April 2022 - openSUSE Commits - openSUSE Mailing Lists

commit rubygem-regexp_parser for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-regexp_parser for openSUSE:Factory checked in at 2022-04-30 22:52:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-regexp_parser (Old) and /work/SRC/openSUSE:Factory/.rubygem-regexp_parser.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-regexp_parser" Sat Apr 30 22:52:44 2022 rev:8 rq:974070 version:2.3.1 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-regexp_parser/rubygem-regexp_parser.changes 2022-02-24 18:23:37.198655872 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-regexp_parser.new.1538/rubygem-regexp_parser.changes 2022-04-30 22:52:57.820258820 +0200 @@ -1,0 +2,28 @@ +Thu Apr 28 05:45:28 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 2.3.1 + see installed CHANGELOG.md + + ## [Unreleased] + + ## [2.3.1] - 2022-04-24 - [Janosch M��ller](mailto:janosch84@gmail.com) + + ### Fixed + + - removed five inexistent unicode properties from `Syntax#features` + - these were never supported by Ruby but incorrectly accepted by the parser + - thanks to [Markus Schirp](https://github.com/mbj) for the report + + ## [2.3.0] - 2022-04-08 - [Janosch M��ller](mailto:janosch84@gmail.com) + + ### Added + + - improved parsing performance through `Syntax` refactoring + - instead of fresh `Syntax` instances, pre-loaded constants are now re-used + - this approximately doubles the parsing speed for simple regexps + - added methods to `Syntax` classes to show relative feature sets + - e.g. `Regexp::Syntax::V3_2_0.added_features` + - support for new unicode properties of Ruby 3.2 / Unicode 14.0 + + +------------------------------------------------------------------- Old: ---- regexp_parser-2.2.1.gem New: ---- regexp_parser-2.3.1.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-regexp_parser.spec ++++++ --- /var/tmp/diff_new_pack.Zr82sg/_old 2022-04-30 22:52:58.280259443 +0200 +++ /var/tmp/diff_new_pack.Zr82sg/_new 2022-04-30 22:52:58.284259448 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-regexp_parser -Version: 2.2.1 +Version: 2.3.1 Release: 0 %define mod_name regexp_parser %define mod_full_name %{mod_name}-%{version} ++++++ regexp_parser-2.2.1.gem -> regexp_parser-2.3.1.gem ++++++ ++++ 2064 lines of diff (skipped)

1 0

commit rubygem-rake-compiler for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-rake-compiler for openSUSE:Factory checked in at 2022-04-30 22:52:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-rake-compiler (Old) and /work/SRC/openSUSE:Factory/.rubygem-rake-compiler.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-rake-compiler" Sat Apr 30 22:52:43 2022 rev:25 rq:974069 version:1.2.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-rake-compiler/rubygem-rake-compiler.changes 2022-02-02 22:45:02.610055676 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-rake-compiler.new.1538/rubygem-rake-compiler.changes 2022-04-30 22:52:56.908257587 +0200 @@ -1,0 +2,13 @@ +Thu Apr 28 05:44:31 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 1.2.0 + see installed History.md + + ### 1.2.0 / 2022-04-15 + + * Enhancements: + * Defer requiring `yaml`. + [ruby/stringio#21](https://github.com/ruby/stringio/issues/21) + + +------------------------------------------------------------------- Old: ---- rake-compiler-1.1.9.gem New: ---- rake-compiler-1.2.0.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-rake-compiler.spec ++++++ --- /var/tmp/diff_new_pack.ELAnQY/_old 2022-04-30 22:52:57.416258274 +0200 +++ /var/tmp/diff_new_pack.ELAnQY/_new 2022-04-30 22:52:57.420258279 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-rake-compiler -Version: 1.1.9 +Version: 1.2.0 Release: 0 %define mod_name rake-compiler %define mod_full_name %{mod_name}-%{version} ++++++ rake-compiler-1.1.9.gem -> rake-compiler-1.2.0.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/History.md new/History.md --- old/History.md 2022-01-22 04:17:31.000000000 +0100 +++ new/History.md 2022-04-15 06:45:49.000000000 +0200 @@ -1,3 +1,9 @@ +### 1.2.0 / 2022-04-15 + +* Enhancements: + * Defer requiring `yaml`. + [ruby/stringio#21](https://github.com/ruby/stringio/issues/21) + ### 1.1.9 / 2022-01-22 * Enhancements: Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rake/baseextensiontask.rb new/lib/rake/baseextensiontask.rb --- old/lib/rake/baseextensiontask.rb 2022-01-22 04:17:31.000000000 +0100 +++ new/lib/rake/baseextensiontask.rb 2022-04-15 06:45:49.000000000 +0200 @@ -3,12 +3,6 @@ require 'rake/tasklib' require 'rbconfig' -begin - require 'psych' -rescue LoadError -end - -require 'yaml' require 'pathname' module Rake diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rake/extensiontask.rb new/lib/rake/extensiontask.rb --- old/lib/rake/extensiontask.rb 2022-01-22 04:17:31.000000000 +0100 +++ new/lib/rake/extensiontask.rb 2022-04-15 06:45:49.000000000 +0200 @@ -393,6 +393,7 @@ return end + require "yaml" config_file = YAML.load_file(config_path) # tmp_path diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2022-01-22 04:17:31.000000000 +0100 +++ new/metadata 2022-04-15 06:45:49.000000000 +0200 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: rake-compiler version: !ruby/object:Gem::Version - version: 1.1.9 + version: 1.2.0 platform: ruby authors: - Kouhei Sutou @@ -9,7 +9,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2022-01-22 00:00:00.000000000 Z +date: 2022-04-15 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: rake diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/lib/rake/extensiontask_spec.rb new/spec/lib/rake/extensiontask_spec.rb --- old/spec/lib/rake/extensiontask_spec.rb 2022-01-22 04:17:31.000000000 +0100 +++ new/spec/lib/rake/extensiontask_spec.rb 2022-04-15 06:45:49.000000000 +0200 @@ -2,6 +2,7 @@ require 'rake/extensiontask' require 'rbconfig' +require 'yaml' describe Rake::ExtensionTask do context '#new' do

1 0

commit rubygem-railties-7.0 for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-railties-7.0 for openSUSE:Factory checked in at 2022-04-30 22:52:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-railties-7.0 (Old) and /work/SRC/openSUSE:Factory/.rubygem-railties-7.0.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-railties-7.0" Sat Apr 30 22:52:42 2022 rev:3 rq:974068 version:7.0.2.4 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-railties-7.0/rubygem-railties-7.0.changes 2022-03-11 11:35:28.198211231 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-railties-7.0.new.1538/rubygem-railties-7.0.changes 2022-04-30 22:52:55.912256239 +0200 @@ -1,0 +2,12 @@ +Thu Apr 28 05:44:19 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 7.0.2.4 + see installed CHANGELOG.md + + ## Rails 7.0.2.4 (April 26, 2022) ## + + * No changes. + + + +------------------------------------------------------------------- Old: ---- railties-7.0.2.3.gem New: ---- railties-7.0.2.4.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-railties-7.0.spec ++++++ --- /var/tmp/diff_new_pack.g35Lmg/_old 2022-04-30 22:52:56.484257013 +0200 +++ /var/tmp/diff_new_pack.g35Lmg/_new 2022-04-30 22:52:56.492257023 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-railties-7.0 -Version: 7.0.2.3 +Version: 7.0.2.4 Release: 0 %define mod_name railties %define mod_full_name %{mod_name}-%{version} ++++++ railties-7.0.2.3.gem -> railties-7.0.2.4.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md 2022-03-08 18:50:12.000000000 +0100 +++ new/CHANGELOG.md 2022-04-26 21:32:50.000000000 +0200 @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rails/gem_version.rb new/lib/rails/gem_version.rb --- old/lib/rails/gem_version.rb 2022-03-08 18:50:12.000000000 +0100 +++ new/lib/rails/gem_version.rb 2022-04-26 21:32:50.000000000 +0200 @@ -10,7 +10,7 @@ MAJOR = 7 MINOR = 0 TINY = 2 - PRE = "3" + PRE = "4" STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".") end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2022-03-08 18:50:12.000000000 +0100 +++ new/metadata 2022-04-26 21:32:50.000000000 +0200 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: railties version: !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 platform: ruby authors: - David Heinemeier Hansson autorequire: bindir: exe cert_chain: [] -date: 2022-03-08 00:00:00.000000000 Z +date: 2022-04-26 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: activesupport @@ -16,28 +16,28 @@ requirements: - - '=' - !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '=' - !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 - !ruby/object:Gem::Dependency name: actionpack requirement: !ruby/object:Gem::Requirement requirements: - - '=' - !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '=' - !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 - !ruby/object:Gem::Dependency name: rake requirement: !ruby/object:Gem::Requirement @@ -100,14 +100,14 @@ requirements: - - '=' - !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - '=' - !ruby/object:Gem::Version - version: 7.0.2.3 + version: 7.0.2.4 description: 'Rails internals: application bootup, plugins, generators, and rake tasks.' email: david(a)loudthinking.com executables: @@ -422,10 +422,10 @@ - MIT metadata: bug_tracker_uri: https://github.com/rails/rails/issues - changelog_uri: https://github.com/rails/rails/blob/v7.0.2.3/railties/CHANGELOG.md - documentation_uri: https://api.rubyonrails.org/v7.0.2.3/ + changelog_uri: https://github.com/rails/rails/blob/v7.0.2.4/railties/CHANGELOG.md + documentation_uri: https://api.rubyonrails.org/v7.0.2.4/ mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk - source_code_uri: https://github.com/rails/rails/tree/v7.0.2.3/railties + source_code_uri: https://github.com/rails/rails/tree/v7.0.2.4/railties rubygems_mfa_required: 'true' post_install_message: rdoc_options:

