./www/ruby-mechanize, Library to automate interaction with websites

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.7.7, Package name: ruby26-mechanize-2.7.7, Maintainer: minskim

The Mechanize library is used for automating interaction with
websites. Mechanize automatically stores and sends cookies, follows
redirects, can follow links, and submit forms. Form fields can be
populated and submitted. Mechanize also keeps track of the sites that
you have visited as a history.


Required to run:
[mail/ruby-mime-types] [textproc/ruby-nokogiri] [www/ruby-net-http-persistent] [www/ruby-net-http-digest_auth] [www/ruby-webrobots] [net/ruby-domain_name] [www/ruby-ntlm-http] [www/ruby-http-cookie] [lang/ruby24-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 3270102df012ab42eda96c263a20a76262a34565
RMD160: c7c29dabb4b706434dca65109c42b485b9b06bc6
Filesize: 136 KB

Version history: (Expand)


CVS history: (Expand)


   2021-02-03 16:44:36 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
www/ruby-mechanize: update to 2.7.7

pkgsrc change: add "USE_LANGUAGES=	# empty"

2.7.7 / 2021-02-01

* Security fixes for CVE-2021-21289

  Mechanize `>= v2.0`, `< v2.7.7` allows for OS commands to be injected
  into several classes' methods via implicit use of Ruby's `Kernel.open`
  method. Exploitation is possible only if untrusted input is used as a
  local filename and passed to any of these calls:

  - `Mechanize::CookieJar#load`: since v2.0 (see 208e3ed)
  - `Mechanize::CookieJar#save_as`: since v2.0 (see 5b776a4)
  - `Mechanize#download`: since v2.2 (see dc91667)
  - `Mechanize::Download#save` and `#save!` since v2.1 (see 98b2f51, bd62ff0)
  - `Mechanize::File#save` and `#save_as`: since v2.1 (see 2bf7519)
  - `Mechanize::FileResponse#read_body`: since v2.0 (see 01039f5)

  See
  github.com/sparklemotion/mechanize/security/advisories/GHSA-qrqm-fpv6-6r8g
  for more information.

  Also see #547, #548. Thank you, @kyoshidajp!

New Features

* Support for Ruby 3.0 by adding `webrick` as a runtime dependency. (#557)
  @pvalena

Bug fix

* Ignore input fields with blank names (#542, #536)
   2018-09-23 18:53:58 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-mechanize: update to 2.7.6

=== 2.7.6

* New Features
  * Mechanize#set_proxy accepts an HTTP URL/URI. (#513)

* Bug fix
  * Fix element(s)_with(search: selector) methods not working for forms, form \ 
fields and frames. (#444)
  * Improve the filename parser for the `Content-Disposition` header. (#496, #517)
  * Accept `Content-Encoding: identity`. (#515)
  * Mechanize::Page#title no longer picks a title in an embeded SVG/RDF element. \ 
(#503)
  * Make Mechanize::Form#has_field? boolean. (#501)
   2016-10-18 17:50:43 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-mechanize to 2.7.5.

=== 2.7.5

* New Features
  * All 4xx responses and RedirectLimitReachedError when fetching robots.txt are \ 
treated as full allow just like Googlebot does.
  * Enable support for mime-types > 3.

* Bug fix
  * Don't cause infinite loop when `GET /robots.txt` redirects. (#457)
  * Fix basic authentication for a realm that contains uppercase characters. \ 
(#458, #459)
  * Fix encoding error when uploading a file which name is non-ASCII. (#333)
   2016-01-03 09:45:14 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-mechanize to 2.7.4.

=== 2.7.4

* New Features
  * Accept array-like and hash-like values as query/parameter value.
    A new utility method Mechanize::Util.each_parameter is added, and \ 
Mechanize::Util.build_query_string is enhanced
    for this feature.
  * Allow passing a `Form::FileUpload` instance to `#post`. #350 by Sam
    Rawlins.
  * Capture link when scheme is unsupported. #362 by Jon Rowe.
  * Pre-defined User-Agent stings are updated to those of more recent versions, \ 
and new aliases for IE 10/11 and Edge are added.
  * Support for mime-types 1.x is restored while keeping compatible with \ 
mime-types 2.x and adding support for 3.0.
  * Mechanize::Page now responds to #xpath, #css, #at_xpath, #at_css, and #%.
  * element(s)_with methods now accept :xpath and :css options for doing xpath/css
    selector searching.
  * Pass URI information to Nokogiri where applicable. #405 @lulalala

* Bug fix
  * Don't raise an exception if a connection has set a {read,open}_timeout and
    a `file://` request is made. (#397)
  * Fix whitespace bug in WWW-Authenticate. #451, #450, by Rasmus Bergholdt
  * Don't allow redirect from a non-file URL to a file URL for security reasons. \ 
(#455)
   2015-12-13 17:42:31 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Switch depends on ruby-mime-types2 package.

Bump PKGREVISION.
   2015-11-04 03:47:43 by Alistair G. Crooks | Files touched by this commit (758)
Log message:
Add SHA512 digests for distfiles for www category

Problems found locating distfiles:
	Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
	Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
	Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
	Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
	Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
	Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
	Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
	Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-09-27 01:45:00 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
Update HOMEPAGE.
Avoid using rubyforge.org since it stopped most of services.
   2015-06-11 19:34:28 by Takahiro Kambe | Files touched by this commit (1)
Log message:
Allow this package build on Ruby 2.2.