./www/ruby-rack, Modular Ruby webserver interface

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.2.2, Package name: ruby26-rack-2.2.2, Maintainer: pkgsrc-users

Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.


Required to run:
[lang/ruby26-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: ee6605164c9ee810ddf29f3bb23dc1bbc67b4de9
RMD160: 4f096b37bcca1144f9d4840f41b2b3d05867d37d
Filesize: 147.5 KB

Version history: (Expand)


CVS history: (Expand)


   2020-03-20 17:19:33 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
www/ruby-rack: update to 2.2.2

Update ruby-rack to 2.2.2.

## [2.2.2] - 2020-02-11

### Fixed

- Fix incorrect `Rack::Request#host` value. \ 
([#1591](https://github.com/rack/rack/pull/1591), \ 
[@ioquatix](https://github.com/ioquatix))
- Revert `Rack::Handler::Thin` implementation. \ 
([#1583](https://github.com/rack/rack/pull/1583), \ 
[@jeremyevans](https://github.com/jeremyevans))
- Double assignment is still needed to prevent an "unused variable" \ 
warning. ([#1589](https://github.com/rack/rack/pull/1589), \ 
[@kamipo](https://github.com/kamipo))
- Fix to handle same_site option for session pool. \ 
([#1587](https://github.com/rack/rack/pull/1587), \ 
[@kamipo](https://github.com/kamipo))

## [2.2.1] - 2020-02-09

### Fixed

- Rework `Rack::Request#ip` to handle empty `forwarded_for`. \ 
([#1577](https://github.com/rack/rack/pull/1577), \ 
[@ioquatix](https://github.com/ioquatix))

## [2.2.0] - 2020-02-08

### SPEC Changes

- `rack.session` request environment entry must respond to `to_hash` and return \ 
unfrozen Hash. ([@jeremyevans](https://github.com/jeremyevans))
- Request environment cannot be frozen. \ 
([@jeremyevans](https://github.com/jeremyevans))
- CGI values in the request environment with non-ASCII characters must use \ 
ASCII-8BIT encoding. ([@jeremyevans](https://github.com/jeremyevans))
- Improve SPEC/lint relating to SERVER_NAME, SERVER_PORT and HTTP_HOST. \ 
([#1561](https://github.com/rack/rack/pull/1561), \ 
[@ioquatix](https://github.com/ioquatix))

### Added

- `rackup` supports multiple `-r` options and will require all arguments. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Server` supports an array of paths to require for the `:require` option. \ 
([@khotta](https://github.com/khotta))
- `Files` supports multipart range requests. \ 
([@fatkodima](https://github.com/fatkodima))
- `Multipart::UploadedFile` supports an IO-like object instead of using the \ 
filesystem, using `:filename` and `:io` options. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Multipart::UploadedFile` supports keyword arguments `:path`, `:content_type`, \ 
and `:binary` in addition to positional arguments. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Static` supports a `:cascade` option for calling the app if there is no \ 
matching file. ([@jeremyevans](https://github.com/jeremyevans))
- `Session::Abstract::SessionHash#dig`. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Response.[]` and `MockResponse.[]` for creating instances using status, \ 
headers, and body. ([@ioquatix](https://github.com/ioquatix))
- Convenient cache and content type methods for `Rack::Response`. \ 
([#1555](https://github.com/rack/rack/pull/1555), \ 
[@ioquatix](https://github.com/ioquatix))

