Hello community,
here is the log from the commit of package rubygem-faraday_middleware for
openSUSE:Factory checked in at 2017-09-26 21:13:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-faraday_middleware (Old)
and /work/SRC/openSUSE:Factory/.rubygem-faraday_middleware.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-faraday_middleware"
Tue Sep 26 21:13:19 2017 rev:11 rq:514935 version:0.12.2
Changes:
--------
---
/work/SRC/openSUSE:Factory/rubygem-faraday_middleware/rubygem-faraday_middleware.changes
2017-04-11 09:31:00.369070516 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-faraday_middleware.new/rubygem-faraday_middleware.changes
2017-09-26 21:13:32.365845712 +0200
@@ -1,0 +2,6 @@
+Thu Aug 3 19:13:07 UTC 2017 - co...@suse.com
+
+- updated to version 0.12.2
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
faraday_middleware-0.11.0.1.gem
New:
----
faraday_middleware-0.12.2.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-faraday_middleware.spec ++++++
--- /var/tmp/diff_new_pack.6kiJrq/_old 2017-09-26 21:13:33.057748418 +0200
+++ /var/tmp/diff_new_pack.6kiJrq/_new 2017-09-26 21:13:33.061747855 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-faraday_middleware
-Version: 0.11.0.1
+Version: 0.12.2
Release: 0
%define mod_name faraday_middleware
%define mod_full_name %{mod_name}-%{version}
++++++ faraday_middleware-0.11.0.1.gem -> faraday_middleware-0.12.2.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2017-01-23 11:08:47.000000000 +0100
+++ new/README.md 2017-08-03 17:43:53.000000000 +0200
@@ -15,7 +15,7 @@
* FaradayMiddleware::ParseXml: "multi_xml"
* FaradayMiddleware::OAuth: "simple_oauth"
* FaradayMiddleware::Mashify: "hashie"
-* FaradayMiddleware::Rashify: "rash"
+* FaradayMiddleware::Rashify: "rash_alt" (Make sure to uninstall original rash
gem to avoid conflict)
* FaradayMiddleware::Instrumentation: "activesupport"
Examples
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/caching.rb
new/lib/faraday_middleware/response/caching.rb
--- old/lib/faraday_middleware/response/caching.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/caching.rb 2017-08-03
17:43:53.000000000 +0200
@@ -27,6 +27,9 @@
# :ignore_params - String name or Array names of query params
# that should be ignored when forming the cache
# key (default: []).
+ # :write_options - Hash of settings that should be passed as the
third
+ # options parameter to the cache's #write
method. If not
+ # specified, no options parameter will be
passed.
#
# Yields if no cache is given. The block should return a cache object.
def initialize(app, cache = nil, options = {})
@@ -46,10 +49,7 @@
key = cache_key(env)
unless response = cache.read(key) and response
response = @app.call(env)
-
- if CACHEABLE_STATUS_CODES.include?(response.status)
- cache.write(key, response)
- end
+ store_response_in_cache(key, response)
end
finalize_response(response, env)
end
@@ -80,14 +80,22 @@
else
# response.status is nil at this point, any checks need to be done
inside on_complete block
@app.call(env).on_complete do |response_env|
- if CACHEABLE_STATUS_CODES.include?(response_env.status)
- cache.write(key, response_env.response)
- end
+ store_response_in_cache(key, response_env.response)
response_env
end
end
end
+ def store_response_in_cache(key, response)
+ return unless CACHEABLE_STATUS_CODES.include?(response.status)
+
+ if @options[:write_options]
+ cache.write(key, response, @options[:write_options])
+ else
+ cache.write(key, response)
+ end
+ end
+
def finalize_response(response, env)
response = response.dup if response.frozen?
env[:response] = response
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/follow_redirects.rb
new/lib/faraday_middleware/response/follow_redirects.rb
--- old/lib/faraday_middleware/response/follow_redirects.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/follow_redirects.rb 2017-08-03
17:43:53.000000000 +0200
@@ -89,7 +89,7 @@
end
def update_env(env, request_body, response)
- env[:url] += safe_escape(response['location'])
+ env[:url] += safe_escape(response['location'] || '')
if convert_to_get?(response)
env[:method] = :get
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/parse_json.rb
new/lib/faraday_middleware/response/parse_json.rb
--- old/lib/faraday_middleware/response/parse_json.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/parse_json.rb 2017-08-03
17:43:53.000000000 +0200
@@ -7,8 +7,8 @@
require 'json' unless defined?(::JSON)
end
- define_parser do |body|
- ::JSON.parse body unless body.strip.empty?
+ define_parser do |body, parser_options|
+ ::JSON.parse(body, parser_options || {}) unless body.strip.empty?
end
# Public: Override the content-type of the response with "application/json"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/parse_marshal.rb
new/lib/faraday_middleware/response/parse_marshal.rb
--- old/lib/faraday_middleware/response/parse_marshal.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/parse_marshal.rb 2017-08-03
17:43:53.000000000 +0200
@@ -4,7 +4,7 @@
# Public: Restore marshalled Ruby objects in response bodies.
class ParseMarshal < ResponseMiddleware
define_parser do |body|
- ::Marshal.load body unless body.empty?