1 0

commit rubygem-puma-4 for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-puma-4 for openSUSE:Factory checked in at 2022-04-30 22:52:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-puma-4 (Old) and /work/SRC/openSUSE:Factory/.rubygem-puma-4.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-puma-4" Sat Apr 30 22:52:41 2022 rev:5 rq:974067 version:4.3.12 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-puma-4/rubygem-puma-4.changes 2022-02-24 18:23:33.974656711 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-puma-4.new.1538/rubygem-puma-4.changes 2022-04-30 22:52:54.912254886 +0200 @@ -1,0 +2,12 @@ +Thu Apr 28 05:42:04 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 4.3.12 + see installed History.md + + ## 4.3.12 / 2022-03-30 + + * Security + * Close several HTTP Request Smuggling exploits (CVE-2022-24790) + + +------------------------------------------------------------------- Old: ---- puma-4.3.11.gem New: ---- puma-4.3.12.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-puma-4.spec ++++++ --- /var/tmp/diff_new_pack.8zta1m/_old 2022-04-30 22:52:55.420255573 +0200 +++ /var/tmp/diff_new_pack.8zta1m/_new 2022-04-30 22:52:55.424255579 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-puma-4 -Version: 4.3.11 +Version: 4.3.12 Release: 0 %define mod_name puma %define mod_full_name %{mod_name}-%{version} ++++++ puma-4.3.11.gem -> puma-4.3.12.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/History.md new/History.md --- old/History.md 1980-01-01 01:00:00.000000000 +0100 +++ new/History.md 1980-01-01 01:00:00.000000000 +0100 @@ -1,3 +1,8 @@ +## 4.3.12 / 2022-03-30 + +* Security + * Close several HTTP Request Smuggling exploits (CVE-2022-24790) + ## 4.3.11 / 2022-02-11 * Security Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ext/puma_http11/extconf.rb new/ext/puma_http11/extconf.rb --- old/ext/puma_http11/extconf.rb 1980-01-01 01:00:00.000000000 +0100 +++ new/ext/puma_http11/extconf.rb 1980-01-01 01:00:00.000000000 +0100 @@ -22,6 +22,14 @@ # with versions after 1.1.1 have_func "TLS_server_method" , "openssl/ssl.h" have_macro "SSL_CTX_set_min_proto_version", "openssl/ssl.h" + + # Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0 + if Random.respond_to?(:bytes) + $defs.push("-DHAVE_RANDOM_BYTES") + puts "checking for Random.bytes... yes" + else + puts "checking for Random.bytes... no" + end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ext/puma_http11/mini_ssl.c new/ext/puma_http11/mini_ssl.c --- old/ext/puma_http11/mini_ssl.c 1980-01-01 01:00:00.000000000 +0100 +++ new/ext/puma_http11/mini_ssl.c 1980-01-01 01:00:00.000000000 +0100 @@ -62,44 +62,65 @@ return conn; } -DH *get_dh1024() { - /* `openssl dhparam 1024 -C` +DH *get_dh2048(void) { + /* `openssl dhparam -C 2048` * -----BEGIN DH PARAMETERS----- - * MIGHAoGBALPwcEv0OstmQCZdfHw0N5r+07lmXMxkpQacy1blwj0LUqC+Divp6pBk - * usTJ9W2/dOYr1X7zi6yXNLp4oLzc/31PUL3D9q8CpGS7vPz5gijKSw9BwCTT5z9+ - * KF9v46qw8XqT5HHV87sWFlGQcVFq+pEkA2kPikkKZ/X/CCcpCAV7AgEC + * MIIBCAKCAQEAjmh1uQHdTfxOyxEbKAV30fUfzqMDF/ChPzjfyzl2jcrqQMhrk76o + * 2NPNXqxHwsddMZ1RzvU8/jl+uhRuPWjXCFZbhET4N1vrviZM3VJhV8PPHuiVOACO + * y32jFd+Szx4bo2cXSK83hJ6jRd+0asP1awWjz9/06dFkrILCXMIfQLo0D8rqmppn + * EfDDAwuudCpM9kcDmBRAm9JsKbQ6gzZWjkc5+QWSaQofojIHbjvj3xzguaCJn+oQ + * vHWM+hsAnaOgEwCyeZ3xqs+/5lwSbkE/tqJW98cEZGygBUVo9jxZRZx6KOfjpdrb + * yenO9LJr/qtyrZB31WJbqxI0m0AKTAO8UwIBAg== * -----END DH PARAMETERS----- */ - static unsigned char dh1024_p[] = { - 0xB3,0xF0,0x70,0x4B,0xF4,0x3A,0xCB,0x66,0x40,0x26,0x5D,0x7C, - 0x7C,0x34,0x37,0x9A,0xFE,0xD3,0xB9,0x66,0x5C,0xCC,0x64,0xA5, - 0x06,0x9C,0xCB,0x56,0xE5,0xC2,0x3D,0x0B,0x52,0xA0,0xBE,0x0E, - 0x2B,0xE9,0xEA,0x90,0x64,0xBA,0xC4,0xC9,0xF5,0x6D,0xBF,0x74, - 0xE6,0x2B,0xD5,0x7E,0xF3,0x8B,0xAC,0x97,0x34,0xBA,0x78,0xA0, - 0xBC,0xDC,0xFF,0x7D,0x4F,0x50,0xBD,0xC3,0xF6,0xAF,0x02,0xA4, - 0x64,0xBB,0xBC,0xFC,0xF9,0x82,0x28,0xCA,0x4B,0x0F,0x41,0xC0, - 0x24,0xD3,0xE7,0x3F,0x7E,0x28,0x5F,0x6F,0xE3,0xAA,0xB0,0xF1, - 0x7A,0x93,0xE4,0x71,0xD5,0xF3,0xBB,0x16,0x16,0x51,0x90,0x71, - 0x51,0x6A,0xFA,0x91,0x24,0x03,0x69,0x0F,0x8A,0x49,0x0A,0x67, - 0xF5,0xFF,0x08,0x27,0x29,0x08,0x05,0x7B + static unsigned char dh2048_p[] = { + 0x8E, 0x68, 0x75, 0xB9, 0x01, 0xDD, 0x4D, 0xFC, 0x4E, 0xCB, + 0x11, 0x1B, 0x28, 0x05, 0x77, 0xD1, 0xF5, 0x1F, 0xCE, 0xA3, + 0x03, 0x17, 0xF0, 0xA1, 0x3F, 0x38, 0xDF, 0xCB, 0x39, 0x76, + 0x8D, 0xCA, 0xEA, 0x40, 0xC8, 0x6B, 0x93, 0xBE, 0xA8, 0xD8, + 0xD3, 0xCD, 0x5E, 0xAC, 0x47, 0xC2, 0xC7, 0x5D, 0x31, 0x9D, + 0x51, 0xCE, 0xF5, 0x3C, 0xFE, 0x39, 0x7E, 0xBA, 0x14, 0x6E, + 0x3D, 0x68, 0xD7, 0x08, 0x56, 0x5B, 0x84, 0x44, 0xF8, 0x37, + 0x5B, 0xEB, 0xBE, 0x26, 0x4C, 0xDD, 0x52, 0x61, 0x57, 0xC3, + 0xCF, 0x1E, 0xE8, 0x95, 0x38, 0x00, 0x8E, 0xCB, 0x7D, 0xA3, + 0x15, 0xDF, 0x92, 0xCF, 0x1E, 0x1B, 0xA3, 0x67, 0x17, 0x48, + 0xAF, 0x37, 0x84, 0x9E, 0xA3, 0x45, 0xDF, 0xB4, 0x6A, 0xC3, + 0xF5, 0x6B, 0x05, 0xA3, 0xCF, 0xDF, 0xF4, 0xE9, 0xD1, 0x64, + 0xAC, 0x82, 0xC2, 0x5C, 0xC2, 0x1F, 0x40, 0xBA, 0x34, 0x0F, + 0xCA, 0xEA, 0x9A, 0x9A, 0x67, 0x11, 0xF0, 0xC3, 0x03, 0x0B, + 0xAE, 0x74, 0x2A, 0x4C, 0xF6, 0x47, 0x03, 0x98, 0x14, 0x40, + 0x9B, 0xD2, 0x6C, 0x29, 0xB4, 0x3A, 0x83, 0x36, 0x56, 0x8E, + 0x47, 0x39, 0xF9, 0x05, 0x92, 0x69, 0x0A, 0x1F, 0xA2, 0x32, + 0x07, 0x6E, 0x3B, 0xE3, 0xDF, 0x1C, 0xE0, 0xB9, 0xA0, 0x89, + 0x9F, 0xEA, 0x10, 0xBC, 0x75, 0x8C, 0xFA, 0x1B, 0x00, 0x9D, + 0xA3, 0xA0, 0x13, 0x00, 0xB2, 0x79, 0x9D, 0xF1, 0xAA, 0xCF, + 0xBF, 0xE6, 0x5C, 0x12, 0x6E, 0x41, 0x3F, 0xB6, 0xA2, 0x56, + 0xF7, 0xC7, 0x04, 0x64, 0x6C, 0xA0, 0x05, 0x45, 0x68, 0xF6, + 0x3C, 0x59, 0x45, 0x9C, 0x7A, 0x28, 0xE7, 0xE3, 0xA5, 0xDA, + 0xDB, 0xC9, 0xE9, 0xCE, 0xF4, 0xB2, 0x6B, 0xFE, 0xAB, 0x72, + 0xAD, 0x90, 0x77, 0xD5, 0x62, 0x5B, 0xAB, 0x12, 0x34, 0x9B, + 0x40, 0x0A, 0x4C, 0x03, 0xBC, 0x53 }; - static unsigned char dh1024_g[] = { 0x02 }; + static unsigned char dh2048_g[] = { 0x02 }; DH *dh; +#if !(OPENSSL_VERSION_NUMBER < 0x10100005L || defined(LIBRESSL_VERSION_NUMBER)) + BIGNUM *p, *g; +#endif + dh = DH_new(); #if OPENSSL_VERSION_NUMBER < 0x10100005L || defined(LIBRESSL_VERSION_NUMBER) - dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); - dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); + dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); + dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); if ((dh->p == NULL) || (dh->g == NULL)) { DH_free(dh); return NULL; } #else - BIGNUM *p, *g; - p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); - g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); + p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); + g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); if (p == NULL || g == NULL || !DH_set0_pqg(dh, p, NULL, g)) { DH_free(dh); @@ -139,7 +160,7 @@ } VALUE engine_init_server(VALUE self, VALUE mini_ssl_ctx) { - VALUE obj; + VALUE obj, session_id_bytes; SSL_CTX* ctx; SSL* ssl; int min, ssl_options; @@ -198,7 +219,7 @@ else { min = TLS1_VERSION; } - + SSL_CTX_set_min_proto_version(ctx, min); SSL_CTX_set_options(ctx, ssl_options); @@ -226,7 +247,21 @@ SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL@STRENGTH"); } - DH *dh = get_dh1024(); + // Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated in 3.0 + session_id_bytes = rb_funcall( +#ifdef HAVE_RANDOM_BYTES + rb_cRandom, +#else + rb_const_get(rb_cRandom, rb_intern_const("DEFAULT")), +#endif + rb_intern_const("bytes"), + 1, ULL2NUM(SSL_MAX_SSL_SESSION_ID_LENGTH)); + + SSL_CTX_set_session_id_context(ctx, + (unsigned char *) RSTRING_PTR(session_id_bytes), + SSL_MAX_SSL_SESSION_ID_LENGTH); + + DH *dh = get_dh2048(); SSL_CTX_set_tmp_dh(ctx, dh); #if OPENSSL_VERSION_NUMBER < 0x10002000L @@ -493,27 +528,27 @@ #else rb_define_const(mod, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERSION))); #endif - -#if defined(OPENSSL_NO_SSL3) || defined(OPENSSL_NO_SSL3_METHOD) - /* True if SSL3 is not available */ - rb_define_const(mod, "OPENSSL_NO_SSL3", Qtrue); -#else - rb_define_const(mod, "OPENSSL_NO_SSL3", Qfalse); -#endif - -#if defined(OPENSSL_NO_TLS1) || defined(OPENSSL_NO_TLS1_METHOD) - /* True if TLS1 is not available */ - rb_define_const(mod, "OPENSSL_NO_TLS1", Qtrue); -#else - rb_define_const(mod, "OPENSSL_NO_TLS1", Qfalse); -#endif - -#if defined(OPENSSL_NO_TLS1_1) || defined(OPENSSL_NO_TLS1_1_METHOD) - /* True if TLS1_1 is not available */ - rb_define_const(mod, "OPENSSL_NO_TLS1_1", Qtrue); -#else - rb_define_const(mod, "OPENSSL_NO_TLS1_1", Qfalse); -#endif + +#if defined(OPENSSL_NO_SSL3) || defined(OPENSSL_NO_SSL3_METHOD) + /* True if SSL3 is not available */ + rb_define_const(mod, "OPENSSL_NO_SSL3", Qtrue); +#else + rb_define_const(mod, "OPENSSL_NO_SSL3", Qfalse); +#endif + +#if defined(OPENSSL_NO_TLS1) || defined(OPENSSL_NO_TLS1_METHOD) + /* True if TLS1 is not available */ + rb_define_const(mod, "OPENSSL_NO_TLS1", Qtrue); +#else + rb_define_const(mod, "OPENSSL_NO_TLS1", Qfalse); +#endif + +#if defined(OPENSSL_NO_TLS1_1) || defined(OPENSSL_NO_TLS1_1_METHOD) + /* True if TLS1_1 is not available */ + rb_define_const(mod, "OPENSSL_NO_TLS1_1", Qtrue); +#else + rb_define_const(mod, "OPENSSL_NO_TLS1_1", Qfalse); +#endif rb_define_singleton_method(mod, "check", noop, 0); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/puma/client.rb new/lib/puma/client.rb --- old/lib/puma/client.rb 1980-01-01 01:00:00.000000000 +0100 +++ new/lib/puma/client.rb 1980-01-01 01:00:00.000000000 +0100 @@ -23,6 +23,8 @@ class ConnectionError < RuntimeError; end + class HttpParserError501 < IOError; end + # An instance of this class represents a unique request from a client. # For example, this could be a web request from a browser or from CURL. # @@ -35,7 +37,21 @@ # Instances of this class are responsible for knowing if # the header and body are fully buffered via the `try_to_finish` method. # They can be used to "time out" a response via the `timeout_at` reader. + # class Client + + # this tests all values but the last, which must be chunked + ALLOWED_TRANSFER_ENCODING = %w[compress deflate gzip].freeze + + # chunked body validation + CHUNK_SIZE_INVALID = /[^\h]/.freeze + CHUNK_VALID_ENDING = "\r\n".freeze + + # Content-Length header value validation + CONTENT_LENGTH_VALUE_INVALID = /[^\d]/.freeze + + TE_ERR_MSG = 'Invalid Transfer-Encoding' + # The object used for a request with no body. All requests with # no body share this one object since it has no state. EmptyBody = NullIO.new @@ -284,16 +300,27 @@ body = @parser.body te = @env[TRANSFER_ENCODING2] - if te - if te.include?(",") - te.split(",").each do |part| - if CHUNKED.casecmp(part.strip) == 0 - return setup_chunked_body(body) - end + te_lwr = te.downcase + if te.include? ',' + te_ary = te_lwr.split ',' + te_count = te_ary.count CHUNKED + te_valid = te_ary[0..-2].all? { |e| ALLOWED_TRANSFER_ENCODING.include? e } + if te_ary.last == CHUNKED && te_count == 1 && te_valid + @env.delete TRANSFER_ENCODING2 + return setup_chunked_body body + elsif te_count >= 1 + raise HttpParserError , "#{TE_ERR_MSG}, multiple chunked: '#{te}'" + elsif !te_valid + raise HttpParserError501, "#{TE_ERR_MSG}, unknown value: '#{te}'" end - elsif CHUNKED.casecmp(te) == 0 - return setup_chunked_body(body) + elsif te_lwr == CHUNKED + @env.delete TRANSFER_ENCODING2 + return setup_chunked_body body + elsif ALLOWED_TRANSFER_ENCODING.include? te_lwr + raise HttpParserError , "#{TE_ERR_MSG}, single value must be chunked: '#{te}'" + else + raise HttpParserError501 , "#{TE_ERR_MSG}, unknown value: '#{te}'" end end @@ -301,7 +328,12 @@ cl = @env[CONTENT_LENGTH] - unless cl + if cl + # cannot contain characters that are not \d + if cl =~ CONTENT_LENGTH_VALUE_INVALID + raise HttpParserError, "Invalid Content-Length: #{cl.inspect}" + end + else @buffer = body.empty? ? nil : body @body = EmptyBody set_ready @@ -450,7 +482,13 @@ while !io.eof? line = io.gets if line.end_with?("\r\n") - len = line.strip.to_i(16) + # Puma doesn't process chunk extensions, but should parse if they're + # present, which is the reason for the semicolon regex + chunk_hex = line.strip[/\A[^;]+/] + if chunk_hex =~ CHUNK_SIZE_INVALID + raise HttpParserError, "Invalid chunk size: '#{chunk_hex}'" + end + len = chunk_hex.to_i(16) if len == 0 @in_last_chunk = true @body.rewind @@ -481,7 +519,12 @@ case when got == len - write_chunk(part[0..-3]) # to skip the ending \r\n + # proper chunked segment must end with "\r\n" + if part.end_with? CHUNK_VALID_ENDING + write_chunk(part[0..-3]) # to skip the ending \r\n + else + raise HttpParserError, "Chunk size mismatch" + end when got <= len - 2 write_chunk(part) @partial_part_left = len - part.size diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/puma/const.rb new/lib/puma/const.rb --- old/lib/puma/const.rb 1980-01-01 01:00:00.000000000 +0100 +++ new/lib/puma/const.rb 1980-01-01 01:00:00.000000000 +0100 @@ -76,7 +76,7 @@ 508 => 'Loop Detected', 510 => 'Not Extended', 511 => 'Network Authentication Required' - } + }.freeze # For some HTTP status codes the client only expects headers. # @@ -85,7 +85,7 @@ 204 => true, 205 => true, 304 => true - } + }.freeze # Frequently used constants when constructing requests or responses. Many times # the constant just refers to a string with the same contents. Using these constants @@ -100,7 +100,7 @@ # too taxing on performance. module Const - PUMA_VERSION = VERSION = "4.3.11".freeze + PUMA_VERSION = VERSION = "4.3.12".freeze CODE_NAME = "Mysterious Traveller".freeze PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze @@ -144,9 +144,11 @@ 408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n".freeze, # Indicate that there was an internal error, obviously. 500 => "HTTP/1.1 500 Internal Server Error\r\n\r\n".freeze, + # Incorrect or invalid header value + 501 => "HTTP/1.1 501 Not Implemented\r\n\r\n".freeze, # A common header for indicating the server is too busy. Not used yet. 503 => "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze - } + }.freeze # The basic max request size we'll try to read. CHUNK_SIZE = 16 * 1024 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/puma/server.rb new/lib/puma/server.rb --- old/lib/puma/server.rb 1980-01-01 01:00:00.000000000 +0100 +++ new/lib/puma/server.rb 1980-01-01 01:00:00.000000000 +0100 @@ -321,6 +321,10 @@ client.close @events.parse_error self, client.env, e + rescue HttpParserError501 => e + client.write_error(501) + client.close + @events.parse_error self, client.env, e rescue ConnectionError, EOFError client.close else @@ -530,7 +534,12 @@ client.write_error(400) @events.parse_error self, client.env, e + rescue HttpParserError501 => e + lowlevel_error(e, client.env) + client.write_error(501) + + @events.parse_error self, client.env, e # Server error rescue StandardError => e lowlevel_error(e, client.env) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 1980-01-01 01:00:00.000000000 +0100 +++ new/metadata 1980-01-01 01:00:00.000000000 +0100 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: puma version: !ruby/object:Gem::Version - version: 4.3.11 + version: 4.3.12 platform: ruby authors: - Evan Phoenix