### Changed

- `Request#params` no longer rescues EOFError. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Directory` uses a streaming approach, significantly improving time to first \ 
byte for large directories. ([@jeremyevans](https://github.com/jeremyevans))
- `Directory` no longer includes a Parent directory link in the root directory \ 
index. ([@jeremyevans](https://github.com/jeremyevans))
- `QueryParser#parse_nested_query` uses original backtrace when reraising \ 
exception with new class. ([@jeremyevans](https://github.com/jeremyevans))
- `ConditionalGet` follows RFC 7232 precedence if both If-None-Match and \ 
If-Modified-Since headers are provided. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `.ru` files supports the `frozen-string-literal` magic comment. \ 
([@eregon](https://github.com/eregon))
- Rely on autoload to load constants instead of requiring internal files, make \ 
sure to require 'rack' and not just 'rack/...'. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Etag` will continue sending ETag even if the response should not be cached. \ 
([@henm](https://github.com/henm))
- `Request#host_with_port` no longer includes a colon for a missing or empty \ 
port. ([@AlexWayfer](https://github.com/AlexWayfer))
- All handlers uses keywords arguments instead of an options hash argument. \ 
([@ioquatix](https://github.com/ioquatix))
- `Files` handling of range requests no longer return a body that supports \ 
`to_path`, to ensure range requests are handled correctly. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Multipart::Generator` only includes `Content-Length` for files with paths, \ 
and `Content-Disposition` `filename` if the `UploadedFile` instance has one. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Request#ssl?` is true for the `wss` scheme (secure websockets). \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Rack::HeaderHash` is memoized by default. \ 
([#1549](https://github.com/rack/rack/pull/1549), \ 
[@ioquatix](https://github.com/ioquatix))
- `Rack::Directory` allow directory traversal inside root directory. \ 
([#1417](https://github.com/rack/rack/pull/1417), \ 
[@ThomasSevestre](https://github.com/ThomasSevestre))
- Sort encodings by server preference. \ 
([#1184](https://github.com/rack/rack/pull/1184), \ 
[@ioquatix](https://github.com/ioquatix), \ 
[@wjordan](https://github.com/wjordan))
- Rework host/hostname/authority implementation in `Rack::Request`. `#host` and \ 
`#host_with_port` have been changed to correctly return IPv6 addresses formatted \ 
with square brackets, as defined by \ 
[RFC3986](https://tools.ietf.org/html/rfc3986#section-3.2.2). \ 
([#1561](https://github.com/rack/rack/pull/1561), \ 
[@ioquatix](https://github.com/ioquatix))
- `Rack::Builder` parsing options on first `#\` line is deprecated. \ 
([#1574](https://github.com/rack/rack/pull/1574), \ 
[@ioquatix](https://github.com/ioquatix))

### Removed

- `Directory#path` as it was not used and always returned nil. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `BodyProxy#each` as it was only needed to work around a bug in Ruby <1.9.3. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `URLMap::INFINITY` and `URLMap::NEGATIVE_INFINITY`, in favor of \ 
`Float::INFINITY`. ([@ch1c0t](https://github.com/ch1c0t))
- Deprecation of `Rack::File`. It will be deprecated again in rack 2.2 or 3.0. \ 
([@rafaelfranca](https://github.com/rafaelfranca))
- Support for Ruby 2.2 as it is well past EOL. \ 
([@ioquatix](https://github.com/ioquatix))
- Remove `Rack::Files#response_body` as the implementation was broken. \ 
([#1153](https://github.com/rack/rack/pull/1153), \ 
[@ioquatix](https://github.com/ioquatix))
- Remove `SERVER_ADDR` which was never part of the original SPEC. \ 
([#1573](https://github.com/rack/rack/pull/1573), \ 
[@ioquatix](https://github.com/ioquatix))

### Fixed

- `Directory` correctly handles root paths containing glob metacharacters. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Cascade` uses a new response object for each call if initialized with no \ 
apps. ([@jeremyevans](https://github.com/jeremyevans))
- `BodyProxy` correctly delegates keyword arguments to the body object on Ruby \ 
2.7+. ([@jeremyevans](https://github.com/jeremyevans))
- `BodyProxy#method` correctly handles methods delegated to the body object. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Request#host` and `Request#host_with_port` handle IPv6 addresses correctly. \ 
([@AlexWayfer](https://github.com/AlexWayfer))
- `Lint` checks when response hijacking that `rack.hijack` is called with a \ 
valid object. ([@jeremyevans](https://github.com/jeremyevans))
- `Response#write` correctly updates `Content-Length` if initialized with a \ 
body. ([@jeremyevans](https://github.com/jeremyevans))
- `CommonLogger` includes `SCRIPT_NAME` when logging. \ 
([@Erol](https://github.com/Erol))
- `Utils.parse_nested_query` correctly handles empty queries, using an empty \ 
instance of the params class instead of a hash. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Directory` correctly escapes paths in links. ([@yous](https://github.com/yous))
- `Request#delete_cookie` and related `Utils` methods handle `:domain` and \ 
`:path` options in same call. ([@jeremyevans](https://github.com/jeremyevans))
- `Request#delete_cookie` and related `Utils` methods do an exact match on \ 
`:domain` and `:path` options. ([@jeremyevans](https://github.com/jeremyevans))
- `Static` no longer adds headers when a gzipped file request has a 304 \ 
response. ([@chooh](https://github.com/chooh))
- `ContentLength` sets `Content-Length` response header even for bodies not \ 
responding to `to_ary`. ([@jeremyevans](https://github.com/jeremyevans))
- Thin handler supports options passed directly to \ 
`Thin::Controllers::Controller`. \ 
([@jeremyevans](https://github.com/jeremyevans))
- WEBrick handler no longer ignores `:BindAddress` option. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `ShowExceptions` handles invalid POST data. \ 
([@jeremyevans](https://github.com/jeremyevans))
- Basic authentication requires a password, even if the password is empty. \ 
([@jeremyevans](https://github.com/jeremyevans))
- `Lint` checks response is array with 3 elements, per SPEC. \ 
([@jeremyevans](https://github.com/jeremyevans))
- Support for using `:SSLEnable` option when using WEBrick handler. (Gregor Melhorn)
- Close response body after buffering it when buffering. \ 
([@ioquatix](https://github.com/ioquatix))
- Only accept `;` as delimiter when parsing cookies. \ 
([@mrageh](https://github.com/mrageh))
- `Utils::HeaderHash#clear` clears the name mapping as well. \ 
([@raxoft](https://github.com/raxoft))
- Support for passing `nil` `Rack::Files.new`, which notably fixes Rails' \ 
current `ActiveStorage::FileServer` implementation. \ 
([@ioquatix](https://github.com/ioquatix))

