From fa487763d98ccf9c3e66fdb44f09af5c37a50fe5 Mon Sep 17 00:00:00 2001 From: Vipul A M Date: Tue, 12 Apr 2016 02:41:06 +0530 Subject: Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, and started raising `ArgumentError` in case of length mismatch of passed strings. --- activesupport/CHANGELOG.md | 8 ++++++++ activesupport/lib/active_support/security_utils.rb | 22 ++++++++++++---------- activesupport/test/security_utils_test.rb | 11 +++++++++++ 3 files changed, 31 insertions(+), 10 deletions(-) (limited to 'activesupport') diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index fc1e5516f8..8a76e011c1 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,11 @@ +* Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, + to make it not leak length information even for variable length string. + + Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`, + and started raising `ArgumentError` in case of length mismatch of passed strings. + + *Vipul A M* + * Add default option to module and class attribute accessors. mattr_accessor :settings, default: {} diff --git a/activesupport/lib/active_support/security_utils.rb b/activesupport/lib/active_support/security_utils.rb index b655d64449..5f5d4faa60 100644 --- a/activesupport/lib/active_support/security_utils.rb +++ b/activesupport/lib/active_support/security_utils.rb @@ -2,14 +2,12 @@ require "digest" module ActiveSupport module SecurityUtils - # Constant time string comparison. + # Constant time string comparison, for fixed length strings. # # The values compared should be of fixed length, such as strings - # that have already been processed by HMAC. This should not be used - # on variable length plaintext strings because it could leak length info - # via timing attacks. - def secure_compare(a, b) - return false unless a.bytesize == b.bytesize + # that have already been processed by HMAC. Raises in case of length mismatch. + def fixed_length_secure_compare(a, b) + raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize l = a.unpack "C#{a.bytesize}" @@ -17,11 +15,15 @@ module ActiveSupport b.each_byte { |byte| res |= byte ^ l.shift } res == 0 end - module_function :secure_compare + module_function :fixed_length_secure_compare - def variable_size_secure_compare(a, b) # :nodoc: - secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b)) + # Constant time string comparison, for variable length strings. + # + # The values are first processed by SHA256, so that we don't leak length info + # via timing attacks. + def secure_compare(a, b) + fixed_length_secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b)) end - module_function :variable_size_secure_compare + module_function :secure_compare end end diff --git a/activesupport/test/security_utils_test.rb b/activesupport/test/security_utils_test.rb index e8f762da22..8d7f7d699a 100644 --- a/activesupport/test/security_utils_test.rb +++ b/activesupport/test/security_utils_test.rb @@ -11,4 +11,15 @@ class SecurityUtilsTest < ActiveSupport::TestCase assert ActiveSupport::SecurityUtils.variable_size_secure_compare("a", "a") assert_not ActiveSupport::SecurityUtils.variable_size_secure_compare("a", "b") end + + def test_fixed_length_secure_compare_should_perform_string_comparison + assert ActiveSupport::SecurityUtils.fixed_length_secure_compare("a", "a") + assert !ActiveSupport::SecurityUtils.fixed_length_secure_compare("a", "b") + end + + def test_fixed_length_secure_compare_raise_on_length_mismatch + assert_raises(ArgumentError, "string length mismatch.") do + ActiveSupport::SecurityUtils.fixed_length_secure_compare("a", "ab") + end + end end -- cgit v1.2.3 From 078421bacba178eac6a8e607b16f3f4511c5d72f Mon Sep 17 00:00:00 2001 From: Chris LaRose Date: Wed, 22 Nov 2017 09:12:08 -0800 Subject: Make ActiveSupport::TimeZone.all independent of previous lookups (#31176) --- activesupport/CHANGELOG.md | 7 +++++++ activesupport/lib/active_support/values/time_zone.rb | 12 +++++++++--- activesupport/test/time_zone_test.rb | 7 +++++++ 3 files changed, 23 insertions(+), 3 deletions(-) (limited to 'activesupport') diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index 88bbafc3a8..3257c63fd2 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,10 @@ +* Make `ActiveSupport::TimeZone.all` return only time zones that are in + `ActiveSupport::TimeZone::MAPPING`. + + Fixes #7245. + + *Chris LaRose* + * MemCacheStore: Support expiring counters. Pass `expires_in: [seconds]` to `#increment` and `#decrement` options diff --git