aboutsummaryrefslogtreecommitdiffstats
path: root/actionview
Commit message (Collapse)AuthorAgeFilesLines
* Update the changelog to explain the fixst00122019-04-201-0/+11
|
* Bump RuboCop to 0.67.2Koichi ITO2019-04-161-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Performance cops will be extracted from RuboCop to RuboCop Performance when next RuboCop 0.68 will be released. https://github.com/rubocop-hq/rubocop/issues/5977 RuboCop 0.67 is its transition period. Since rails/rails repository uses Performance cops, This PR added rubocop-performance gem to Gemfile. And this PR fixes some offenses using the following auto-correct. ```console % bundle exec rubocop -a Offenses: activerecord/test/cases/connection_adapters/connection_handlers_multi_db_test.rb:212:26: C: [Corrected] Layout/SpaceAroundOperators: Operator = > should be surrounded by a single space. "primary" => { adapter: "sqlite3", database: "db/primary.sqlite3" } ^^ activerecord/test/cases/connection_adapters/connection_handlers_multi_db_test.rb:239:26: C: [Corrected] Layout/SpaceAroundOperators: Operator => should be surrounded by a single space. "primary" => { adapter: "sqlite3", database: "db/primary.sqlite3" } ^^ actionview/test/template/resolver_shared_tests.rb:1:1: C: [Corrected] Style/FrozenStringLiteralComment: Missing magic comment # frozen_string_literal: true. module ResolverSharedTests ^ actionview/test/template/resolver_shared_tests.rb:10:33: C: [Corrected] Layout/SpaceAroundEqualsInParameterDefault: Surrounding space missing in default value assignment. def with_file(filename, source="File at #{filename}") ^ actionview/test/template/resolver_shared_tests.rb:106:5: C: [Corrected] Rails/RefuteMethods: Prefer assert_not_same over refute_same. refute_same a, b ^^^^^^^^^^^ 2760 files inspected, 5 offenses detected, 5 offenses corrected ```
* Merge pull request #35959 from jhawthorn/unbound_templatesRafael França2019-04-157-14/+237
|\ | | | | De-duplicate templates, introduce UnboundTemplate
| * Add additional test for sharing templatesJohn Hawthorn2019-04-121-1/+18
| |
| * Avoid duplication using _find_allJohn Hawthorn2019-04-121-11/+7
| |
| * Support disabling cache for DigestorJohn Hawthorn2019-04-123-22/+51
| | | | | | | | | | | | This adds a bit of complexity, but is necessary for now to avoid holding extra copies of templates which are resolved from ActionView::Digestor after disabling cache on the lookup context.
| * De-dup Templates, introduce UnboundTemplateJohn Hawthorn2019-04-124-10/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously it's possible to have multiple copies of the "same" Template. For example, if index.html.erb is found both the :en and :fr locale, it will return a different Template object for each. The same can happen with formats, variants, and handlers. This commit de-duplicates templates, there will now only be one template per file/virtual_path/locals tuple. We need to consider virtual_path because both `render "index"`, and `render "index.html"` can both find the same file but will have different virtual_paths. IMO this is rare and should be deprecated/removed, but it exists now so we need to consider it in order to cache correctly. This commit introduces a new UnboundTemplate class, which represents a template with unknown locals. Template objects can be built from it by using `#with_locals`. Currently, this is just a convenience around caching templates, but I hope it's a helpful concept that could have more utility in the future.
| * Add tests against resolverJohn Hawthorn2019-04-113-0/+109
| | | | | | | | | | | | | | | | | | | | | | We didn't previously have many tests directly against the OptimizedFileSystemResolver or FileSystemResolver, though usually failures would be exposed through other tests. It's easier to test some specifics of the behaviour with unit tests. This also lets us test FileSystemResolver (non-optimized) which I don't think previously had much testing (other than from classses inheriting it).
* | Squash `warning: instance variable @filename not initialized`utilum2019-04-121-1/+1
|/
* Remove FileTemplateJohn Hawthorn2019-04-043-14/+3
| | | | This is unnecessary now that we can just provide a file source
* Deprecate Template#refreshJohn Hawthorn2019-04-042-36/+4
|
* Add ActionView::Template::Sources::FileJohn Hawthorn2019-04-044-24/+38
|
* Don't call Template#refreshJohn Hawthorn2019-04-041-6/+1
| | | | | Now that Template#source will always return a source, this is unnecessary.
* Don't discard source after renderingJohn Hawthorn2019-04-042-5/+2
| | | | | | | | | | Previously, we would discard the template source after rendering, if we had a virtual path, in hopes that the virtual path would let us find our same template again going through the Resolver. Previously we discarded the source as an optimization, to avoid keeping it around in memory. By instead just reading the file every time source is called, as FileTemplate does, this is unnecessary.
