2024-12-11 15:37:06 by Takahiro Kambe | Files touched by this commit (3) | |
Log message: www/ruby-puma: update to 6.5.0 6.5.0 (2024-11-22) They say good things come to wait, and you've all had to wait a long time for 6.5.0 because @nateberkopec had another daughter: Sky! Features * Print RUBY_DESCRIPTION when Puma starts ([#3407]) * Set the worker process count automatically when using WEB_CONCURRENCY=auto ([#3439], [#3437]) * Mark as ractor-safe ([#3486], [#3422]) * Add option enable_keep_alives. true (the default) mimics existing behavior, but now you can use false to disable keepalive to reduce queue tail latency ([#3496]) * Add parameters to Puma methods to allow CI to change ENV in isolation ([#3485]) * Add ssl_ciphersuites option for TLSv1.3 ciphers ([#3359], [#3343]) * You can now use --threads 5 or threads 5 to config max/min threads with a single number (used to need to say 5:5) ([#3309]) * Option to turn off systemd plugin ([#3425], [#3424]) * Add on_stopped hook ([#3411], [#3380]) Bugfixes * Handle blank environment variables when loading config ([#3539]) * lib/rack/handler/puma.rb - fix for rackup v1.0.1, adjust Gemfile ([#3532], [#3531]) * null_io.rb - add external_encoding, set_encoding, binmode, binmode? ([#3214]) * Implement NullIO#seek and #pos to mimic IO ([#3468]) * add support in rack handler & fix regression in binder for linux abstract namespace sockets ([#3508]) * Use actual thread local for Puma::Server.current. ([#3360]) * client.rb - fix request chunked body handling ([#3338], [#3337]) * Properly handle two requests seen in the initial buffer ([#3332]) * Fix response repeated status line when request is invalid or errors are raised ([#3308], [#3307]) * Fix child processes not being reaped when Process.detach used ([#3314], [#3313]) JRuby * Make HTTP length constants configurable ([#3518]) * Fixup jruby_restart.rb & launcher.rb to work with ARM64 macOS JRuby ([#3467]) Performance * Avoid checking if all workers reached timeout unless idle timeout is configured ([#3341]) * Request body - increase read size to 64 kB ([#3548]) * single mode skip wait_for_less_busy_worker ([#3325]) Refactor * A ton of CI/test improvements by @MSP-Greg, as usual. * Add ThreadPool#stats and adjust Server#stats to use it ([#3527]) * normalize whitespace in worker stats string ([#3513]) * rack/handler/puma.rb - ssl - use start_with?, add test ([#3510]) * extconf.rb - add logging for OpenSSL versions ([#3370]) * Lazily require Puma::Rack::Builder ([#3340]) * Refactor: Constantize worker pipe request types ([#3318]) Docs * stats.md improvements ([#3514]) * control_cli.rb: Harmonize help message with bin/puma ([#3434]) * dsl.rb: Clarify a callback's argument ([#3435]) |
2024-09-22 14:37:41 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: www/ruby-puma: update to 6.4.3 6.4.3 (2024-09-19) Security * Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4) |
2024-02-04 07:59:17 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: www/ruby-puma: update to 6.4.2 6.4.1 (2024-01-03) Bugfixes * DSL#warn_if_in_single_mode - fixup when workers set via CLI (#3256) * Fix idle-timeout not working in cluster mode (#3235, #3228, #3282, #3283) * Fix worker 0 timing out during phased restart (#3225, #2786) * context_builder.rb - require openssl if verify_mode != 'none' (#3179) * Make puma cluster process suitable as PID 1 (#3255) * Improve Puma::NullIO consistency with real IO (#3276) * extconf.rb - fixup to detect openssl info in Ruby build (#3271, #3266) * MiniSSL.java - set serialVersionUID, fix RaiseException deprecation (#3270) * dsl.rb - fix warn_if_in_single_mode when WEB_CONCURRENCY is set (#3265, #3264) Maintenance * LOTS of test refactoring to make tests more stable and easier to write - thanks to @MSP-Greg! * Fix bug in tests re: TestPuma::HOST4 (#3254) * Dockerfile for minimal repros: use Ruby 3.2, expect bundler installed (#3245) * fix define_method calls, use Symbol parameter instead of String (#3293) 6.4.2 (2024-01-08) Security * Limit the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. (GHSA-c2f4-cvqm-65w2) |
2023-12-17 17:27:24 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: www/ruby-puma: update to 6.4.0 6.4.0 (2023-09-21) Features * on_thread_exit hook ([#2920]) * on_thread_start_hook ([#3195]) * Shutdown on idle ([#3209], [#2580]) * New error message when control server port taken ([#3204]) Refactor * Remove Forwardable dependency ([#3191], #3190) * Update URLMap Regexp usage for Ruby v3.3 ([#3165]) Bugfixes * Bring the cert_pem: parameter into parity with the cert: parameter to ssl_bind. ([#3174]) * Fix using control server with IPv6 host ([#3181]) * control_cli.rb - add require_relative 'log_writer' ([#3187]) * Fix cases where fallback Rack response wasn't sent to the client ([#3094]) |
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
2023-08-26 17:06:39 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: www/ruby-puma: update to 6.3.1 6.3.1 (2023-08-18) Security * Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields (GHSA-68xg-gqqm-vgj8) |
2023-06-09 17:32:09 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: www/ruby-puma: update to 6.3.0 6.3.0 - Mugi No Toki Itaru (2023-05-31) Japan has 72 traditional microseasons. May 31 is the first day of 麦秋至, which means the time of the wheat/barley harvest. Features * Add dsl method supported_http_methods ([#3106], [#3014]) * Puma error responses no longer have any fingerprints to indicate Puma ([#3161], [#3037]) * Support decryption of SSL key ([#3133], [#3132]) Bugfixes * Don't send 103 early hints response when only invalid headers are used ([#3163]) * Handle malformed request path ([#3155], [#3148]) * Misc lib file fixes - trapping additional errors, CI helper ([#3129]) * Fixup req form data file upload with "r\n" line endings ([#3137]) * Restore rack 1.6 compatibility ([#3156]) Refactor * const.rb - Update Puma::HTTP_STATUS_CODES ([#3162]) * Clarify Reactor#initialize ([#3151]) New Contributors * @severin made their first contribution in #3156 |
2023-04-30 16:31:14 by Takahiro Kambe | Files touched by this commit (2) | |
Log message: www/ruby-puma: update to 6.2.2 6.2.0 (2023-03-29) Features * Ability to supply a custom logger ([#2770], [#2511]) * Warn when clustered-only hooks are defined in single mode ([#3089]) * Adds the on_booted event ([#2709]) Bugfixes * Loggers - internal_write - catch Errno::EINVAL ([#3091]) * commonlogger.rb - fix HIJACK time format, use constants, not strings ([#3074]) * Fixed some edge cases regarding request hijacking ([#3072]) 6.2.1 (2023-03-31) Bugfixes * Fix java 8 compatibility ([#3109], [#3108]) * Always write io_buffer when in "enum bodies" branch. ([#3113], [#3112]) * Fix warn_if_in_single_mode incorrect message ([#3111]) 6.2.2 (2023-04-17) Bugfixes * Fix Rack-related NameError by adding :: operator ([#3118], [#3117]) |