a/activesupport/lib/active_support/values/time_zone.rb b/activesupport/lib/active_support/values/time_zone.rb index b294d99fe0..07e37f5dd2 100644 --- a/activesupport/lib/active_support/values/time_zone.rb +++ b/activesupport/lib/active_support/values/time_zone.rb @@ -256,6 +256,13 @@ module ActiveSupport @country_zones[code] ||= load_country_zones(code) end + def clear() #:nodoc: + @lazy_zones_map = Concurrent::Map.new + @country_zones = Concurrent::Map.new + @zones = nil + @zones_map = nil + end + private def load_country_zones(code) country = TZInfo::Country.get(code) @@ -269,9 +276,8 @@ module ActiveSupport end def zones_map - @zones_map ||= begin - MAPPING.each_key { |place| self[place] } # load all the zones - @lazy_zones_map + @zones_map ||= MAPPING.each_with_object({}) do |(name, _), zones| + zones[name] = self[name] end end end diff --git a/activesupport/test/time_zone_test.rb b/activesupport/test/time_zone_test.rb index 862e872494..405c8f315b 100644 --- a/activesupport/test/time_zone_test.rb +++ b/activesupport/test/time_zone_test.rb @@ -718,6 +718,13 @@ class TimeZoneTest < ActiveSupport::TestCase end end + def test_all_uninfluenced_by_time_zone_lookups_delegated_to_tzinfo + ActiveSupport::TimeZone.clear + galapagos = ActiveSupport::TimeZone["Pacific/Galapagos"] + all_zones = ActiveSupport::TimeZone.all + assert_not_includes all_zones, galapagos + end + def test_index assert_nil ActiveSupport::TimeZone["bogus"] assert_instance_of ActiveSupport::TimeZone, ActiveSupport::TimeZone["Central Time (US & Canada)"] -- cgit v1.2.3 From 3063ace1070e4ddb8d0cc09fbd23049e7b21617a Mon Sep 17 00:00:00 2001 From: "T.J. Schuck" Date: Wed, 22 Nov 2017 14:45:51 -0500 Subject: Update incorrect backtick usage in RDoc to teletype [ci skip] --- activesupport/lib/active_support/cache/redis_cache_store.rb | 10 +++++----- activesupport/lib/active_support/core_ext/array/access.rb | 4 ++-- .../lib/active_support/core_ext/date_time/compatibility.rb | 4 ++-- .../lib/active_support/core_ext/object/with_options.rb | 2 +- .../lib/active_support/core_ext/string/inflections.rb | 2 +- .../lib/active_support/core_ext/string/output_safety.rb | 2 +- activesupport/lib/active_support/inflector/transliterate.rb | 4 ++-- activesupport/lib/active_support/message_encryptor.rb | 4 ++-- activesupport/lib/active_support/message_verifier.rb | 6 +++--- 9 files changed, 19 insertions(+), 19 deletions(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/cache/redis_cache_store.rb b/activesupport/lib/active_support/cache/redis_cache_store.rb index 08200a556f..3cf002f67e 100644 --- a/activesupport/lib/active_support/cache/redis_cache_store.rb +++ b/activesupport/lib/active_support/cache/redis_cache_store.rb @@ -33,9 +33,9 @@ module ActiveSupport # * Fault tolerant. If the Redis server is unavailable, no exceptions are # raised. Cache fetches are all misses and writes are dropped. # * Local cache. Hot in-memory primary cache within block/middleware scope. - # * `read_/write_multi` support for Redis mget/mset. Use Redis::Distributed + # * +read_multi+ and +write_multi+ support for Redis mget/mset. Use Redis::Distributed # 4.0.1+ for distributed mget support. - # * `delete_matched` support for Redis KEYS globs. + # * +delete_matched+ support for Redis KEYS globs. class RedisCacheStore < Store # Keys are truncated with their own SHA2 digest if they exceed 1kB MAX_KEY_BYTESIZE = 1024 @@ -143,12 +143,12 @@ module ActiveSupport # :url Array -> Redis::Distributed.new([{ url: … }, { url: … }, …]) # # No namespace is set by default. Provide one if the Redis cache - # server is shared with other apps: `namespace: 'myapp-cache'`. + # server is shared with other apps: namespace: 'myapp-cache'. # # Compression is enabled by default with a 1kB threshold, so cached # values larger than 1kB are automatically compressed. Disable by - # passing `cache: false` or change the threshold by passing - # `compress_threshold: 4.kilobytes`. + # passing cache: false or change the threshold by passing + # compress_threshold: 4.kilobytes. # # No expiry is set on cache entries by default. Redis is expected to # be configured with an eviction policy that automatically deletes diff --git a/activesupport/lib/active_support/core_ext/array/access.rb b/activesupport/lib/active_support/core_ext/array/access.rb index d67f99df0e..b7ff7a3907 100644 --- a/activesupport/lib/active_support/core_ext/array/access.rb +++ b/activesupport/lib/active_support/core_ext/array/access.rb @@ -35,8 +35,8 @@ class