* Fix arity warning for template handlerslocalhostdotdev2019-04-041-3/+3
| | | | | | | | | | | | | | | | | | | | | | | Mainly to help with knowning which template is reponsible for the warning. handler.class # => Class handler.to_s # => Coffee::Rails::TemplateHandler Before: Change: >> Class#call(template) To: >> Class#call(template, source) After: Change: >> Coffee::Rails::TemplateHandler.call(template) To: >> Coffee::Rails::TemplateHandler.call(template, source)
* Fix deprecation warning about variants and formatsPrathamesh Sonpatki2019-04-041-2/+2
| | | | | | - After https://github.com/rails/rails/pull/35408 and https://github.com/rails/rails/pull/35406, the `formats` and `variants` methods are deprecated in favor of `format` and `variant`.
* Output junit format test reportFumiaki MATSUSHIMA2019-04-041-0/+2
|
* Merge pull request #35145 from st0012/fix-35114Rafael França2019-04-033-13/+43
|\ | | | | Fix partial caching ignore repeated items issue
| * Fix partial caching ignore repeated items issuest00122019-04-043-13/+43
| | | | | | | | | | | | This is because we only use hash to maintain the result. So when the key are the same, the result would be skipped. The solution is to maintain an array for tracking every item's position to restructure the result.
* | Fix checking for template variants when using the ActionView::FixtureResolverEdward Rudd2019-04-033-2/+16
| |
* | Merge pull request #35825 from jhawthorn/always_filter_view_pathsEileen M. Uchitelle2019-04-037-35/+30
|\ \ | |/ |/| Make Resolver#find_all_anywhere equivalent to #find_all
| * Always reject files external to appJohn Hawthorn2019-04-037-35/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, when using `render file:`, it was possible to render files not only at an absolute path or relative to the current directory, but relative to ANY view paths. This was probably done for absolutely maximum compatibility when addressing CVE-2016-0752, but I think is unlikely to be used in practice. Tihs commit removes the ability to `render file:` with a path relative to a non-fallback view path. Make FallbackResolver.new private To ensure nobody is making FallbackResolvers other than "/" and "". Make reject_files_external_... no-op for fallbacks Because there are only two values used for path: "" and "/", and File.join("", "") == File.join("/", "") == "/", this method was only testing that the absolute paths started at "/" (which of course all do). This commit doesn't change any behaviour, but it makes it explicit that the FallbackFileSystemResolver works this way. Remove outside_app_allowed argument Deprecate find_all_anywhere This is now equivalent to find_all Remove outside_app argument Deprecate find_file for find Both LookupContext#find_file and PathSet#find_file are now equivalent to their respective #find methods.
* | [ci skip] Updated the doc after renaming Template::File -> Template::RawFile ↵Abhay Nikam2019-04-021-1/+1
| | | | | | | | in #35826
* | Rename File to RawFileCliff Pruitt2019-04-015-5/+5
|/
* [ci skip] Follow up c8bf334104Kasper Timm Hansen2019-04-011-1/+2
|
* Only clear template caches in dev after changes (#35629)John Hawthorn2019-04-016-7/+61
|
* url -> URL where apt except inside actionpack/Sharang Dashputre2019-04-016-9/+9
|
* Merge pull request #35793 from jhawthorn/deprecate_layout_absolute_pathKasper Timm Hansen2019-03-312-1/+4
|\ | | | | Deprecate render layout with an absolute path
| * Deprecate render layout with an absolute pathJohn Hawthorn2019-03-292-1/+4
| | | | | | | | | | | | | | This has similar problems to render file:. I've never seen this used, and believe it's a relic from when all templates could be rendered from an absolute path.
* | Tweaks CHANGELOGs and docs [ci skip]Ryuta Kamizono2019-03-311-3/+4
| | | | | | | | | | | | | | * add leading `#` before `=>` since hash rocket is valid Ruby code * add backticks * remove trailing spaces * and more
* | Merge pull request #35688 from jhawthorn/render_file_rfcAaron Patterson2019-03-3010-31/+110
|\ \ | |/ |/| RFC: Introduce Template::File
| * Introduce Template::File as new render file:John Hawthorn2019-03-2710-31/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous behaviour of render file: was essentially the same as render template:, except that templates can be specified as an absolute path on the filesystem. This makes sense for historic reasons, but now render file: is almost exclusively used to render raw files (not .erb) like public/404.html. In addition to complicating the code in template/resolver.rb, I think the current behaviour is surprising to developers. This commit deprecates the existing "lookup a template from anywhere" behaviour and replaces it with "render this file exactly as it is on disk". Handlers will no longer be used (it will render the same as if the :raw handler was used), but formats (.html, .xml, etc) will still be detected (and will default to :plain). The existing render file: behaviour was the path through which Rails apps were vulnerable in the recent CVE-2019-5418. Although the vulnerability has been patched in a fully backwards-compatible way, I think it's a strong hint that we should drop the existing previously-vulnerable behaviour if it isn't a benefit to developers.
