Hello community,
here is the log from the commit of package rubygem-actionpack-2_1
checked in at Mon Oct 6 19:46:35 CEST 2008.
--------
New Changes file:
--- /dev/null 2008-04-22 03:09:48.000000000 +0200
+++ /mounts/work_src_done/STABLE/rubygem-actionpack-2_1/rubygem-actionpack-2_1.changes 2008-10-06 19:09:22.525405000 +0200
@@ -0,0 +1,244 @@
+-------------------------------------------------------------------
+Fri Sep 12 18:05:48 CEST 2008 - mrueckert@suse.de
+
+- update to version 2.1.1
+ * All 2xx requests are considered successful [Josh Peek]
+ * Deprecate the limited follow_redirect in functional tests.
+ If you wish to follow redirects, use integration tests.
+ [Michael Koziarski]
+ * Fixed that AssetTagHelper#compute_public_path shouldn't cache
+ the asset_host along with the source or per-request proc's
+ won't run [DHH]
+ * Deprecate define_javascript_functions, javascript_include_tag
+ and friends are much better [Michael Koziarski]
+ * Fix polymorphic_url with singleton resources.
+ #461 [Tammer Saleh]
+ * Deprecate ActionView::Base.erb_variable. Use the concat helper
+ method instead of appending to it directly. [Jeremy Kemper]
+ * Fixed Request#remote_ip to only raise hell if the
+ HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR doesn't match (not just
+ if they're both present) [Mark Imbriaco, Bradford Folkens]
+
+-------------------------------------------------------------------
+Wed Jun 4 02:54:09 CEST 2008 - mrueckert@suse.de
+
+- update to version 2.1.0:
+ - revamped cache handling
+ - many bugfixes
+ for all changes see
+ see /usr/lib*/ruby/gems/1.8/gems/actionpack-2.1.0/CHANGELOG
+- branched package from the 2.0 package
+
+-------------------------------------------------------------------
+Wed Feb 20 23:17:54 CET 2008 - mrueckert@suse.de
+
+- do not obsolete the old name as it leads to trouble on upgrade.
+ this will handled by the wrapper package.
+
+-------------------------------------------------------------------
+Wed Feb 20 23:17:54 CET 2008 - mrueckert@suse.de
+
+- do not obsolete the old name as it leads to trouble on upgrade.
+ this will handled by the wrapper package.
+
+-------------------------------------------------------------------
+Thu Jan 17 15:43:46 CET 2008 - mrueckert@suse.de
+
+- update to version 1.13.6
+ * Correct Broken Fix for session_fixation attacks
+ * Ensure that cookies handle array values correctly.
+ Closes #9937 [queso]
+- branch new packge rubygem-actionpack-1_13 to allow parallel
+ installation of multiple major branches
+- removed rubygem-actionpack-1.13.x_session_fixation_attack.patch
+ included in update
+
+-------------------------------------------------------------------
+Fri Nov 23 00:33:20 CET 2007 - mrueckert@suse.de
+
+- updated rubygem-actionpack-1.13.x_session_fixation_attack.patch
+ new name rubygem-actionpack-1.13.x_session_fixation_attack_v2.patch:
+ The original upstream patch only worked for the first request.
+ Do not delete the cookie_only option from the session options.
+ (#332441) (CVE-2007-6077)
+
+-------------------------------------------------------------------
+Wed Oct 17 17:53:01 CEST 2007 - mrueckert@suse.de
+
+- added rubygem-actionpack-1.13.x_session_fixation_attack.patch:
+ Reject session informations from the query string (#332441)
+ (CVE-2007-5380)
+
+-------------------------------------------------------------------
+Wed Oct 17 17:52:39 CEST 2007 - mrueckert@suse.de
+
+- update to version 1.13.5
+ * Backport: allow array and hash query parameters. Array route
+ parameters are converted/to/a/path as before.
+ #6765, #7047, #7462
+ [bgipsy, Jeremy McAnally, Dan Kubb, brendan, Diego Algorta Casamayou]
+ * Fix in place editor's setter action with non-string fields.
+ #7418 [Andreas]
+- additional changes from version 1.13.4
+ * Only accept session ids from cookies, prevents session fixation
+ attacks. [bradediger] (CVE-2007-5380) (bnc #332441)
+ * Change the resource seperator from ; to / change the generated
+ routes to use the new-style named routes. e.g.