1 0

commit rubygem-pg for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-pg for openSUSE:Factory checked in at 2022-04-30 22:52:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-pg (Old) and /work/SRC/openSUSE:Factory/.rubygem-pg.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-pg" Sat Apr 30 22:52:40 2022 rev:41 rq:974065 version:1.3.5 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-pg/rubygem-pg.changes 2022-03-13 20:25:50.539702998 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-pg.new.1538/rubygem-pg.changes 2022-04-30 22:52:53.272252667 +0200 @@ -1,0 +2,26 @@ +Thu Apr 28 05:41:21 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 1.3.5 + see installed History.rdoc + + == v1.3.5 [2022-03-31] Lars Kanis <lars(a)greiz-reinsdorf.de> + + Bugfixes: + + - Handle PGRES_COMMAND_OK in pgresult_stream_any. #447 + Fixes usage when trying to stream the result of a procedure call that returns no results. + + Enhancements: + + - Rename BasicTypeRegistry#define_default_types to #register_default_types to use a more consistent terminology. + Keeping define_default_types for compatibility. + - BasicTypeRegistry: return self instead of objects by accident. + This allows call chaining. + - Add some April fun. #449 + + Documentation: + - Refine documentation of conn.socket_io and conn.connect_poll + + + +------------------------------------------------------------------- Old: ---- pg-1.3.4.gem New: ---- pg-1.3.5.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-pg.spec ++++++ --- /var/tmp/diff_new_pack.hwXbit/_old 2022-04-30 22:52:53.796253376 +0200 +++ /var/tmp/diff_new_pack.hwXbit/_new 2022-04-30 22:52:53.800253381 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-pg -Version: 1.3.4 +Version: 1.3.5 Release: 0 %define mod_name pg %define mod_full_name %{mod_name}-%{version} @@ -33,7 +33,7 @@ BuildRequires: postgresql-devel # /MANUAL BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: %{rubydevel >= 2.2} +BuildRequires: %{rubydevel >= 2.5} BuildRequires: %{rubygem gem2rpm} BuildRequires: %{rubygem rdoc > 3.10} BuildRequires: ruby-macros >= 5 @@ -46,27 +46,10 @@ Group: Development/Languages/Ruby %description -Pg is the Ruby interface to the {PostgreSQL -RDBMS}[http://www.postgresql.org/]. -It works with {PostgreSQL 9.2 and -later}[http://www.postgresql.org/support/versioning/]. -A small example usage: -#!/usr/bin/env ruby -require 'pg' -# Output a table of current connections to the DB -conn = PG.connect( dbname: 'sales' ) -conn.exec( "SELECT * FROM pg_stat_activity" ) do |result| -puts " PID | User | Query" -result.each do |row| -puts " %7d | %-16s | %s " % -row.values_at('procpid', 'usename', 'current_query') -end -end. +Pg is the Ruby interface to the PostgreSQL RDBMS. It works with PostgreSQL 9.3 +and later. %prep -%gem_unpack -find -type f -print0 | xargs -0 touch -r %{S:0} -%gem_build %build ++++++ pg-1.3.4.gem -> pg-1.3.5.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/History.rdoc new/History.rdoc --- old/History.rdoc 2022-03-10 14:56:37.000000000 +0100 +++ new/History.rdoc 2022-03-31 14:39:47.000000000 +0200 @@ -1,3 +1,22 @@ +== v1.3.5 [2022-03-31] Lars Kanis <lars(a)greiz-reinsdorf.de> + +Bugfixes: + +- Handle PGRES_COMMAND_OK in pgresult_stream_any. #447 + Fixes usage when trying to stream the result of a procedure call that returns no results. + +Enhancements: + +- Rename BasicTypeRegistry#define_default_types to #register_default_types to use a more consistent terminology. + Keeping define_default_types for compatibility. +- BasicTypeRegistry: return self instead of objects by accident. + This allows call chaining. +- Add some April fun. #449 + +Documentation: +- Refine documentation of conn.socket_io and conn.connect_poll + + == v1.3.4 [2022-03-10] Lars Kanis <lars(a)greiz-reinsdorf.de> Bugfixes: Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ Binary files old/checksums.yaml.gz.sig and new/checksums.yaml.gz.sig differ Binary files old/data.tar.gz.sig and new/data.tar.gz.sig differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ext/extconf.rb new/ext/extconf.rb --- old/ext/extconf.rb 2022-03-10 14:56:37.000000000 +0100 +++ new/ext/extconf.rb 2022-03-31 14:39:47.000000000 +0200 @@ -1,3 +1,5 @@ +# -*- encoding: utf-8 -*- + require 'pp' require 'mkmf' @@ -167,3 +169,32 @@ create_header() create_makefile( "pg_ext" ) + +def message!(important_message) + message important_message + if !$stdout.tty? && File.chardev?('/dev/tty') + File.open('/dev/tty', 'w') do |tty| + tty.print important_message + end + end +rescue +end + +if "2022-04-01" == Time.now.strftime("%Y-%m-%d") + message! <<-EOM +=================================================================== +HEADS UP! Prepare for pg-1.4.2022 ! �� + +Now that psycopg3 has most of the features of ruby-pg, we plan to +switch to using it as our foundation for the next pg release. +It will run through pycall and requires a working python setup. +This will minimize our development and maintenance efforts, since +it allows us to use one and the same code base for both programming +languages - ruby and python. �� + +And we follow the recent merge of the Django and Rails teams! �� + +Stay up-to-date at https://github.com/ged/ruby-pg/issues/449 +=================================================================== +EOM +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ext/pg_connection.c new/ext/pg_connection.c --- old/ext/pg_connection.c 2022-03-10 14:56:37.000000000 +0100 +++ new/ext/pg_connection.c 2022-03-31 14:39:47.000000000 +0200 @@ -450,17 +450,18 @@ * the asynchronous connection is ready * * Example: - * conn = PG::Connection.connect_start("dbname=mydatabase") - * socket = conn.socket_io + * require "io/wait" + * + * conn = PG::Connection.connect_start(dbname: 'mydatabase') * status = conn.connect_poll * while(status != PG::PGRES_POLLING_OK) do * # do some work while waiting for the connection to complete * if(status == PG::PGRES_POLLING_READING) - * if(not select([socket], [], [], 10.0)) + * unless conn.socket_io.wait_readable(10.0) * raise "Asynchronous connection timed out!" * end * elsif(status == PG::PGRES_POLLING_WRITING) - * if(not select([], [socket], [], 10.0)) + * unless conn.socket_io.wait_writable(10.0) * raise "Asynchronous connection timed out!" * end * end @@ -818,13 +819,15 @@ * call-seq: * conn.socket_io() -> IO * - * Fetch a memorized IO object created from the Connection's underlying socket. - * This object can be used for IO.select to wait for events while running - * asynchronous API calls. - * - * Using this instead of #socket avoids the problem of the underlying connection - * being closed by Ruby when an IO created using <tt>IO.for_fd(conn.socket)</tt> - * goes out of scope. In contrast to #socket, it also works on Windows. + * Fetch an IO object created from the Connection's underlying socket. + * This object can be used per <tt>socket_io.wait_readable</tt>, <tt>socket_io.wait_writable</tt> or for <tt>IO.select</tt> to wait for events while running asynchronous API calls. + * <tt>IO#wait_*able</tt> is is <tt>Fiber.scheduler</tt> compatible in contrast to <tt>IO.select</tt>. + * + * The IO object can change while the connection is established, but is memorized afterwards. + * So be sure not to cache the IO object, but repeat calling <tt>conn.socket_io</tt> instead. + * + * Using this method also works on Windows in contrast to using #socket . + * It also avoids the problem of the underlying connection being closed by Ruby when an IO created using <tt>IO.for_fd(conn.socket)</tt> goes out of scope. */ static VALUE pgconn_socket_io(VALUE self) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ext/pg_record_coder.c new/ext/pg_record_coder.c --- old/ext/pg_record_coder.c 2022-03-10 14:56:37.000000000 +0100 +++ new/ext/pg_record_coder.c 2022-03-31 14:39:47.000000000 +0200 @@ -344,10 +344,12 @@ * oids = conn.exec( "SELECT (NULL::complex).*" ) * # Build a type map (PG::TypeMapByColumn) for decoding the "complex" type * dtm = PG::BasicTypeMapForResults.new(conn).build_column_map( oids ) - * # Register a record decoder for decoding our type "complex" - * PG::BasicTypeRegistry.register_coder(PG::TextDecoder::Record.new(type_map: dtm, name: "complex")) - * # Apply the basic type registry to all results retrieved from the server - * conn.type_map_for_results = PG::BasicTypeMapForResults.new(conn) + * # Build a type map and populate with basic types + * btr = PG::BasicTypeRegistry.new.register_default_types + * # Register a new record decoder for decoding our type "complex" + * btr.register_coder(PG::TextDecoder::Record.new(type_map: dtm, name: "complex")) + * # Apply our basic type registry to all results retrieved from the server + * conn.type_map_for_results = PG::BasicTypeMapForResults.new(conn, registry: btr) * # Now queries decode the "complex" type (and many basic types) automatically * conn.exec("SELECT * FROM my_table").to_a * # => [{"v1"=>[2.0, 3.0], "v2"=>[4.0, 5.0]}, {"v1"=>[6.0, 7.0], "v2"=>[8.0, 9.0]}] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ext/pg_result.c new/ext/pg_result.c --- old/ext/pg_result.c 2022-03-10 14:56:37.000000000 +0100 +++ new/ext/pg_result.c 2022-03-31 14:39:47.000000000 +0200 @@ -1457,6 +1457,7 @@ switch( PQresultStatus(pgresult) ){ case PGRES_TUPLES_OK: + case PGRES_COMMAND_OK: if( ntuples == 0 ) return self; rb_raise( rb_eInvalidResultStatus, "PG::Result is not in single row mode"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/pg/basic_type_registry.rb new/lib/pg/basic_type_registry.rb --- old/lib/pg/basic_type_registry.rb 2022-03-10 14:56:37.000000000 +0100 +++ new/lib/pg/basic_type_registry.rb 2022-03-31 14:39:47.000000000 +0200 @@ -22,7 +22,7 @@ # end # # conn = PG.connect -# regi = PG::BasicTypeRegistry.new.define_default_types +# regi = PG::BasicTypeRegistry.new.register_default_types # regi.register_type(0, 'inet', InetEncoder, InetDecoder) # conn.type_map_for_results = PG::BasicTypeMapForResults.new(conn, registry: regi) class PG::BasicTypeRegistry @@ -184,6 +184,7 @@ name = coder.name || raise(ArgumentError, "name of #{coder.inspect} must be defined") h[:encoder][name] = coder if coder.respond_to?(:encode) h[:decoder][name] = coder if coder.respond_to?(:decode) + self end # Register the given +encoder_class+ and/or +decoder_class+ for casting a PostgreSQL type. @@ -193,6 +194,7 @@ def register_type(format, name, encoder_class, decoder_class) register_coder(encoder_class.new(name: name, format: format)) if encoder_class register_coder(decoder_class.new(name: name, format: format)) if decoder_class + self end # Alias the +old+ type to the +new+ type. @@ -205,10 +207,11 @@ @coders_by_name[format][ende].delete(new) end end + self end # Populate the registry with all builtin types of ruby-pg - def define_default_types + def register_default_types register_type 0, 'int2', PG::TextEncoder::Integer, PG::TextDecoder::Integer alias_type 0, 'int4', 'int2' alias_type 0, 'int8', 'int2' @@ -281,8 +284,10 @@ self end + alias define_default_types register_default_types + # @private - DEFAULT_TYPE_REGISTRY = PG::BasicTypeRegistry.new.define_default_types + DEFAULT_TYPE_REGISTRY = PG::BasicTypeRegistry.new.register_default_types # Delegate class method calls to DEFAULT_TYPE_REGISTRY class << self diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/pg/version.rb new/lib/pg/version.rb --- old/lib/pg/version.rb 2022-03-10 14:56:37.000000000 +0100 +++ new/lib/pg/version.rb 2022-03-31 14:39:47.000000000 +0200 @@ -1,4 +1,4 @@ module PG # Library version - VERSION = '1.3.4' + VERSION = '1.3.5' end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2022-03-10 14:56:37.000000000 +0100 +++ new/metadata 2022-03-31 14:39:47.000000000 +0200 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: pg version: !ruby/object:Gem::Version - version: 1.3.4 + version: 1.3.5 platform: ruby authors: - Michael Granger @@ -36,7 +36,7 @@ oL1mUdzB8KrZL4/WbG5YNX6UTtJbIOu9qEFbBAy4/jtIkJX+dlNoFwd4GXQW1YNO nA== -----END CERTIFICATE----- -date: 2022-03-10 00:00:00.000000000 Z +date: 2022-03-31 00:00:00.000000000 Z dependencies: [] description: Pg is the Ruby interface to the PostgreSQL RDBMS. It works with PostgreSQL 9.3 and later. Binary files old/metadata.gz.sig and new/metadata.gz.sig differ