### Documentation

- CHANGELOG updates. ([@aupajo](https://github.com/aupajo))
- Added [CONTRIBUTING](CONTRIBUTING.md). ([@dblock](https://github.com/dblock))

## [2.1.2] - 2020-01-27

- Fix multipart parser for some files to prevent denial of service \ 
([@aiomaster](https://github.com/aiomaster))
- Fix `Rack::Builder#use` with keyword arguments \ 
([@kamipo](https://github.com/kamipo))
- Skip deflating in Rack::Deflater if Content-Length is 0 \ 
([@jeremyevans](https://github.com/jeremyevans))
- Remove `SessionHash#transform_keys`, no longer needed \ 
([@pavel](https://github.com/pavel))
- Add to_hash to wrap Hash and Session classes \ 
([@oleh-demyanyuk](https://github.com/oleh-demyanyuk))
- Handle case where session id key is requested but missing \ 
([@jeremyevans](https://github.com/jeremyevans))

## [2.1.1] - 2020-01-12

- Remove `Rack::Chunked` from `Rack::Server` default middleware. \ 
([#1475](https://github.com/rack/rack/pull/1475), \ 
[@ioquatix](https://github.com/ioquatix))

## 2.1.0

_Note: There are many unreleased changes in Rack (`master` is around 300 commits \ 
ahead of `2-0-stable`), and below is not an exhaustive list. If you would like \ 
to help out and document some of the unreleased changes, PRs are welcome._

### Added

- Add support for `SameSite=None` cookie value. \ 
([@hennikul](https://github.com/hennikul))
- Add trailer headers. ([@eileencodes](https://github.com/eileencodes))
- Add MIME Types for video streaming. ([@styd](https://github.com/styd))
- Add MIME Type for WASM. ([@buildrtech](https://github.com/buildrtech))
- Add `Early Hints(103)` to status codes. ([@egtra](https://github.com/egtra))
- Add `Too Early(425)` to status codes. ([@y-yagi]((https://github.com/y-yagi)))
- Add `Bandwidth Limit Exceeded(509)` to status codes. \ 
([@CJKinni](https://github.com/CJKinni))
- Add method for custom `ip_filter`. ([@svcastaneda](https://github.com/svcastaneda))
- Add boot-time profiling capabilities to `rackup`. \ 
([@tenderlove](https://github.com/tenderlove))
- Add multi mapping support for `X-Accel-Mappings` header. \ 
([@yoshuki](https://github.com/yoshuki))
- Add `sync: false` option to `Rack::Deflater`. (Eric Wong)
- Add `Builder#freeze_app` to freeze application and all middleware instances. \ 
([@jeremyevans](https://github.com/jeremyevans))
- Add API to extract cookies from `Rack::MockResponse`. \ 
([@petercline](https://github.com/petercline))