Array # people.without "Aaron", "Todd" # # => ["David", "Rafael"] # - # Note: This is an optimization of `Enumerable#without` that uses `Array#-` - # instead of `Array#reject` for performance reasons. + # Note: This is an optimization of Enumerable#without that uses Array#- + # instead of Array#reject for performance reasons. def without(*elements) self - elements end diff --git a/activesupport/lib/active_support/core_ext/date_time/compatibility.rb b/activesupport/lib/active_support/core_ext/date_time/compatibility.rb index 424f64d6fa..2d6b49722d 100644 --- a/activesupport/lib/active_support/core_ext/date_time/compatibility.rb +++ b/activesupport/lib/active_support/core_ext/date_time/compatibility.rb @@ -8,8 +8,8 @@ class DateTime silence_redefinition_of_method :to_time - # Either return an instance of `Time` with the same UTC offset - # as +self+ or an instance of `Time` representing the same time + # Either return an instance of +Time+ with the same UTC offset + # as +self+ or an instance of +Time+ representing the same time # in the the local system timezone depending on the setting of # on the setting of +ActiveSupport.to_time_preserves_timezone+. def to_time diff --git a/activesupport/lib/active_support/core_ext/object/with_options.rb b/activesupport/lib/active_support/core_ext/object/with_options.rb index b6c464db33..2838fd76be 100644 --- a/activesupport/lib/active_support/core_ext/object/with_options.rb +++ b/activesupport/lib/active_support/core_ext/object/with_options.rb @@ -62,7 +62,7 @@ class Object # # validates :content, length: { minimum: 50 }, if: -> { content.present? } # - # Hence the inherited default for `if` key is ignored. + # Hence the inherited default for +if+ key is ignored. # # NOTE: You cannot call class methods implicitly inside of with_options. # You can access these methods using the class name instead: diff --git a/activesupport/lib/active_support/core_ext/string/inflections.rb b/activesupport/lib/active_support/core_ext/string/inflections.rb index da53739efc..8af301734a 100644 --- a/activesupport/lib/active_support/core_ext/string/inflections.rb +++ b/activesupport/lib/active_support/core_ext/string/inflections.rb @@ -174,7 +174,7 @@ class String # <%= link_to(@person.name, person_path) %> # # => Donald E. Knuth # - # To preserve the case of the characters in a string, use the `preserve_case` argument. + # To preserve the case of the characters in a string, use the +preserve_case+ argument. # # class Person # def to_param diff --git a/activesupport/lib/active_support/core_ext/string/output_safety.rb b/activesupport/lib/active_support/core_ext/string/output_safety.rb index b712200959..f3bdc2977e 100644 --- a/activesupport/lib/active_support/core_ext/string/output_safety.rb +++ b/activesupport/lib/active_support/core_ext/string/output_safety.rb @@ -250,7 +250,7 @@ class String # Marks a string as trusted safe. It will be inserted into HTML with no # additional escaping performed. It is your responsibility to ensure that the # string contains no malicious content. This method is equivalent to the - # `raw` helper in views. It is recommended that you use `sanitize` instead of + # +raw+ helper in views. It is recommended that you use +sanitize+ instead of # this method. It should never be called on user input. def html_safe ActiveSupport::SafeBuffer.new(self) diff --git a/activesupport/lib/active_support/inflector/transliterate.rb b/activesupport/lib/active_support/inflector/transliterate.rb index 9fb3a2e0af..6f2ca4999c 100644 --- a/activesupport/lib/active_support/inflector/transliterate.rb +++ b/activesupport/lib/active_support/inflector/transliterate.rb @@ -73,12 +73,12 @@ module ActiveSupport # parameterize("Donald E. Knuth") # => "donald-e-knuth" # parameterize("^très|Jolie-- ") # => "tres-jolie" # - # To use a custom separator, override the `separator` argument. + # To use a custom separator, override the +separator+ argument. # # parameterize("Donald E. Knuth", separator: '_') # => "donald_e_knuth" # parameterize("^très|Jolie__ ", separator: '_') # => "tres_jolie" # - # To preserve the case of the characters in a string, use the `preserve_case` argument. + # To preserve the case of the characters in a string, use the +preserve_case+ argument. # # parameterize("Donald E. Knuth", preserve_case: true) # => "Donald-E-Knuth" # parameterize("^très|Jolie-- ", preserve_case: true) # => "tres-Jolie" diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index 69c95e0622..27fd061947 