./www/ruby-rack-protection, Protection for against typical web attacks for Rack application

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.1.0, Package name: ruby31-rack-protection-3.1.0, Maintainer: pkgsrc-users

Rack::Protection

You should use protection!

This gem protects against typical web attacks.
Should work for all Rack apps, including Rails.


Required to run:
[www/ruby-rack] [lang/ruby26-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 20 KB

Version history: (Expand)


CVS history: (Expand)


   2023-08-11 15:38:58 by Takahiro Kambe | Files touched by this commit (7) | Package updated
Log message:
www/ruby-rack-protection: update to 3.1.0

pkgsrc change:

* change rack-protection's dependency to www/ruby-rack2 instead of
  www/ruby-rack.

3.1.0 (2023-08-07)

* New: Add sass support via sass-embedded #1911 by なつき
* New: Add start and stop callbacks #1913 by Jevin Sew
* New: Warn on dropping sessions #1900 by Jonathan del Strother
* New: Make Puma the default server #1924 by Patrik Ragnarsson
* Fix: Remove use of Tilt::Cache #1922 by Jeremy Evans (allows use of Tilt
  2.2.0 without deprecation warning)
* Fix: rack-protection: specify rack version requirement #1932 by Patrik
  Ragnarsson
   2023-04-30 17:23:02 by Takahiro Kambe | Files touched by this commit (6) | Package updated
Log message:
www/ruby-sinatra: update to 3.0.6

ruby-sinatra-contrib and ruby-rack-protection are the same source.

3.0.6 (2023-04-11)

* Fix: Add support to keep open streaming connections with Puma #1858 by
  Jordan Owens
* Fix: Avoid crash in uri helper on Integer input #1890 by Patrik Ragnarsson
* Fix: Rescue RuntimeError when trying to use SecureRandom #1888 by Stefan
  Sundin
   2023-01-04 16:27:59 by Takahiro Kambe | Files touched by this commit (9) | Package updated
Log message:
www/ruby-sinatra: update to 3.0.5

It also update rack-protection and sinatra-contrib.

3.0.5 (2022-12-16)

* Fix: Add Zeitwerk compatibility. #1831 by Dawid Janczak
* Fix: Allow CALLERS_TO_IGNORE to be overridden

3.0.4 (2022-11-25)

* Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei
  Sakai

3.0.3 (2022-11-11)

* Fix: fixed ReDoS for Rack::Protection::IPSpoofing. #1823 by @ooooooo-q

3.0.2 (2022-10-01)

* New: Add Haml 6 support. #1820 by Jordan Owens

3.0.1 (2022-09-26)

* Fix: Revert removal of rack-protection.rb. #1814 by Olle Jonsson

* Fix: Revert change to server start and stop messaging by using
  Kernel#warn. Renamed internal warn method warn_for_deprecation. #1818 by
  Jordan Owens

3.0.0 (2022-09-26)

* New: Add Falcon support. #1794 by Samuel Williams and @horaciob
* New: Add AES GCM encryption support for session cookies. [#1324] (#1324)
  by Michael Coyne
* Deprecated: Sinatra Reloader will be removed in the next major release.
* Fix: Internal Sinatra errors now extend Sinatra::Error. This fixes #1204
  and #1518. bda8c29d by Jordan Owens
* Fix: Preserve query param value if named route param nil. #1676 by Jordan
  Owens
* Require Ruby 2.6 as minimum Ruby version. #1699 by Eloy Pérez
* Breaking change: Remove support for the Stylus template engine. #1697 by
  Eloy Pérez
* Breaking change: Remove support for the erubis template engine. #1761 by
  Eloy Pérez
* Breaking change: Remove support for the textile template engine. #1766 by
  Eloy Pérez
* Breaking change: Remove support for SASS as a template engine. #1768 by
  Eloy Pérez
* Breaking change: Remove support for Wlang as a template engine. #1780 by
  Eloy Pérez
* Breaking change: Remove support for CoffeeScript as a template
  engine. #1790 by Eloy Pérez
* Breaking change: Remove support for Mediawiki as a template engine. #1791
  by Eloy Pérez
* Breaking change: Remove support for Creole as a template engine. #1792 by
  Eloy Pérez
* Breaking change: Remove support for Radius as a template engine. #1793 by
  Eloy Pérez
* Breaking change: Remove support for the defunct Less templating
  library. See #1716, #1715 for more discussion and background. d1af2f1e by
  Olle Jonsson
* Breaking change: Remove Reel integration. 54597502 by Olle Jonsson
* CI: Start testing on Ruby 3.1. 60e221940 and b0fa4bef by Johannes Würbach
* Use Kernel#caller_locations. #1491 by Julik Tarkhanov
* Docs: Japanese documentation: Add notes about the default_content_type
  setting. #1650 by Akifumi Tominaga
* Docs: Polish documentation: Add section about Multithreaded modes and
  Routes. #1708 by Patrick Gramatowski
* Docs: Japanese documentation: Make Session section reflect changes done to
  README.md. #1731 by @shu-i-chi
   2022-09-01 15:49:14 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-rack-protection: update to 2.2.2

2.2.0 (2022-02-15)

* Fix broken origin_whitelist option. Fixes #1641 #1642 by Takeshi YASHIRO.

2.2.1 (2022-07-15)

No change.

2.2.2 (2022-07-23)

No change.
   2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030)
Log message:
www: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts):
www/nghttp2/distinfo

Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz
   2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033)
Log message:
www: Remove SHA1 hashes for distfiles
   2020-09-14 17:45:31 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
www/ruby-rack-protection: update to 2.1.0

Update ruby-rack-protection package to 2.1.0.

2.1.0 (2020-09-05)

* Add Rack::Protection::ReferrerPolicy #1291 by Stefan Sundin
   2020-03-20 17:29:38 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-rack-protection: update to 2.0.8.1

Update ruby-rack-protection to 2.0.8.1.

### rack-protection

* Don't track the Accept-Language header by default \ 
[#1504](https://github.com/sinatra/sinatra/pull/1504) by Artem Chistyakov