1 0

commit rubygem-passenger for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-passenger for openSUSE:Factory checked in at 2022-04-30 22:52:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-passenger (Old) and /work/SRC/openSUSE:Factory/.rubygem-passenger.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-passenger" Sat Apr 30 22:52:38 2022 rev:14 rq:974064 version:6.0.13 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-passenger/rubygem-passenger.changes 2021-12-25 20:17:14.985279105 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-passenger.new.1538/rubygem-passenger.changes 2022-04-30 22:52:52.248251282 +0200 @@ -1,0 +2,7 @@ +Thu Apr 28 05:40:53 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 6.0.13 + see installed CHANGELOG + + +------------------------------------------------------------------- Old: ---- passenger-6.0.12.gem New: ---- passenger-6.0.13.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-passenger.spec ++++++ --- /var/tmp/diff_new_pack.1PuM9n/_old 2022-04-30 22:52:52.772251991 +0200 +++ /var/tmp/diff_new_pack.1PuM9n/_new 2022-04-30 22:52:52.780252001 +0200 @@ -1,7 +1,7 @@ # # spec file for package rubygem-passenger # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-passenger -Version: 6.0.12 +Version: 6.0.13 Release: 0 %define mod_name passenger %define mod_full_name %{mod_name}-%{version} @@ -80,7 +80,7 @@ Patch1: 0002-fix-shebangs.patch # /MANUAL Summary: A fast and robust web server and application server for Ruby, Python -License: MIT AND GPL-2.0-only +License: GPL-2.0-only AND MIT Group: Development/Languages/Ruby PreReq: update-alternatives @@ -212,13 +212,14 @@ Group: Development/Languages/Ruby Supplements: packageand(apache2:rubygem-passenger) -# Requires: rubygem-passenger = 6.0.12 +# Requires: rubygem-passenger = 6.0.13 %description apache2 A modern web server and application server for Ruby, Python and Node.js, optimized for performance, low memory usage and ease of use. This package holds the apache2 sub package for passenger + %files apache2 %defattr(-,root,root,-) %config(noreplace) %{apache_sysconfdir}/conf.d/mod_passenger.conf @@ -232,13 +233,14 @@ Group: Development/Languages/Ruby Supplements: packageand(nginx:rubygem-passenger) -# Requires: rubygem-passenger = 6.0.12 +# Requires: rubygem-passenger = 6.0.13 %description nginx A modern web server and application server for Ruby, Python and Node.js, optimized for performance, low memory usage and ease of use. This package holds the nginx sub package for passenger + %files nginx %defattr(-,root,root,-) %dir /etc/nginx/ ++++++ passenger-6.0.12.gem -> passenger-6.0.13.gem ++++++ /work/SRC/openSUSE:Factory/rubygem-passenger/passenger-6.0.12.gem /work/SRC/openSUSE:Factory/.rubygem-passenger.new.1538/passenger-6.0.13.gem differ: char 134, line 1