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -58,8 +58,8 @@ module ActiveSupport # === Rotating keys # # MessageEncryptor also supports rotating out old configurations by falling - # back to a stack of encryptors. Call `rotate` to build and add an encryptor - # so `decrypt_and_verify` will also try the fallback. + # back to a stack of encryptors. Call +rotate+ to build and add an encryptor + # so +decrypt_and_verify+ will also try the fallback. # # By default any rotated encryptors use the values of the primary # encryptor unless specified otherwise. diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index 622b66ee55..83c39c0a86 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -31,7 +31,7 @@ module ActiveSupport # # +MessageVerifier+ creates HMAC signatures using SHA1 hash algorithm by default. # If you want to use a different hash algorithm, you can change it by providing - # `:digest` key as an option while initializing the verifier: + # +:digest+ key as an option while initializing the verifier: # # @verifier = ActiveSupport::MessageVerifier.new('s3Krit', digest: 'SHA256') # @@ -78,8 +78,8 @@ module ActiveSupport # === Rotating keys # # MessageVerifier also supports rotating out old configurations by falling - # back to a stack of verifiers. Call `rotate` to build and add a verifier to - # so either `verified` or `verify` will also try verifying with the fallback. + # back to a stack of verifiers. Call +rotate+ to build and add a verifier to + # so either +verified+ or +verify+ will also try verifying with the fallback. # # By default any rotated verifiers use the values of the primary # verifier unless specified otherwise. -- cgit v1.2.3 From f76ca450f5027a4fa578d939b35fe4f608f2423e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Sat, 25 Nov 2017 11:33:11 -0500 Subject: Compare the actual string after comparing the HMAC proccessed strings Even that collisions are unlikely we need to make sure the two strings are equal. Timing is not important in this case because this only runs after the comparison between the SHA256 digested strings returns true. --- activesupport/lib/active_support/security_utils.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/security_utils.rb b/activesupport/lib/active_support/security_utils.rb index 4d129bfe41..20b6b9cd3f 100644 --- a/activesupport/lib/active_support/security_utils.rb +++ b/activesupport/lib/active_support/security_utils.rb @@ -24,7 +24,7 @@ module ActiveSupport # The values are first processed by SHA256, so that we don't leak length info # via timing attacks. def secure_compare(a, b) - fixed_length_secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b)) + fixed_length_secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b)) && a == b end module_function :secure_compare end -- cgit v1.2.3 From fb30d1267095190fc73edaf1a77209880f6957e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Sat, 25 Nov 2017 15:24:58 -0500 Subject: Renove duplicated and wrong test --- activesupport/test/security_utils_test.rb | 5 ----- 1 file changed, 5 deletions(-) (limited to 'activesupport') diff --git a/activesupport/test/security_utils_test.rb b/activesupport/test/security_utils_test.rb index 6945f653e6..0a607594a2 100644 --- a/activesupport/test/security_utils_test.rb +++ b/activesupport/test/security_utils_test.rb @@ -9,11 +9,6 @@ class SecurityUtilsTest < ActiveSupport::TestCase assert_not ActiveSupport::SecurityUtils.secure_compare("a", "b") end - def test_variable_size_secure_compare_should_perform_string_comparison - assert ActiveSupport::SecurityUtils.variable_size_secure_compare("a", "a") - assert_not ActiveSupport::SecurityUtils.variable_size_secure_compare("a", "b") - end - def test_fixed_length_secure_compare_should_perform_string_comparison assert ActiveSupport::SecurityUtils.fixed_length_secure_compare("a", "a") assert !ActiveSupport::SecurityUtils.fixed_length_secure_compare("a", "b") -- cgit v1.2.3 From 7ce8a6af1b8fdbc9ee553bda3fd725bea169c2f3 Mon Sep 17 00:00:00 2001 From: Ryuta Kamizono Date: Mon, 27 Nov 2017 15:16:12 +0900 Subject: Enable `Style/DefWithParentheses` rubocop rule The def with blank `()` was newly added in #31176, but we have not used the blank `()` style in most part of our code base. So I've enabled `Style/DefWithParentheses` to prevent to newly added the code. --- activesupport/lib/active_support/values/time_zone.rb | 2 +- activesupport/test/json/encoding_test.