### Changed

- Don't propagate nil values from middleware. \ 
([@ioquatix](https://github.com/ioquatix))
- Lazily initialize the response body and only buffer it if required. \ 
([@ioquatix](https://github.com/ioquatix))
- Fix deflater zlib buffer errors on empty body part. \ 
([@felixbuenemann](https://github.com/felixbuenemann))
- Set `X-Accel-Redirect` to percent-encoded path. \ 
([@diskkid](https://github.com/diskkid))
- Remove unnecessary buffer growing when parsing multipart. \ 
([@tainoe](https://github.com/tainoe))
- Expand the root path in `Rack::Static` upon initialization. \ 
([@rosenfeld](https://github.com/rosenfeld))
- Make `ShowExceptions` work with binary data. ([@axyjo](https://github.com/axyjo))
- Use buffer string when parsing multipart requests. \ 
([@janko-m](https://github.com/janko-m))
- Support optional UTF-8 Byte Order Mark (BOM) in config.ru. \ 
([@mikegee](https://github.com/mikegee))
- Handle `X-Forwarded-For` with optional port. \ 
([@dpritchett](https://github.com/dpritchett))
- Use `Time#httpdate` format for Expires, as proposed by RFC 7231. \ 
([@nanaya](https://github.com/nanaya))
- Make `Utils.status_code` raise an error when the status symbol is invalid \ 
instead of `500`. ([@adambutler](https://github.com/adambutler))
- Rename `Request::SCHEME_WHITELIST` to `Request::ALLOWED_SCHEMES`.
- Make `Multipart::Parser.get_filename` accept files with `+` in their name. \ 
([@lucaskanashiro](https://github.com/lucaskanashiro))
- Add Falcon to the default handler fallbacks. \ 
([@ioquatix](https://github.com/ioquatix))
- Update codebase to avoid string mutations in preparation for \ 
`frozen_string_literals`. ([@pat](https://github.com/pat))
- Change `MockRequest#env_for` to rely on the input optionally responding to \ 
`#size` instead of `#length`. ([@janko](https://github.com/janko))
- Rename `Rack::File` -> `Rack::Files` and add deprecation notice. \ 
([@postmodern](https://github.com/postmodern)).

### Removed

- Remove `to_ary` from Response ([@tenderlove](https://github.com/tenderlove))
- Deprecate `Rack::Session::Memcache` in favor of `Rack::Session::Dalli` from \ 
dalli gem ([@fatkodima](https://github.com/fatkodima))

### Documentation

- Update broken example in `Session::Abstract::ID` documentation. \ 
([tonytonyjan](https://github.com/tonytonyjan))
- Add Padrino to the list of frameworks implmenting Rack. \ 
([@wikimatze](https://github.com/wikimatze))
- Remove Mongrel from the suggested server options in the help output. \ 
([@tricknotes](https://github.com/tricknotes))
- Replace `HISTORY.md` and `NEWS.md` with `CHANGELOG.md`. \ 
([@twitnithegirl](https://github.com/twitnithegirl))
- Backfill `CHANGELOG.md` from 2.0.1 to 2.0.7 releases. \ 
([@drenmi](https://github.com/Drenmi))

## [2.0.8] - 2019-12-08

- [[CVE-2019-16782](https://nvd.nist.gov/vuln/detail/CVE-2019-16782)] Prevent \ 
timing attacks targeted at session ID lookup. BREAKING CHANGE: Session ID is now \ 
a SessionId instance instead of a String. \ 
([@tenderlove](https://github.com/tenderlove), \ 
[@rafaelfranca](https://github.com/rafaelfranca))
   2020-01-19 00:36:14 by Roland Illig | Files touched by this commit (3046)
Log message:
all: migrate several HOMEPAGEs to https

pkglint --only "https instead of http" -r -F

With manual adjustments afterwards since pkglint 19.4.4 fixed a few
indentations in unrelated lines.

This mainly affects projects hosted at SourceForce, as well as
freedesktop.org, CTAN and GNU.
   2019-02-03 16:51:31 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
www/ruby-rack: update to 2.0.6

* pkgsrc change: add "USE_LANGAUGES= # none" line.

Update to 2.0.6 which fixes security problems of CVE-2018-16470 and
CVE-2018-16471.
   2017-09-19 18:36:07 by Takahiro Kambe | Files touched by this commit (11)
Log message:
cleanup: remove unnecessary RUBY_VERSIONS_ACCEPTED

Remove unnecessary RUBY_VERSIONS_ACCEPTED since ruby21 removed.
   2017-06-18 15:48:55 by Takahiro Kambe | Files touched by this commit (18)
Log message:
Add 24 to RUBY_VERSIONS_ACCEPTED.
   2017-06-04 17:15:39 by Takahiro Kambe | Files touched by this commit (1)
Log message:
Do not add "20" to PKGPATH for now.
   2017-06-04 17:10:09 by Takahiro Kambe | Files touched by this commit (4) | Package updated
Log message:
Update ruby-rack to 2.0.3.

pkgsrc change: restrict to ruby22 and ruby23.

Changes are not well documented and commited changes are too many to
summarize here.
   2017-06-03 05:06:01 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-rack to 1.6.8.

1.6.8

* prevent exception caused by a race condition on multi-threaded server
  like Puma.

* Handle NULL byte in multipart file name.

1.6.7

* Ensure env values are ASCII 8BIT encoded.

1.6.8

* Fix mistake in encoding change.