* | Fix annotated typoPrathamesh Sonpatki2019-03-293-7/+7
| |
* | Merge pull request #35308 from ↵Rafael França2019-03-284-1/+39
|\ \ | |/ |/| | | | | erose/better-error-reporting-for-syntax-errors-in-templates Display a more helpful error message when an ERB template has a Ruby syntax error.
| * Add handling and tests.Eli Rose2019-02-174-1/+39
| |
* | Merge pull request #35758 from Shigeyuki-fukuda/aligned_order_of_argumentRafael França2019-03-261-2/+2
|\ \ | | | | | | Aligned the order of the arguments of render_template and render_with_layout
| * | Aligned the order of the arguments of render_template and render_with_layoutShigeyuki-fukuda2019-03-271-2/+2
| | |
* | | Merge pull request #35761 from koic/bump_rubocop_to_0_66_0Ryuta Kamizono2019-03-271-5/+5
|\ \ \ | | | | | | | | Bump RuboCop to 0.66.0
| * | | Bump RuboCop to 0.66.0Koichi ITO2019-03-271-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ### Summary RuboCop 0.66.0 has been released. https://github.com/rubocop-hq/rubocop/releases/tag/v0.66.0 And rubocop-0-66 channel is available in Code Climate. https://github.com/codeclimate/codeclimate/releases/tag/v0.84.0 RuboCop 0.66.0 fixed the false negative to indentation for modifier. And this PR applied the auto-correction fixed by it. https://github.com/rubocop-hq/rubocop/pull/6792 In addtion, this PR is also updating the following 4 gems that RuboCop depends on. - Update Psych gem ... https://github.com/rubocop-hq/rubocop/pull/6766 - Update Parser gem to 2.6.2.0 that supports Ruby 2.5.5 and 2.6.2 ... https://github.com/whitequark/parser/blob/v2.6.2.0/CHANGELOG.md#changelog - Remove powerpack gem ... https://github.com/rubocop-hq/rubocop/pull/6806 - Update unicode-display_width gem ... https://github.com/rubocop-hq/rubocop/pull/6813
* | | | Deprecate custom patterns for PathResolverJohn Hawthorn2019-03-262-40/+15
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Custom glob patterns tie the implementation (Using Dir.glob) to the API we provide. It also doesn't really work. extract_handler_and_format_and_variant expects the handler, format, and variant to be at the end of the template path, and in the same order as they are in the default pattern. This deprecates specifying a custom path for FileSystemResolver and removes the pattern argument of OptimizedFileSystemResolver#initialize, which does not work with a custom pattern.
* | | [ci skip] Fixed typoShailesh Kalamkar2019-03-231-1/+1
| | |
* | | Update CHANGELOGs for 6.0.0.beta3 releaseJohn Hawthorn2019-03-221-1/+10
|/ /
* | Prefer render template: in testsJohn Hawthorn2019-03-217-42/+43
| | | | | | | | | | | | | | | | | | | | | | | | Many tests were using `render file:`, but were only testing the behaviour of `render template:` (file: just allows more paths/ is less secure then template:). The reason for so many `render file:` is probably that they were the old default. This commit replaces `render file:` with `render template:` anywhere the test wasn't specifically interested in using `render file:`.
* | Merge pull request #35661 from jhawthorn/lookup_context_validationEileen M. Uchitelle2019-03-203-2/+18
|\ \ | | | | | | Validate types assigned to LookupContext#formats=
| * | Don't compact formatsJohn Hawthorn2019-03-192-6/+1
| | |
| * | Avoid assigning [nil] to formatsJohn Hawthorn2019-03-191-1/+1
| | |
| * | Improve "raises on invalid format assignment" testJohn Hawthorn2019-03-181-2/+2
| | |
| * | Rename invalid_types to invalid_valuesJohn Hawthorn2019-03-181-3/+3
| | |
| * | Raise in LookupContext#formats= on invalid formatJohn Hawthorn2019-03-182-0/+13
| | | | | | | | | | | | | | | | | | This is a developer quality of life improvement, to ensure that unknown formats aren't assigned (which it would previously accept, but wouldn't work 100% correctly due to caching).
| * | Make uniq in LookupContext#formats=John Hawthorn2019-03-182-1/+3
| | | | | | | | | | | | | | | Having a format listed twice had no effect. This is mostly helpful to avoid an extra format when assigning [:html, "*/*"]