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/values/time_zone.rb b/activesupport/lib/active_support/values/time_zone.rb index 07e37f5dd2..4d81ac939e 100644 --- a/activesupport/lib/active_support/values/time_zone.rb +++ b/activesupport/lib/active_support/values/time_zone.rb @@ -256,7 +256,7 @@ module ActiveSupport @country_zones[code] ||= load_country_zones(code) end - def clear() #:nodoc: + def clear #:nodoc: @lazy_zones_map = Concurrent::Map.new @country_zones = Concurrent::Map.new @zones = nil diff --git a/activesupport/test/json/encoding_test.rb b/activesupport/test/json/encoding_test.rb index 96ad8dfbdb..d904f79ccf 100644 --- a/activesupport/test/json/encoding_test.rb +++ b/activesupport/test/json/encoding_test.rb @@ -210,7 +210,7 @@ class TestJSONEncoding < ActiveSupport::TestCase People = Class.new(BasicObject) do include Enumerable - def initialize() + def initialize @people = [ { name: "John", address: { city: "London", country: "UK" } }, { name: "Jean", address: { city: "Paris" , country: "France" } } -- cgit v1.2.3 From 7d35a59e221622a0c5257dc5d176a0ef8d32489e Mon Sep 17 00:00:00 2001 From: Ignat Zakrevsky Date: Mon, 27 Nov 2017 18:51:24 +0000 Subject: [ci skip] Fix documentation for deprecation method_wrappers Seems like version with class methods doesn't work. ```ruby require "active_support/deprecation.rb" module Fred extend self def aaa; end def bbb; end def ccc; end def ddd; end def eee; end end ActiveSupport::Deprecation.deprecate_methods(Fred, :aaa, bbb: :zzz, ccc: 'use Bar#ccc instead') Fred.aaa Fred.bbb Fred.ccc ``` # produces nothing vs ```ruby require "active_support/deprecation.rb" class Fred def aaa; end def bbb; end def ccc; end def ddd; end def eee; end end ActiveSupport::Deprecation.deprecate_methods(Fred, :aaa, bbb: :zzz, ccc: 'use Bar#ccc instead') Fred.new.aaa Fred.new.bbb Fred.new.ccc ``` produces ``` DEPRECATION WARNING: aaa is deprecated and will be removed from Rails 5.2 (called from
at deprications.rb:15) DEPRECATION WARNING: bbb is deprecated and will be removed from Rails 5.2 (use zzz instead) (called from
at deprications.rb:16) DEPRECATION WARNING: ccc is deprecated and will be removed from Rails 5.2 (use Bar#ccc instead) (called from
at deprications.rb:17) ``` --- .../lib/active_support/deprecation/method_wrappers.rb | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/deprecation/method_wrappers.rb b/activesupport/lib/active_support/deprecation/method_wrappers.rb index d359992bf5..c4b78102eb 100644 --- a/activesupport/lib/active_support/deprecation/method_wrappers.rb +++ b/activesupport/lib/active_support/deprecation/method_wrappers.rb @@ -8,9 +8,7 @@ module ActiveSupport module MethodWrapper # Declare that a method has been deprecated. # - # module Fred - # extend self - # + # class Fred # def aaa; end # def bbb; end # def ccc; end @@ -22,15 +20,15 @@ module ActiveSupport # ActiveSupport::Deprecation.deprecate_methods(Fred, :aaa, bbb: :zzz, ccc: 'use Bar#ccc instead') # # => Fred # - # Fred.aaa + # Fred.new.aaa # # DEPRECATION WARNING: aaa is deprecated and will be removed from Rails 5.1. (called from irb_binding at (irb):10) # # => nil # - # Fred.bbb + # Fred.new.bbb # # DEPRECATION WARNING: bbb is deprecated and will be removed from Rails 5.1 (use zzz instead). (called from irb_binding at (irb):11) # # => nil # - # Fred.ccc + # Fred.new.ccc # # DEPRECATION WARNING: ccc is deprecated and will be removed from Rails 5.1 (use Bar#ccc instead). (called from irb_binding at (irb):12) # # => nil # @@ -39,7 +37,7 @@ module ActiveSupport # ActiveSupport::Deprecation.deprecate_methods(Fred, ddd: :zzz, deprecator: custom_deprecator) # # => [:ddd] # - # Fred.ddd + # Fred.new.ddd # DEPRECATION WARNING: ddd is deprecated and will be removed from MyGem next-release (use zzz instead). (called from irb_binding at (irb):15) # # => nil # @@ -48,7 +46,7 @@ module ActiveSupport # custom_deprecator.deprecate_methods(Fred, eee: :zzz) # # => [:eee] # - # Fred.eee + # Fred.new.eee # DEPRECATION WARNING: eee is deprecated and will be removed from MyGem next-release (use zzz instead). (called from irb_binding at (irb):18) # # => nil def deprecate_methods(target_module, *method_names) -- cgit v1.2.3 From cceeeb6e57f1cf8b24d507e2da9ed85d374c8bc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Mon, 27 Nov 2017 13:01:15 -0500 Subject: Preparing for 5.2.0.beta1 release --- activesupport/CHANGELOG.md | 2 ++ activesupport/lib/active_support/gem_version.rb | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index b6eb64c1c9..edf0cdacc1 