+ new_group_user_path(@group) instead of
+ group_new_user_path(@group). [pixeltrix]
+ * Integration tests: introduce methods for other HTTP methods.
+ #6353 [caboose]
+ * Improve performance of action caching. Closes #8231 [skaes]
+ * Fix errors with around_filters which do not yield, restore 1.1
+ behaviour with after filters. Closes #8891 [skaes]
+ After filters will *no longer* be run if an around_filter fails
+ to yield, users relying on this behaviour are advised to put
+ the code in question after a yield statement in an around
+ filter.
+ * Allow you to delete cookies with options.
+ Closes #3685 [josh, Chris Wanstrath]
+ * Deprecate pagination. Install the classic_pagination
+ plugin for forward compatibility, or move to the superior
+ will_paginate plugin. #8157 [Mislav Marohnic]
+ * Fix filtered parameter logging with nil parameter values.
+ #8422 [choonkeat]
+ * Integration tests: alias xhr to xml_http_request and add a
+ request_method argument instead of always using POST.
+ #7124 [Nik Wakelin, Francois Beausoleil, Wizard]
+ * Document caches_action. #5419 [Jarkko Laine]
+ * observe_form always sends the serialized form.
+ #5271 [manfred, normelton@gmail.com]
+ * Update UrlWriter to accept :anchor parameter.
+ Closes #6771. [octopod]
+ * Replace the current block/continuation filter chain handling by
+ an implementation based on a simple loop.
+ Closes #8226 [Stefan Kaes]
+ * Return the string representation from an Xml Builder when
+ rendering a partial. #5044 [tpope]
+ * Cleaned up, corrected, and mildly expanded ActionPack
+ documentation. Closes #7190 [jeremymcanally]
+ * Small collection of ActionController documentation cleanups.
+ Closes #7319 [jeremymcanally]
+ * Performance: patch cgi/session/pstore to require digest/md5
+ once rather than per #initialize. #7583 [Stefan Kaes]
+ * Deprecation: verification with :redirect_to => :named_route
+ shouldn't be deprecated. #7525 [Justin French]
+
+-------------------------------------------------------------------
+Mon May 14 16:32:28 CEST 2007 - mrueckert@suse.de
+
+- update to version 1.13.3:
+ * Fix a bug in Routing where a parameter taken from the path of
+ the current request could not be used as a query parameter for
+ the next. #6752 [Nicholas Seckar]
+ * session_enabled? works with session :off. #6680 [Catfish]
+ * Performance: patch cgi/session to require digest/md5 once
+ rather than per #create_new_id. [Stefan Kaes]
+- additional changes from 1.13.2:
+ * Add much-needed html-scanner tests. Fixed CDATA parsing bug.
+ [Rick]
+ * improve error message for Routing for named routes.
+ [Rob Sanheim]
+ * Added enhanced docs to routing assertions. [Rob Sanheim]
+ * fix form_for example in ActionController::Resources
+ documentation. [gnarg]
+ * Add singleton resources from trunk [Rick Olson]
+ * select :multiple => true suffixes the attribute name with []
+ unless already suffixed. #6977 [nik.kakelin, ben, julik]
+ * Improve routes documentation. #7095 [zackchandler]
+ * Resource member routes require :id, eliminating the ambiguous
+ overlap with collection routes. #7229 [dkubb]
+ * Fixed NumberHelper#number_with_delimiter to use "." always
+ for splitting the original number, not the delimiter
+ parameter #7389 [ceefour]
+ * Autolinking recognizes trailing and embedded . , : ;
+ #7354 [Jarkko Laine]
+ * Make TextHelper::auto_link recognize URLs with colons in
+ path correctly, fixes #7268. [imajes]
+ * Improved auto_link to match more valid urls correctly
+ [Tobias Luetke]
+
+-------------------------------------------------------------------
+Wed Jan 24 00:57:59 CET 2007 - mrueckert@suse.de
+
+- update to version 1.13.1:
+ update for rails 1.2.1. Too many changes to mention them here.