1 0

commit rubygem-parser for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-parser for openSUSE:Factory checked in at 2022-04-30 22:52:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-parser (Old) and /work/SRC/openSUSE:Factory/.rubygem-parser.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-parser" Sat Apr 30 22:52:37 2022 rev:14 rq:974063 version:3.1.2.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-parser/rubygem-parser.changes 2022-03-07 17:49:04.163082966 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-parser.new.1538/rubygem-parser.changes 2022-04-30 22:52:51.196249859 +0200 @@ -1,0 +2,6 @@ +Thu Apr 28 05:40:35 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 3.1.2.0 + no changelog found + +------------------------------------------------------------------- Old: ---- parser-3.1.1.0.gem New: ---- parser-3.1.2.0.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-parser.spec ++++++ --- /var/tmp/diff_new_pack.3woSQ5/_old 2022-04-30 22:52:51.760250621 +0200 +++ /var/tmp/diff_new_pack.3woSQ5/_new 2022-04-30 22:52:51.764250627 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-parser -Version: 3.1.1.0 +Version: 3.1.2.0 Release: 0 %define mod_name parser %define mod_full_name %{mod_name}-%{version} ++++++ parser-3.1.1.0.gem -> parser-3.1.2.0.gem ++++++ Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/parser/current.rb new/lib/parser/current.rb --- old/lib/parser/current.rb 2022-02-21 16:49:14.000000000 +0100 +++ new/lib/parser/current.rb 2022-04-12 19:22:23.000000000 +0200 @@ -66,7 +66,7 @@ CurrentRuby = Ruby25 when /^2\.6\./ - current_version = '2.6.9' + current_version = '2.6.10' if RUBY_VERSION != current_version warn_syntax_deviation 'parser/ruby26', current_version end @@ -75,7 +75,7 @@ CurrentRuby = Ruby26 when /^2\.7\./ - current_version = '2.7.5' + current_version = '2.7.6' if RUBY_VERSION != current_version warn_syntax_deviation 'parser/ruby27', current_version end @@ -84,7 +84,7 @@ CurrentRuby = Ruby27 when /^3\.0\./ - current_version = '3.0.3' + current_version = '3.0.4' if RUBY_VERSION != current_version warn_syntax_deviation 'parser/ruby30', current_version end @@ -93,7 +93,7 @@ CurrentRuby = Ruby30 when /^3\.1\./ - current_version = '3.1.1' + current_version = '3.1.2' if RUBY_VERSION != current_version warn_syntax_deviation 'parser/ruby31', current_version end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/parser/ruby32.rb new/lib/parser/ruby32.rb --- old/lib/parser/ruby32.rb 2022-02-21 16:49:14.000000000 +0100 +++ new/lib/parser/ruby32.rb 2022-04-12 19:22:23.000000000 +0200 @@ -3282,7 +3282,7 @@ 1, 346, :_reduce_521, 2, 348, :_reduce_522, 1, 342, :_reduce_none, - 1, 342, :_reduce_none, + 1, 342, :_reduce_524, 1, 332, :_reduce_none, 3, 332, :_reduce_526, 3, 332, :_reduce_527, @@ -7122,14 +7122,18 @@ end def _reduce_522(val, _values, result) - result = [ @builder.match_nil_pattern(val[0], val[1]) ] + result = val result end # reduce 523 omitted -# reduce 524 omitted +def _reduce_524(val, _values, result) + result = [ @builder.match_nil_pattern(val[0][0], val[0][1]) ] + + result +end # reduce 525 omitted @@ -8073,7 +8077,7 @@ # reduce 683 omitted def _reduce_684(val, _values, result) - result = [ @builder.kwnilarg(val[0], val[1]) ] + result = [ @builder.kwnilarg(val[0][0], val[0][1]) ] result end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/parser/version.rb new/lib/parser/version.rb --- old/lib/parser/version.rb 2022-02-21 16:49:14.000000000 +0100 +++ new/lib/parser/version.rb 2022-04-12 19:22:23.000000000 +0200 @@ -1,5 +1,5 @@ # frozen_string_literal: true module Parser - VERSION = '3.1.1.0' + VERSION = '3.1.2.0' end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2022-02-21 16:49:14.000000000 +0100 +++ new/metadata 2022-04-12 19:22:23.000000000 +0200 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: parser version: !ruby/object:Gem::Version - version: 3.1.1.0 + version: 3.1.2.0 platform: ruby authors: - whitequark autorequire: bindir: bin cert_chain: [] -date: 2022-02-21 00:00:00.000000000 Z +date: 2022-04-12 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: ast @@ -246,9 +246,9 @@ - MIT metadata: bug_tracker_uri: https://github.com/whitequark/parser/issues - changelog_uri: https://github.com/whitequark/parser/blob/v3.1.1.0/CHANGELOG.md - documentation_uri: https://www.rubydoc.info/gems/parser/3.1.1.0 - source_code_uri: https://github.com/whitequark/parser/tree/v3.1.1.0 + changelog_uri: https://github.com/whitequark/parser/blob/v3.1.2.0/CHANGELOG.md + documentation_uri: https://www.rubydoc.info/gems/parser/3.1.2.0 + source_code_uri: https://github.com/whitequark/parser/tree/v3.1.2.0 post_install_message: rdoc_options: [] require_paths:

1 0

commit rubygem-omniauth-google-oauth2 for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-omniauth-google-oauth2 for openSUSE:Factory checked in at 2022-04-30 22:52:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-omniauth-google-oauth2 (Old) and /work/SRC/openSUSE:Factory/.rubygem-omniauth-google-oauth2.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-omniauth-google-oauth2" Sat Apr 30 22:52:37 2022 rev:10 rq:974060 version:1.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-omniauth-google-oauth2/rubygem-omniauth-google-oauth2.changes 2021-07-02 13:28:43.244176965 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-omniauth-google-oauth2.new.1538/rubygem-omniauth-google-oauth2.changes 2022-04-30 22:52:50.164248462 +0200 @@ -1,0 +2,22 @@ +Thu Apr 28 05:39:14 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 1.0.1 + see installed CHANGELOG.md + + ## 1.0.1 - 2022-03-10 + + ### Added + - Output granted scopes in credentials block of the auth hash. + - Migrated to GitHub actions. + + ### Deprecated + - Nothing. + + ### Removed + - Nothing. + + ### Fixed + - Overriding the `redirect_uri` via params or JSON request body. + + +------------------------------------------------------------------- Old: ---- omniauth-google-oauth2-1.0.0.gem New: ---- omniauth-google-oauth2-1.0.1.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-omniauth-google-oauth2.spec ++++++ --- /var/tmp/diff_new_pack.8Zp5Zi/_old 2022-04-30 22:52:50.780249296 +0200 +++ /var/tmp/diff_new_pack.8Zp5Zi/_new 2022-04-30 22:52:50.784249301 +0200 @@ -1,7 +1,7 @@ # # spec file for package rubygem-omniauth-google-oauth2 # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-omniauth-google-oauth2 -Version: 1.0.0 +Version: 1.0.1 Release: 0 %define mod_name omniauth-google-oauth2 %define mod_full_name %{mod_name}-%{version} ++++++ omniauth-google-oauth2-1.0.0.gem -> omniauth-google-oauth2-1.0.1.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.github/workflows/ci.yml new/.github/workflows/ci.yml --- old/.github/workflows/ci.