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 5.2.0.beta1 (November 27, 2017) ## + * Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, to make it not leak length information even for variable length string. diff --git a/activesupport/lib/active_support/gem_version.rb b/activesupport/lib/active_support/gem_version.rb index 2a7ef2f820..e9cdf17361 100644 --- a/activesupport/lib/active_support/gem_version.rb +++ b/activesupport/lib/active_support/gem_version.rb @@ -10,7 +10,7 @@ module ActiveSupport MAJOR = 5 MINOR = 2 TINY = 0 - PRE = "alpha" + PRE = "beta1" STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".") end -- cgit v1.2.3 From 37cf9b34667965402e804d75a78ccdeeb7d55166 Mon Sep 17 00:00:00 2001 From: Fatos Morina Date: Tue, 28 Nov 2017 19:27:43 +0100 Subject: Fix typos and add a few suggestions --- activesupport/README.rdoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/README.rdoc b/activesupport/README.rdoc index 8b47933bd2..c770324be8 100644 --- a/activesupport/README.rdoc +++ b/activesupport/README.rdoc @@ -30,7 +30,7 @@ API documentation is at: * http://api.rubyonrails.org -Bug reports can be filed for the Ruby on Rails project here: +Bug reports for the Ruby on Rails project can be filed here: * https://github.com/rails/rails/issues -- cgit v1.2.3 From 2837d0f3347e747a8c12bd3c097bc7282072d42b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Tue, 28 Nov 2017 00:01:45 -0500 Subject: Preparing for 5.2.0.beta2 release --- activesupport/CHANGELOG.md | 5 +++++ activesupport/lib/active_support/gem_version.rb | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index edf0cdacc1..42c4406967 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.0.beta2 (November 28, 2017) ## + +* No changes. + + ## Rails 5.2.0.beta1 (November 27, 2017) ## * Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`, diff --git a/activesupport/lib/active_support/gem_version.rb b/activesupport/lib/active_support/gem_version.rb index e9cdf17361..1e09adbb52 100644 --- a/activesupport/lib/active_support/gem_version.rb +++ b/activesupport/lib/active_support/gem_version.rb @@ -10,7 +10,7 @@ module ActiveSupport MAJOR = 5 MINOR = 2 TINY = 0 - PRE = "beta1" + PRE = "beta2" STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".") end -- cgit v1.2.3 From 333ff24b8524094d55badb6c7f42f4b53832c0b6 Mon Sep 17 00:00:00 2001 From: "T.J. Schuck" Date: Tue, 28 Nov 2017 17:49:54 -0500 Subject: Refactor Date/Time next_occurring and prev_occurring MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These methods were originally added in https://github.com/rails/rails/pull/26600 This includes a couple of refactors to make these methods behave more similarly to other Date/Time extensions added by Active Support: 1. Use `advance` instead of `since` and `ago` to time-travel — this is particularly important to keep the returned instance’s class matching `self`. Before this change: today = Date.today # => Tue, 28 Nov 2017 today.class # => Date today.next_occurring(:wednesday) # => Wed, 29 Nov 2017 00:00:00 UTC +00:00 today.next_occurring(:wednesday).class # => ActiveSupport::TimeWithZone After this change, a Date (or Time, or DateTime) instance is properly returned (just like is shown in the new docs). This is generally how everything else in DateAndTime::Calculations works. 2. Move the tests from the DateTime tests to the DateAndTimeBehavior tests. The latter location is mixed in to the core_ext tests for _all_ of Date, Time, and DateTime to test the behavior across all of the classes. The previous location is for testing core_ext functionality added specifically just to DateTime. 3. Better docs! --- .../core_ext/date_and_time/calculations.rb | 16 ++++++++++++---- .../test/core_ext/date_and_time_behavior.rb | 20 ++++++++++++++++++++ activesupport/test/core_ext/date_time_ext_test.rb | 22 ---------------------- 3 files changed, 32 insertions(+), 26 deletions(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/core_ext/date_and_time/calculations.rb b/activesupport/lib/active_support/core_ext/date_and_time/calculations.rb index 061b79e098..f6cb1a384c 100644 --- a/activesupport/lib/active_support/core_ext/date_and_time/calculations.rb +++ b/activesupport/lib/active_support/core_ext/date_and_time/calculations.rb @@ -330,20 +330,28 @@ module DateAndTime beginning_of_year..end_of_year end - # Returns specific next occurring day of week + # Returns a new date/time representing the next occurrence of the specified day of week. + # + # today = Date.today # => Thu, 14 Dec 2017 + # today.next_occurring(:monday) # => Mon, 18 Dec 2017 + # today.next_occurring(:thursday) # => Thu, 21 Dec 2017 def next_occurring(day_of_week) current_day_number = wday != 0 ? wday - 1 : 6 from_now = DAYS_INTO_WEEK.fetch(day_of_week) - current_day_number from_now += 7 unless from_now > 0 - since(from_now.days) + advance(days: from_now) end - # Returns specific previous occurring day of week + # Returns a new date/time representing the previous occurrence of the specified day of week. + # + # today = Date.today # => Thu, 14 Dec 2017 + # today.prev_occurring(:monday) # => Mon, 11 Dec 2017 + # today.prev_occurring(:thursday) # => Thu, 07 Dec 2017 def prev_occurring(day_of_week) current_day_number = wday != 0 ? wday - 1 : 6 ago = current_day_number - DAYS_INTO_WEEK.fetch(day_of_week) ago += 7 unless ago > 0 - ago(ago.days) + advance(days: -ago) end private diff --git a/activesupport/test/core_ext/date_and_time_behavior.rb b/activesupport/test/core_ext/date_and_time_behavior.rb index 42da6f6cd0..91b92043d0 100644 --- a/activesupport/test/core_ext/date_and_time_behavior.rb +++ b/activesupport/test/core_ext/date_and_time_behavior.rb @@ -328,6 +328,26 @@ module DateAndTimeBehavior assert_equal date_time_init(2007, 12, 31, 23, 59, 59, Rational(999999999, 1000)), date_time_init(2007, 12, 31, 10, 10, 10).end_of_year end + def test_next_occurring + assert_equal date_time_init(2017, 12, 18, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:monday) + assert_equal date_time_init(2017, 12, 19, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:tuesday) + assert_equal date_time_init(2017, 12, 20, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:wednesday) + assert_equal date_time_init(2017, 12, 21, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:thursday) + assert_equal date_time_init(2017, 12, 15, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:friday) + assert_equal date_time_init(2017, 12, 16, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:saturday) + assert_equal date_time_init(2017, 12, 17, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).next_occurring(:sunday) + end + + def test_prev_occurring + assert_equal date_time_init(2017, 12, 11, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:monday) + assert_equal date_time_init(2017, 12, 12, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:tuesday) + assert_equal date_time_init(2017, 12, 13, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:wednesday) + assert_equal date_time_init(2017, 12, 7, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:thursday) + assert_equal date_time_init(2017, 12, 8, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:friday) + assert_equal date_time_init(2017, 12, 9, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:saturday) + assert_equal date_time_init(2017, 12, 10, 3, 14, 15), date_time_init(2017, 12, 14, 3, 14, 15).prev_occurring(:sunday) + end + def test_monday_with_default_beginning_of_week_set with_bw_default(:saturday) do assert_equal date_time_init(2012, 9, 17, 0, 0, 0), date_time_init(2012, 9, 18, 0, 0, 0).monday diff --git a/activesupport/test/core_ext/date_time_ext_test.rb b/activesupport/test/core_ext/date_time_ext_test.rb index d942cddb2a..ed962803fa 100644 --- a/activesupport/test/core_ext/date_time_ext_test.rb +++ b/activesupport/test/core_ext/date_time_ext_test.rb @@ -30,28 +30,6 @@ class DateTimeExtCalculationsTest < ActiveSupport::TestCase end end - def test_next_occur - datetime = DateTime.new(2016, 9, 24, 0, 0) # saturday - assert_equal datetime.next_occurring(:monday), datetime.since(2.days) - assert_equal datetime.next_occurring(:tuesday), datetime.since(3.days) - assert_equal datetime.next_occurring(:wednesday), datetime.since(4.days) - assert_equal datetime.next_occurring(:thursday), datetime.since(5.days) - assert_equal datetime.next_occurring(:friday), datetime.since(6.days) - assert_equal datetime.next_occurring(:saturday), datetime.since(1.week) - assert_equal datetime.next_occurring(:sunday), datetime.since(1.day) - end - - def test_prev_occur - datetime = DateTime.new(2016, 9, 24, 0, 0) # saturday - assert_equal datetime.prev_occurring(:monday), datetime.ago(5.days) - assert_equal datetime.prev_occurring(:tuesday), datetime.ago(4.days) - assert_equal datetime.prev_occurring(:wednesday), datetime.ago(3.days) - assert_equal datetime.prev_occurring(:thursday), datetime.ago(2.days) - assert_equal datetime.prev_occurring(:friday), datetime.ago(1.day) - assert_equal