+ see /usr/lib*/ruby/gems/1.8/gems/actionpack-1.13.1/CHANGELOG
+
+-------------------------------------------------------------------
+Fri Aug 11 02:33:25 CEST 2006 - mrueckert@suse.de
+
+- update to version 1.12.5:
+ * update for the previous security fix
+
+-------------------------------------------------------------------
+Thu Aug 10 12:40:16 CEST 2006 - mrueckert@suse.de
+
+- update to version 1.12.4:
+ * Documentation fix: integration test scripts don't require
+ integration_test. (rails:#4914) [Frederick Ros ]
+ * ActionController::Base Summary documentation rewrite.
+ (rails:#4900) [kevin.clark@gmail.com]
+ * Fix text_helper.rb documentation rendering.
+ (rails:#4725) [Frederick Ros]
+ * Fixes bad rendering of JavaScriptMacrosHelper rdoc.
+ (rails:#4910) [Frederick Ros]
+ * Enhance documentation for setting headers in integration tests.
+ Skip auto HTTP prepending when its already there.
+ (rails:#4079) [Rick Olson]
+ * Documentation for AbstractRequest.
+ (rails:#4895) [kevin.clark@gmail.com]
+ * Remove all remaining references to @params in the documentation.
+ [Marcel Molina Jr.]
+ * Add documentation for redirect_to :back's RedirectBackError
+ exception. [Marcel Molina Jr.]
+ * Update layout and content_for documentation to use yield rather
+ than magic @content_for instance variables. [Marcel Molina Jr.]
+ * Cache CgiRequest#request_parameters so that multiple calls
++++ 47 more lines (skipped)
++++ between /dev/null
++++ and /mounts/work_src_done/STABLE/rubygem-actionpack-2_1/rubygem-actionpack-2_1.changes
calling whatdependson for head-i586
New:
----
actionpack-2.1.1.gem
rubygem-actionpack-2_1.changes
rubygem-actionpack-2_1.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-actionpack-2_1.spec ++++++
#
# spec file for package rubygem-actionpack-2_1 (Version 2.1.1)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: rubygem-actionpack-2_1
Version: 2.1.1
Release: 2
%define mod_name actionpack
#
Group: Development/Languages/Ruby
License: X11/MIT
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: rubygems_with_buildroot_patch
Requires: rubygems > 0.9.4
Provides: rubygem-%{mod_name} = %{version}-%{release}
# Obsoletes: rubygem-%{mod_name} < %{version}
BuildRequires: rubygem-activesupport-2_1 = 2.1.1
Requires: rubygem-activesupport-2_1 = 2.1.1
#
Url: http://rubyforge.org/projects/actionpack
Source: http://rubyforge.org/frs/download.php/42606/actionpack-2.1.1.gem
#
Summary: Eases web-request routing, handling, and response
%description
Eases web-request routing, handling, and response as a half-way front,
half-way page controller. Implemented with specific emphasis on
enabling easy unit/integration testing that doesn't require a browser.
Authors:
--------
rails development team
%prep
%build
%install
gem install --local --build-root=%{buildroot} %{S:0}
%clean
%{__rm} -rf %{buildroot}
%files
%defattr(-,root,root,-)
%{_libdir}/ruby/gems/%{rb_ver}/cache/%{mod_name}-%{version}.gem
%{_libdir}/ruby/gems/%{rb_ver}/gems/%{mod_name}-%{version}/
%{_libdir}/ruby/gems/%{rb_ver}/specifications/%{mod_name}-%{version}.gemspec
%doc %{_libdir}/ruby/gems/%{rb_ver}/doc/%{mod_name}-%{version}/
%changelog
* Fri Sep 12 2008 mrueckert@suse.de
- update to version 2.1.1
* All 2xx requests are considered successful [Josh Peek]
* Deprecate the limited follow_redirect in functional tests.
If you wish to follow redirects, use integration tests.
[Michael Koziarski]
* Fixed that AssetTagHelper#compute_public_path shouldn't cache
the asset_host along with the source or per-request proc's
won't run [DHH]
* Deprecate define_javascript_functions, javascript_include_tag
and friends are much better [Michael Koziarski]
* Fix polymorphic_url with singleton resources.
[#461] [Tammer Saleh]
* Deprecate ActionView::Base.erb_variable. Use the concat helper
method instead of appending to it directly. [Jeremy Kemper]
* Fixed Request#remote_ip to only raise hell if the
HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR doesn't match (not just
if they're both present) [Mark Imbriaco, Bradford Folkens]
* Wed Jun 04 2008 mrueckert@suse.de
- update to version 2.1.0:
- revamped cache handling
- many bugfixes
for all changes see
see /usr/lib*/ruby/gems/1.8/gems/actionpack-2.1.0/CHANGELOG
- branched package from the 2.0 package
* Thu Feb 21 2008 mrueckert@suse.de
- do not obsolete the old name as it leads to trouble on upgrade.
this will handled by the wrapper package.
