', '0.8.1'
-  spec.add_runtime_dependency 'rails', '>= 3'
   spec.add_runtime_dependency 'activesupport', '>= 3'
+  spec.add_runtime_dependency 'rails', '>= 3'
 
   # spec.post_install_message = ""
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: zero-rails_openapi
 version: !ruby/object:Gem::Version
-  version: 1.5.5
+  version: 1.5.6
 platform: ruby
 authors:
 - zhandao
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-02-21 00:00:00.000000000 Z
+date: 2018-03-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -81,7 +81,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.8.1
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -95,7 +95,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3'
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -152,7 +152,7 @@ files:
 - lib/open_api/config.rb
 - lib/open_api/config_dsl.rb
 - lib/open_api/dsl.rb
-- lib/open_api/dsl/api_info.rb
+- lib/open_api/dsl/api.rb
 - lib/open_api/dsl/common_dsl.rb
 - lib/open_api/dsl/components.rb
 - lib/open_api/dsl/helpers.rb