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/.github/workflows/ci.yml 2022-03-11 03:54:09.000000000 +0100 @@ -0,0 +1,21 @@ +name: CI + +on: [push, pull_request] + +jobs: + test: + runs-on: ubuntu-latest + strategy: + matrix: + ruby-version: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0', '3.1'] + + steps: + - uses: actions/checkout@v2 + - name: Set up Ruby ${{ matrix.ruby-version }} + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby-version }} + bundler-cache: true # 'bundle install' and cache + - name: Run specs + run: | + bundle exec rake diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.travis.yml new/.travis.yml --- old/.travis.yml 2021-03-15 05:08:01.000000000 +0100 +++ new/.travis.yml 2022-03-11 03:54:09.000000000 +0100 @@ -1,6 +1,9 @@ language: ruby cache: bundler rvm: - - '2.3.4' - - '2.4.1' - - '2.5.0' + - '2.3.8' + - '2.4.10' + - '2.5.8' + - '2.6.6' + - '2.7.2' + - '3.0.0' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md 2021-03-15 05:08:01.000000000 +0100 +++ new/CHANGELOG.md 2022-03-11 03:54:09.000000000 +0100 @@ -1,6 +1,21 @@ # Changelog All notable changes to this project will be documented in this file. +## 1.0.1 - 2022-03-10 + +### Added +- Output granted scopes in credentials block of the auth hash. +- Migrated to GitHub actions. + +### Deprecated +- Nothing. + +### Removed +- Nothing. + +### Fixed +- Overriding the `redirect_uri` via params or JSON request body. + ## 1.0.0 - 2021-03-14 ### Added @@ -10,7 +25,7 @@ - Nothing. ### Removed -- Support for Omniauth 1.x +- Support for Omniauth 1.x. ### Fixed - Nothing. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-03-15 05:08:01.000000000 +0100 +++ new/README.md 2022-03-11 03:54:09.000000000 +0100 @@ -1,5 +1,4 @@ [![Gem Version](https://badge.fury.io/rb/omniauth-google-oauth2.svg)](https://badge.fury.io/rb/omniauth-google-oauth2) -[![Build Status](https://travis-ci.org/zquestz/omniauth-google-oauth2.svg)](https://… # OmniAuth Google OAuth2 Strategy @@ -34,6 +33,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET'] end +OmniAuth.config.allowed_request_methods = %i[get] ``` You can now access the OmniAuth Google OAuth2 URL: `/auth/google_oauth2` @@ -217,6 +217,10 @@ For your views you can login using: ```erb +<%# omniauth-google-oauth2 1.0.x uses OmniAuth 2 and requires using HTTP Post to initiate authentication: %> +<%= link_to "Sign in with Google", user_google_oauth2_omniauth_authorize_path, method: :post %> + +<%# omniauth-google-oauth2 prior 1.0.0: %> <%= link_to "Sign in with Google", user_google_oauth2_omniauth_authorize_path %> <%# Devise prior 4.1.0: %> Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/examples/Gemfile new/examples/Gemfile --- old/examples/Gemfile 2021-03-15 05:08:01.000000000 +0100 +++ new/examples/Gemfile 2022-03-11 03:54:09.000000000 +0100 @@ -5,3 +5,4 @@ gem 'omniauth-google-oauth2', '~> 0.8.1' gem 'rubocop' gem 'sinatra', '~> 1.4' +gem 'webrick' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/omniauth/google_oauth2/version.rb new/lib/omniauth/google_oauth2/version.rb --- old/lib/omniauth/google_oauth2/version.rb 2021-03-15 05:08:01.000000000 +0100 +++ new/lib/omniauth/google_oauth2/version.rb 2022-03-11 03:54:09.000000000 +0100 @@ -2,6 +2,6 @@ module OmniAuth module GoogleOauth2 - VERSION = '1.0.0' + VERSION = '1.0.1' end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/omniauth/strategies/google_oauth2.rb new/lib/omniauth/strategies/google_oauth2.rb --- old/lib/omniauth/strategies/google_oauth2.rb 2021-03-15 05:08:01.000000000 +0100 +++ new/lib/omniauth/strategies/google_oauth2.rb 2022-03-11 03:54:09.000000000 +0100 @@ -60,6 +60,11 @@ ) end + credentials do + # Tokens and expiration will be used from OAuth2 strategy credentials block + prune!({ 'scope' => token_info(access_token.token)['scope'] }) + end + extra do hash = {} hash[:id_token] = access_token['id_token'] @@ -121,8 +126,9 @@ request.body.rewind # rewind request body for downstream middlewares verifier = body && body['code'] access_token = body && body['access_token'] + redirect_uri ||= body && body['redirect_uri'] if verifier - client_get_token(verifier, 'postmessage') + client_get_token(verifier, redirect_uri || 'postmessage') elsif verify_token(access_token) ::OAuth2::AccessToken.from_hash(client, body.dup) end @@ -214,12 +220,21 @@ URI.encode_www_form(stripped_params) end + def token_info(access_token) + return nil unless access_token + + @token_info ||= Hash.new do |h, k| + h[k] = client.request(:get, 'https://www.googleapis.com/oauth2/v3/tokeninfo', params: { access_token: access_token }).parsed + end + + @token_info[access_token] + end + def verify_token(access_token) return false unless access_token - raw_response = client.request(:get, 'https://www.googleapis.com/oauth2/v3/tokeninfo', - params: { access_token: access_token }).parsed - raw_response['aud'] == options.client_id || options.authorized_client_ids.include?(raw_response['aud']) + token_info = token_info(access_token) + token_info['aud'] == options.client_id || options.authorized_client_ids.include?(token_info['aud']) end def verify_hd(access_token) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2021-03-15 05:08:01.000000000 +0100 +++ new/metadata 2022-03-11 03:54:09.000000000 +0100 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: omniauth-google-oauth2 version: !ruby/object:Gem::Version - version: 1.0.0 + version: 1.0.1 platform: ruby authors: - Josh Ellithorpe @@ -9,7 +9,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2021-03-15 00:00:00.000000000 Z +date: 2022-03-11 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: jwt @@ -117,6 +117,7 @@ extensions: [] extra_rdoc_files: [] files: +- ".github/workflows/ci.yml" - ".gitignore" - ".rubocop.yml" - ".travis.yml" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/omniauth/strategies/google_oauth2_spec.rb new/spec/omniauth/strategies/google_oauth2_spec.rb --- old/spec/omniauth/strategies/google_oauth2_spec.rb 2021-03-15 05:08:01.000000000 +0100 +++ new/spec/omniauth/strategies/google_oauth2_spec.rb 2022-03-11 03:54:09.000000000 +0100 @@ -347,6 +347,37 @@ end end + describe '#credentials' do + let(:client) { OAuth2::Client.new('abc', 'def') } + let(:access_token) { OAuth2::AccessToken.from_hash(client, access_token: 'valid_access_token', expires_at: 123_456_789, refresh_token: 'valid_refresh_token') } + before(:each) do + allow(subject).to receive(:access_token).and_return(access_token) + subject.options.client_options[:connection_build] = proc do |builder| + builder.request :url_encoded + builder.adapter :test do |stub| + stub.get('/oauth2/v3/tokeninfo?access_token=valid_access_token') do + [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, JSON.dump( + aud: '000000000000.apps.googleusercontent.com', + sub: '123456789', + scope: 'profile email' + )] + end + end + end + end + + it 'should return access token and (optionally) refresh token' do + expect(subject.credentials.to_h).to \ + match(hash_including( + 'token' => 'valid_access_token', + 'refresh_token' => 'valid_refresh_token', + 'scope' => 'profile email', + 'expires_at' => 123_456_789, + 'expires' => true + )) + end + end + describe '#extra' do let(:client) do OAuth2::Client.new('abc', 'def') do |builder| @@ -640,6 +671,22 @@ subject.build_access_token end + + it 'reads the redirect uri from a json request body' do + body = StringIO.new(%({"code":"json_access_token", "redirect_uri":"sample"})) + client = double(:client) + auth_code = double(:auth_code) + + allow(request).to receive(:xhr?).and_return(false) + allow(request).to receive(:content_type).and_return('application/json') + allow(request).to receive(:body).and_return(body) + allow(client).to receive(:auth_code).and_return(auth_code) + expect(subject).to receive(:client).and_return(client) + + expect(auth_code).to receive(:get_token).with('json_access_token', { redirect_uri: 'sample' }, {}) + + subject.build_access_token + end it 'reads the access token from a json request body' do body = StringIO.new(%({"access_token":"valid_access_token"}))