- do not obsolete the old name as it leads to trouble on upgrade.
this will handled by the wrapper package.
* Thu Jan 17 2008 mrueckert@suse.de
- update to version 1.13.6
* Correct Broken Fix for session_fixation attacks
* Ensure that cookies handle array values correctly.
Closes #9937 [queso]
- branch new packge rubygem-actionpack-1_13 to allow parallel
installation of multiple major branches
- removed rubygem-actionpack-1.13.x_session_fixation_attack.patch
included in update
* Fri Nov 23 2007 mrueckert@suse.de
- updated rubygem-actionpack-1.13.x_session_fixation_attack.patch
new name rubygem-actionpack-1.13.x_session_fixation_attack_v2.patch:
The original upstream patch only worked for the first request.
Do not delete the cookie_only option from the session options.
(#332441) (CVE-2007-6077)
* Wed Oct 17 2007 mrueckert@suse.de
- added rubygem-actionpack-1.13.x_session_fixation_attack.patch:
Reject session informations from the query string (#332441)
(CVE-2007-5380)
* Wed Oct 17 2007 mrueckert@suse.de
- update to version 1.13.5
* Backport: allow array and hash query parameters. Array route
parameters are converted/to/a/path as before.
[#6765], #7047, #7462
[bgipsy, Jeremy McAnally, Dan Kubb, brendan, Diego Algorta Casamayou]
* Fix in place editor's setter action with non-string fields.
[#7418] [Andreas]
- additional changes from version 1.13.4
* Only accept session ids from cookies, prevents session fixation
attacks. [bradediger] (CVE-2007-5380) (bnc #332441)
* Change the resource seperator from ; to / change the generated
routes to use the new-style named routes. e.g.
new_group_user_path(@group) instead of
group_new_user_path(@group). [pixeltrix]
* Integration tests: introduce methods for other HTTP methods.
[#6353] [caboose]
* Improve performance of action caching. Closes #8231 [skaes]
* Fix errors with around_filters which do not yield, restore 1.1
behaviour with after filters. Closes #8891 [skaes]
After filters will *no longer* be run if an around_filter fails
to yield, users relying on this behaviour are advised to put
the code in question after a yield statement in an around
filter.
* Allow you to delete cookies with options.
Closes #3685 [josh, Chris Wanstrath]
* Deprecate pagination. Install the classic_pagination
plugin for forward compatibility, or move to the superior
will_paginate plugin. #8157 [Mislav Marohnic]
* Fix filtered parameter logging with nil parameter values.
[#8422] [choonkeat]
* Integration tests: alias xhr to xml_http_request and add a
request_method argument instead of always using POST.
[#7124] [Nik Wakelin, Francois Beausoleil, Wizard]
* Document caches_action. #5419 [Jarkko Laine]
* observe_form always sends the serialized form.
[#5271] [manfred, normelton@gmail.com]
* Update UrlWriter to accept :anchor parameter.
Closes #6771. [octopod]
* Replace the current block/continuation filter chain handling by
an implementation based on a simple loop.
Closes #8226 [Stefan Kaes]
* Return the string representation from an Xml Builder when
rendering a partial. #5044 [tpope]
* Cleaned up, corrected, and mildly expanded ActionPack
documentation. Closes #7190 [jeremymcanally]
* Small collection of ActionController documentation cleanups.
Closes #7319 [jeremymcanally]
* Performance: patch cgi/session/pstore to require digest/md5
once rather than per #initialize. #7583 [Stefan Kaes]
* Deprecation: verification with :redirect_to => :named_route
shouldn't be deprecated. #7525 [Justin French]
* Mon May 14 2007 mrueckert@suse.de
- update to version 1.13.3:
* Fix a bug in Routing where a parameter taken from the path of
the current request could not be used as a query parameter for
the next. #6752 [Nicholas Seckar]
* session_enabled? works with session :off. #6680 [Catfish]
* Performance: patch cgi/session to require digest/md5 once
rather than per #create_new_id. [Stefan Kaes]
- additional changes from 1.13.2:
* Add much-needed html-scanner tests. Fixed CDATA parsing bug.