datetime.prev_occurring(:saturday), datetime.ago(1.week) - assert_equal datetime.prev_occurring(:sunday), datetime.ago(6.days) - end - def test_readable_inspect datetime = DateTime.new(2005, 2, 21, 14, 30, 0) assert_equal "Mon, 21 Feb 2005 14:30:00 +0000", datetime.readable_inspect -- cgit v1.2.3 From 6815ce0be7febfea9b45643fb6b5e77e610bf0e6 Mon Sep 17 00:00:00 2001 From: "T.J. Schuck" Date: Tue, 28 Nov 2017 18:16:54 -0500 Subject: Formatting fix for example code Just cleaning up the formatting of the example code here to format an inline bit of commentary as a comment. Before: ![](https://monosnap.com/file/Clso8IQGOWHU3o6cStbY5NaMPx3ysP.png) After: ![](https://monosnap.com/file/QdbKKvLAeiQ0RucppVYETvaWEstnOI.png) [ci skip] --- activesupport/lib/active_support/deprecation/constant_accessor.rb | 2 +- activesupport/lib/active_support/deprecation/proxy_wrappers.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/deprecation/constant_accessor.rb b/activesupport/lib/active_support/deprecation/constant_accessor.rb index dd515cd6f4..1ed0015812 100644 --- a/activesupport/lib/active_support/deprecation/constant_accessor.rb +++ b/activesupport/lib/active_support/deprecation/constant_accessor.rb @@ -15,7 +15,7 @@ module ActiveSupport # # PLANETS = %w(mercury venus earth mars jupiter saturn uranus neptune pluto) # - # (In a later update, the original implementation of `PLANETS` has been removed.) + # # (In a later update, the original implementation of `PLANETS` has been removed.) # # PLANETS_POST_2006 = %w(mercury venus earth mars jupiter saturn uranus neptune) # include ActiveSupport::Deprecation::DeprecatedConstantAccessor diff --git a/activesupport/lib/active_support/deprecation/proxy_wrappers.rb b/activesupport/lib/active_support/deprecation/proxy_wrappers.rb index 782ad2519c..896c0d2d8e 100644 --- a/activesupport/lib/active_support/deprecation/proxy_wrappers.rb +++ b/activesupport/lib/active_support/deprecation/proxy_wrappers.rb @@ -113,7 +113,7 @@ module ActiveSupport # # PLANETS = %w(mercury venus earth mars jupiter saturn uranus neptune pluto) # - # (In a later update, the original implementation of `PLANETS` has been removed.) + # # (In a later update, the original implementation of `PLANETS` has been removed.) # # PLANETS_POST_2006 = %w(mercury venus earth mars jupiter saturn uranus neptune) # PLANETS = ActiveSupport::Deprecation::DeprecatedConstantProxy.new('PLANETS', 'PLANETS_POST_2006') -- cgit v1.2.3 From 5ec53c58f8e900d3ef25de64652c96806c6eb2fe Mon Sep 17 00:00:00 2001 From: Dixit Patel Date: Wed, 29 Nov 2017 11:40:45 +0530 Subject: [ci skip] Correct output for Upcase --- activesupport/lib/active_support/core_ext/string/multibyte.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/core_ext/string/multibyte.rb b/activesupport/lib/active_support/core_ext/string/multibyte.rb index 38224ea5da..075b206d04 100644 --- a/activesupport/lib/active_support/core_ext/string/multibyte.rb +++ b/activesupport/lib/active_support/core_ext/string/multibyte.rb @@ -12,7 +12,7 @@ class String # class. If the proxy class doesn't respond to a certain method, it's forwarded to the encapsulated string. # # >> "lj".upcase - # => "lj" + # => "LJ" # >> "lj".mb_chars.upcase.to_s # => "LJ" # -- cgit v1.2.3 From f4c08d14995ba9d5caf0f209d3a95308f93bec6a Mon Sep 17 00:00:00 2001 From: Ryuta Kamizono Date: Wed, 29 Nov 2017 17:18:39 +0900 Subject: Mention about Ruby 2.4 Unicode case mappings in `mb_chars` example [ci skip] (#31275) https://www.ruby-lang.org/en/news/2016/09/08/ruby-2-4-0-preview2-released/ --- activesupport/lib/active_support/core_ext/string/multibyte.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'activesupport') diff --git a/activesupport/lib/active_support/core_ext/string/multibyte.rb b/activesupport/lib/active_support/core_ext/string/multibyte.rb index 075b206d04..07c0d16398 100644 --- a/activesupport/lib/active_support/core_ext/string/multibyte.rb +++ b/activesupport/lib/active_support/core_ext/string/multibyte.rb @@ -12,10 +12,12 @@ class String # class. If the proxy class doesn't respond to a certain method, it's forwarded to the encapsulated string. # # >> "lj".upcase - # => "LJ" + # => "lj" # >> "lj".mb_chars.upcase.to_s # => "LJ" # + # NOTE: An above example is useful for pre Ruby 2.4. Ruby 2.4 supports Unicode case mappings. + # # == Method chaining # # All the methods on the Chars proxy which normally return a string will return a Chars object. This allows -- cgit v1.2.3