1 0

commit rubygem-omniauth for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-omniauth for openSUSE:Factory checked in at 2022-04-30 22:52:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-omniauth (Old) and /work/SRC/openSUSE:Factory/.rubygem-omniauth.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-omniauth" Sat Apr 30 22:52:36 2022 rev:7 rq:974059 version:2.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-omniauth/rubygem-omniauth.changes 2021-07-02 13:28:42.592182024 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-omniauth.new.1538/rubygem-omniauth.changes 2022-04-30 22:52:47.964245486 +0200 @@ -1,0 +2,6 @@ +Thu Apr 28 05:38:51 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 2.1.0 + no changelog found + +------------------------------------------------------------------- Old: ---- omniauth-2.0.4.gem New: ---- omniauth-2.1.0.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-omniauth.spec ++++++ --- /var/tmp/diff_new_pack.Jnx6J3/_old 2022-04-30 22:52:49.248247223 +0200 +++ /var/tmp/diff_new_pack.Jnx6J3/_new 2022-04-30 22:52:49.252247228 +0200 @@ -1,7 +1,7 @@ # # spec file for package rubygem-omniauth # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-omniauth -Version: 2.0.4 +Version: 2.1.0 Release: 0 %define mod_name omniauth %define mod_full_name %{mod_name}-%{version} ++++++ omniauth-2.0.4.gem -> omniauth-2.1.0.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.github/workflows/main.yml new/.github/workflows/main.yml --- old/.github/workflows/main.yml 2021-04-07 22:18:29.000000000 +0200 +++ new/.github/workflows/main.yml 2022-04-13 20:45:53.000000000 +0200 @@ -20,7 +20,7 @@ fail-fast: false matrix: os: [ubuntu, macos] - ruby: [2.5, 2.6, 2.7, head, debug, truffleruby, truffleruby-head] + ruby: [2.5, 2.6, 2.7, '3.0', 3.1, head, debug, truffleruby, truffleruby-head] steps: - uses: actions/checkout@v2 - name: Set up Ruby diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 2021-04-07 22:18:29.000000000 +0200 +++ new/.gitignore 2022-04-13 20:45:53.000000000 +0200 @@ -11,3 +11,4 @@ measurement/* pkg/* .DS_Store +.tool-versions diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Gemfile new/Gemfile --- old/Gemfile 2021-04-07 22:18:29.000000000 +0200 +++ new/Gemfile 2022-04-13 20:45:53.000000000 +0200 @@ -1,6 +1,6 @@ source 'https://rubygems.org' -gem 'jruby-openssl', '~> 0.10.5', :platforms => :jruby +gem 'jruby-openssl', '~> 0.10.5', platforms: :jruby gem 'rake', '>= 12.0' gem 'yard', '>= 0.9.11' @@ -13,17 +13,16 @@ group :test do gem 'coveralls_reborn', '~> 0.19.0', require: false - gem 'hashie', '>= 3.4.6', '~> 4.0.0', :platforms => [:jruby_18] - gem 'json', '~> 2.3.0', :platforms => %i[jruby_18 jruby_19 ruby_19] - gem 'mime-types', '~> 3.1', :platforms => [:jruby_18] - gem 'rack', '>= 2.0.6', :platforms => %i[jruby_18 jruby_19 ruby_19 ruby_20 ruby_21] + gem 'hashie', '>= 3.4.6', '~> 4.0.0', platforms: [:jruby_18] + gem 'json', '~> 2.3.0', platforms: %i[jruby_18 jruby_19 ruby_19] + gem 'mime-types', '~> 3.1', platforms: [:jruby_18] gem 'rack-test' - gem 'rest-client', '~> 2.0.0', :platforms => [:jruby_18] + gem 'rest-client', '~> 2.0.0', platforms: [:jruby_18] gem 'rspec', '~> 3.5' gem 'rack-freeze' - gem 'rubocop', '>= 0.58.2', '< 0.69.0', :platforms => %i[ruby_20 ruby_21 ruby_22 ruby_23 ruby_24] + gem 'rubocop', '>= 0.58.2', '< 0.69.0', platforms: %i[ruby_20 ruby_21 ruby_22 ruby_23 ruby_24] gem 'simplecov-lcov' - gem 'tins', '~> 1.13', :platforms => %i[jruby_18 jruby_19 ruby_19] + gem 'tins', '~> 1.13', platforms: %i[jruby_18 jruby_19 ruby_19] end gemspec diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-04-07 22:18:29.000000000 +0200 +++ new/README.md 2022-04-13 20:45:53.000000000 +0200 @@ -10,7 +10,7 @@ [codeclimate]: https://codeclimate.com/github/omniauth/omniauth [coveralls]: https://coveralls.io/r/omniauth/omniauth -This is the documentation for the version [v2.0.4](https://github.com/omniauth/omniauth/tree/v2.0.4) of OmniAuth. +This is the documentation for our latest release [v2.1.0](https://github.com/omniauth/omniauth/releases/tag/v2.1.0). ## An Introduction OmniAuth is a library that standardizes multi-provider authentication for @@ -83,34 +83,7 @@ contains as much information about the user as OmniAuth was able to glean from the utilized strategy. You should set up an endpoint in your application that matches to the callback URL and then performs whatever -steps are necessary for your application. For example, in a Rails app -you would add a line in your `routes.rb` file like this: - -```ruby -post '/auth/:provider/callback', to: 'sessions#create' -``` - -And you might then have a `SessionsController` with code that looks -something like this: - -```ruby -class SessionsController < ApplicationController - # If you're using a strategy that POSTs during callback, you'll need to skip the authenticity token check for the callback action only. - skip_before_action :verify_authenticity_token, only: :create - - def create - @user = User.find_or_create_from_auth_hash(auth_hash) - self.current_user = @user - redirect_to '/' - end - - protected - - def auth_hash - request.env['omniauth.auth'] - end -end -``` +steps are necessary for your application. The `omniauth.auth` key in the environment hash provides an Authentication Hash which will contain information about the just @@ -124,35 +97,67 @@ you how you want to implement the particulars of your application's authentication flow. -**Please note:** there is currently a CSRF vulnerability which affects OmniAuth (designated [CVE-2015-9284](https://nvd.nist.gov/vuln/detail/CVE-2015-9284)) that requires mitigation at the application level. More details on how to do this can be found on the [Wiki](https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284). -## Configuring The `origin` Param -The `origin` url parameter is typically used to inform where a user came from and where, should you choose to use it, they'd want to return to. +## Rails (without Devise) +To get started, add the following gems + +**Gemfile**: +```ruby +gem 'omniauth' +gem "omniauth-rails_csrf_protection" +``` -There are three possible options: +Then insert OmniAuth as a middleware -Default Flow: +**config/initializers/omniauth.rb**: ```ruby -# /auth/twitter/?origin=[URL] -# No change -# If blank, `omniauth.origin` is set to HTTP_REFERER +Rails.application.config.middleware.use OmniAuth::Builder do + provider :developer if Rails.env.development? +end ``` -Renaming Origin Param: +Additional providers can be added here in the future. Next we wire it +all up using routes, a controller and a login view. + +**config/routes.rb**: + ```ruby -# /auth/twitter/?return_to=[URL] -# If blank, `omniauth.origin` is set to HTTP_REFERER -provider :twitter, ENV['KEY'], ENV['SECRET'], origin_param: 'return_to' + get 'auth/:provider/callback', to: 'sessions#create' + get '/login', to: 'sessions#new' ``` -Disabling Origin Param: +**app/controllers/sessions_controller.rb**: ```ruby -# /auth/twitter -# Origin handled externally, if need be. `omniauth.origin` is not set -provider :twitter, ENV['KEY'], ENV['SECRET'], origin_param: false +class SessionsController < ApplicationController + def new + render :new + end + + def create + user_info = request.env['omniauth.auth'] + raise user_info # Your own session management should be placed here. + end +end ``` -## Integrating OmniAuth Into Your Rails API +**app/views/sessions/new.html.erb**: +```erb +<%= form_tag('/auth/developer', method: 'post', data: {turbo: false}) do %> + <button type='submit'>Login with Developer</button> +<% end %> +``` + +Now if you visit `/login` and click the Login button, you should see the +OmniAuth developer login screen. After submitting it, you are returned to your +application at `Sessions#create`. The raise should now display all the Omniauth +details you have available to integrate it into your own user management. + +If you want out of the box usermanagement, you should consider using Omniauth +through Devise. Please visit the [Devise Github page](https://github.com/heartcombo/devise#omniauth) +for more information. + + +## Rails API The following middleware are (by default) included for session management in Rails applications. When using OmniAuth with a Rails API, you'll need to add one of these required middleware back in: @@ -191,6 +196,33 @@ OmniAuth.config.logger = Rails.logger ``` +## Origin Param +The `origin` url parameter is typically used to inform where a user came from +and where, should you choose to use it, they'd want to return to. +Omniauth supports the following settings which can be configured on a provider level: + +**Default**: +```ruby +provider :twitter, ENV['KEY'], ENV['SECRET'] +POST /auth/twitter/?origin=[URL] +# If the `origin` parameter is blank, `omniauth.origin` is set to HTTP_REFERER +``` + +**Using a differently named origin parameter**: +```ruby +provider :twitter, ENV['KEY'], ENV['SECRET'], origin_param: 'return_to' +POST /auth/twitter/?return_to=[URL] +# If the `return_to` parameter is blank, `omniauth.origin` is set to HTTP_REFERER +``` + +**Disabled**: +```ruby +provider :twitter, ENV['KEY'], ENV['SECRET'], origin_param: false +POST /auth/twitter +# This means the origin should be handled by your own application. +# Note that `omniauth.origin` will always be blank. +``` + ## Resources The [OmniAuth Wiki](https://github.com/omniauth/omniauth/wiki) has actively maintained in-depth documentation for OmniAuth. It should be @@ -201,7 +233,11 @@ Available as part of the Tidelift Subscription. -The maintainers of OmniAuth and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/rubygems-omniauth?utm_source=u… +The maintainers of OmniAuth and thousands of other packages are working with +Tidelift to deliver commercial support and maintenance for the open source +packages you use to build your applications. Save time, reduce risk, and +improve code health, while paying the maintainers of the exact packages you use. +[Learn more.](https://tidelift.com/subscription/pkg/rubygems-omniauth?utm_source=u… ## Supported Ruby Versions OmniAuth is tested under 2.5, 2.6, 2.7, truffleruby, and JRuby. Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/omniauth/builder.rb new/lib/omniauth/builder.rb --- old/lib/omniauth/builder.rb 2021-04-07 22:18:29.000000000 +0200 +++ new/lib/omniauth/builder.rb 2022-04-13 20:45:53.000000000 +0200 @@ -26,7 +26,7 @@ @options = options end - def provider(klass, *args, &block) + def provider(klass, *args, **opts, &block) if klass.is_a?(Class) middleware = klass else @@ -37,8 +37,7 @@ end end - args.last.is_a?(Hash) ? args.push(options.merge(args.pop)) : args.push(options) - use middleware, *args, &block + use middleware, *args, **options.merge(opts), &block end def call(env) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/omniauth/version.rb new/lib/omniauth/version.rb --- old/lib/omniauth/version.rb 2021-04-07 22:18:29.000000000 +0200 +++ new/lib/omniauth/version.rb 2022-04-13 20:45:53.000000000 +0200 @@ -1,3 +1,3 @@ module OmniAuth - VERSION = '2.0.4'.freeze + VERSION = '2.1.0'.freeze end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2021-04-07 22:18:29.000000000 +0200 +++ new/metadata 2022-04-13 20:45:53.000000000 +0200 @@ -1,16 +1,16 @@ --- !ruby/object:Gem::Specification name: omniauth version: !ruby/object:Gem::Version - version: 2.0.4 + version: 2.1.0 platform: ruby authors: - Michael Bleigh - Erik Michaels-Ober - Tom Milewski -autorequire: +autorequire: bindir: bin cert_chain: [] -date: 2021-04-07 00:00:00.000000000 Z +date: 2022-04-13 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: hashie @@ -32,20 +32,14 @@ requirements: - - ">=" - !ruby/object:Gem::Version - version: 1.6.2 - - - "<" - - !ruby/object:Gem::Version - version: '3' + version: 2.2.3 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - ">=" - !ruby/object:Gem::Version - version: 1.6.2 - - - "<" - - !ruby/object:Gem::Version - version: '3' + version: 2.2.3 - !ruby/object:Gem::Dependency name: bundler requirement: !ruby/object:Gem::Requirement @@ -129,7 +123,7 @@ licenses: - MIT metadata: {} -post_install_message: +post_install_message: rdoc_options: [] require_paths: - lib @@ -144,8 +138,8 @@ - !ruby/object:Gem::Version version: 1.3.5 requirements: [] -rubygems_version: 3.0.0 -signing_key: +rubygems_version: 3.2.32 +signing_key: specification_version: 4 summary: A generalized Rack framework for multiple-provider authentication. test_files: [] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/omniauth.gemspec new/omniauth.gemspec --- old/omniauth.gemspec 2021-04-07 22:18:29.000000000 +0200 +++ new/omniauth.gemspec 2022-04-13 20:45:53.000000000 +0200 @@ -6,7 +6,7 @@ Gem::Specification.new do |spec| spec.add_dependency 'hashie', ['>= 3.4.6'] - spec.add_dependency 'rack', ['>= 1.6.2', '< 3'] + spec.add_dependency 'rack', '>= 2.2.3' spec.add_development_dependency 'bundler', '~> 2.0' spec.add_dependency 'rack-protection' spec.add_development_dependency 'rake', '~> 12.0'

1 0

commit rubygem-msgpack for openSUSE:Factory
by Source-Sync 30 Apr '22

30 Apr '22

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-msgpack for openSUSE:Factory checked in at 2022-04-30 22:52:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-msgpack (Old) and /work/SRC/openSUSE:Factory/.rubygem-msgpack.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-msgpack" Sat Apr 30 22:52:35 2022 rev:16 rq:974058 version:1.5.1 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-msgpack/rubygem-msgpack.changes 2022-02-24 18:23:46.946653334 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-msgpack.new.1538/rubygem-msgpack.changes 2022-04-30 22:52:45.748242488 +0200 @@ -1,0 +2,17 @@ +Thu Apr 28 05:37:28 UTC 2022 - Stephan Kulow <coolo(a)suse.com> + +updated to version 1.5.1 + see installed ChangeLog + + 2022-04-07 version 1.5.1: + + * Fix bug about packing/unpacking ext type objects with the recursive option + + 2022-04-06 version 1.5.0: + + * Add recursive option on Factory#register_type to operate Packer/Unpacker manually + * Add oversized_integer_extension option on Factory#register_type to pack/unpack bigint using ext types + * Add Factory#pool method and Factory::Pool class to provide pooled Packer and Unpacker instances + + +------------------------------------------------------------------- Old: ---- msgpack-1.4.5.gem New: ---- msgpack-1.5.1.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-msgpack.spec ++++++ --- /var/tmp/diff_new_pack.iWQV6o/_old 2022-04-30 22:52:47.356244664 +0200 +++ /var/tmp/diff_new_pack.iWQV6o/_new 2022-04-30 22:52:47.364244674 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-msgpack -Version: 1.4.5 +Version: 1.5.1 Release: 0 %define mod_name msgpack %define mod_full_name %{mod_name}-%{version} ++++++ msgpack-1.4.5.gem -> msgpack-1.5.1.gem ++++++ ++++ 2036 lines of diff (skipped)

1 0