+ ::Marshal.load(body) unless body.empty?
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/parse_xml.rb
new/lib/faraday_middleware/response/parse_xml.rb
--- old/lib/faraday_middleware/response/parse_xml.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/parse_xml.rb 2017-08-03
17:43:53.000000000 +0200
@@ -5,8 +5,8 @@
class ParseXml < ResponseMiddleware
dependency 'multi_xml'
- define_parser do |body|
- ::MultiXml.parse(body)
+ define_parser do |body, parser_options|
+ ::MultiXml.parse(body, parser_options || {})
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/parse_yaml.rb
new/lib/faraday_middleware/response/parse_yaml.rb
--- old/lib/faraday_middleware/response/parse_yaml.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/parse_yaml.rb 2017-08-03
17:43:53.000000000 +0200
@@ -3,27 +3,35 @@
module FaradayMiddleware
# Public: Parse response bodies as YAML.
#
- # Warning: this uses `YAML.load()` by default and as such is not safe against
- # code injection or DoS attacks. If you're loading resources from an
- # untrusted host or over HTTP, you should subclass this middleware and
- # redefine it to use `safe_load()` if you're using a Psych version that
- # supports it:
+ # Warning: This is not backwards compatible with versions of this middleware
prior to
+ # faraday_middleware v0.12 - prior to this version, we used YAML.load rather
than
+ # YAMl.safe_load, which exposes serious remote code execution risks - see
+ # https://github.com/ruby/psych/issues/119 for details. If you're sure you
can trust
+ # YAML you're passing, you can set up an unsafe version of this middleware
as follows:
+ #
+ # class UnsafelyParseYaml < FaradayMiddleware::ResponseMiddleware
+ # dependency do
+ # require 'yaml'
+ # end
#
- # class SafeYaml < FaradayMiddleware::ParseYaml
# define_parser do |body|
- # YAML.safe_load(body)
+ # YAML.load body
# end
# end
#
# Faraday.new(..) do |config|
- # config.use SafeYaml
+ # config.use UnsafelyParseYaml
# ...
# end
class ParseYaml < ResponseMiddleware
- dependency 'yaml'
+ dependency 'safe_yaml/load'
- define_parser do |body|
- ::YAML.load body
+ define_parser do |body, parser_options|
+ if SafeYAML::YAML_ENGINE == 'psych'
+ SafeYAML.load(body, nil, parser_options || {})
+ else
+ SafeYAML.load(body, parser_options || {})
+ end
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response/rashify.rb
new/lib/faraday_middleware/response/rashify.rb
--- old/lib/faraday_middleware/response/rashify.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response/rashify.rb 2017-08-03
17:43:53.000000000 +0200
@@ -6,7 +6,7 @@
class Rashify < Mashify
dependency do
require 'rash'
- self.mash_class = ::Hashie::Rash
+ self.mash_class = ::Hashie::Mash::Rash
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/response_middleware.rb
new/lib/faraday_middleware/response_middleware.rb
--- old/lib/faraday_middleware/response_middleware.rb 2017-01-23
11:08:47.000000000 +0100
+++ new/lib/faraday_middleware/response_middleware.rb 2017-08-03
17:43:53.000000000 +0200
@@ -23,6 +23,7 @@
def initialize(app = nil, options = {})
super(app)
@options = options
+ @parser_options = options[:parser_options]
@content_types = Array(options[:content_type])
end
@@ -47,7 +48,7 @@
def parse(body)
if self.class.parser
begin
- self.class.parser.call(body)
+ self.class.parser.call(body, @parser_options)
rescue StandardError, SyntaxError => err
raise err if err.is_a? SyntaxError and err.class.name !=
'Psych::SyntaxError'
raise Faraday::Error::ParsingError, err
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/faraday_middleware/version.rb
new/lib/faraday_middleware/version.rb
--- old/lib/faraday_middleware/version.rb 2017-01-23 11:08:47.000000000
+0100
+++ new/lib/faraday_middleware/version.rb 2017-08-03 17:43:53.000000000
+0200
@@ -1,3 +1,3 @@
module FaradayMiddleware
- VERSION = "0.11.0.1" unless defined?(FaradayMiddleware::VERSION)
+ VERSION = '0.12.2' unless defined?(FaradayMiddleware::VERSION)
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2017-01-23 11:08:47.000000000 +0100
+++ new/metadata 2017-08-03 17:43:53.000000000 +0200
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: faraday_middleware
version: !ruby/object:Gem::Version
- version: 0.11.0.1
+ version: 0.12.2
platform: ruby
authors:
- Erik Michaels-Ober
@@ -9,7 +9,7 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2017-01-23 00:00:00.000000000 Z
+date: 2017-08-03 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: faraday
@@ -83,7 +83,7 @@
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.4.5
+rubygems_version: 2.6.11
signing_key:
specification_version: 4
summary: Various middleware for Faraday