[Rick]
* improve error message for Routing for named routes.
[Rob Sanheim]
* Added enhanced docs to routing assertions. [Rob Sanheim]
* fix form_for example in ActionController::Resources
documentation. [gnarg]
* Add singleton resources from trunk [Rick Olson]
* select :multiple => true suffixes the attribute name with []
unless already suffixed. #6977 [nik.kakelin, ben, julik]
* Improve routes documentation. #7095 [zackchandler]
* Resource member routes require :id, eliminating the ambiguous
overlap with collection routes. #7229 [dkubb]
* Fixed NumberHelper#number_with_delimiter to use "." always
for splitting the original number, not the delimiter
parameter #7389 [ceefour]
* Autolinking recognizes trailing and embedded . , : ;
[#7354] [Jarkko Laine]
* Make TextHelper::auto_link recognize URLs with colons in
path correctly, fixes #7268. [imajes]
* Improved auto_link to match more valid urls correctly
[Tobias Luetke]
* Wed Jan 24 2007 mrueckert@suse.de
- update to version 1.13.1:
update for rails 1.2.1. Too many changes to mention them here.
see /usr/lib*/ruby/gems/1.8/gems/actionpack-1.13.1/CHANGELOG
* Fri Aug 11 2006 mrueckert@suse.de
- update to version 1.12.5:
* update for the previous security fix
* Thu Aug 10 2006 mrueckert@suse.de
- update to version 1.12.4:
* Documentation fix: integration test scripts don't require
integration_test. (rails:#4914) [Frederick Ros ]
* ActionController::Base Summary documentation rewrite.
(rails:#4900) [kevin.clark@gmail.com]
* Fix text_helper.rb documentation rendering.
(rails:#4725) [Frederick Ros]
* Fixes bad rendering of JavaScriptMacrosHelper rdoc.
(rails:#4910) [Frederick Ros]
* Enhance documentation for setting headers in integration tests.
Skip auto HTTP prepending when its already there.
(rails:#4079) [Rick Olson]
* Documentation for AbstractRequest.
(rails:#4895) [kevin.clark@gmail.com]
* Remove all remaining references to @params in the documentation.
[Marcel Molina Jr.]
* Add documentation for redirect_to :back's RedirectBackError
exception. [Marcel Molina Jr.]
* Update layout and content_for documentation to use yield rather
than magic @content_for instance variables. [Marcel Molina Jr.]
* Cache CgiRequest#request_parameters so that multiple calls
don't re-parse multipart data. [Rick]
* Fixed that remote_form_for can leave out the object parameter
and default to the instance variable of the object_name,
just like form_for [DHH]
* Added ActionController.filter_parameter_logging that makes it
easy to remove passwords, credit card numbers, and other
sensitive information from being logged when a request is
handled. (rails:#1897) [jeremye@bsa.ca.gov]
* Fixed that real files and symlinks should be treated the same
when compiling templates.
(rails:#5438) [zachary@panandscan.com]
* Add :status option to send_data and send_file. Defaults to
'200 OK'. (rails:#5243)
[Manfred Stienstra ]
* Update documentation for erb trim syntax.
(rails:#5651) [matt@mattmargolis.net]
* Short documentation to mention use of Mime::Type.register.
(rails:#5710) [choonkeat@gmail.com]
* Sat Jul 01 2006 mrueckert@suse.de
- update to version 1.12.3:
* Fix broken traverse_to_controller. We now:
Look for a _controller.rb file under RAILS_ROOT to load.
If we find it, we require_dependency it and return the
controller it defined. (If none was defined we stop looking.)
If we don't find it, we look for a .rb file under RAILS_ROOT
to load. If we find it, and it loads a constant we keep
looking. Otherwise we check to see if a directory of the same
name exists, and if it does we create a module for it.
* Refinement to avoid exceptions in traverse_to_controller.
* (Hackish) Fix loading of arbitrary files in Ruby's load path
* by traverse_to_controller. [Nicholas Seckar]
* Wed Jun 21 2006 mrueckert@suse.de
- use rubygems_with_buildroot_patch instead of the versioned
buildrequires
* Mon Jun 19 2006 mrueckert@suse.de
- Initial package version 1.12.1
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org