The NetBSD Project

CVS log for pkgsrc/www/ruby-rack-protection/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / ruby-rack-protection

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.20 / (download) - annotate - [select for diffs], Fri Aug 11 13:38:58 2023 UTC (6 months, 2 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4, pkgsrc-2023Q3-base, pkgsrc-2023Q3, HEAD
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)

www/ruby-rack-protection: update to 3.1.0

pkgsrc change:

* change rack-protection's dependency to www/ruby-rack2 instead of
  www/ruby-rack.

3.1.0 (2023-08-07)

* New: Add sass support via sass-embedded #1911 by ĺáŞă˘¦ĺá* New: Add start and stop callbacks #1913 by Jevin Sew
* New: Warn on dropping sessions #1900 by Jonathan del Strother
* New: Make Puma the default server #1924 by Patrik Ragnarsson
* Fix: Remove use of Tilt::Cache #1922 by Jeremy Evans (allows use of Tilt
  2.2.0 without deprecation warning)
* Fix: rack-protection: specify rack version requirement #1932 by Patrik
  Ragnarsson

Revision 1.19 / (download) - annotate - [select for diffs], Sun Apr 30 15:23:02 2023 UTC (9 months, 4 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

www/ruby-sinatra: update to 3.0.6

ruby-sinatra-contrib and ruby-rack-protection are the same source.

3.0.6 (2023-04-11)

* Fix: Add support to keep open streaming connections with Puma #1858 by
  Jordan Owens
* Fix: Avoid crash in uri helper on Integer input #1890 by Patrik Ragnarsson
* Fix: Rescue RuntimeError when trying to use SecureRandom #1888 by Stefan
  Sundin

Revision 1.18 / (download) - annotate - [select for diffs], Wed Jan 4 15:27:59 2023 UTC (13 months, 3 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)

www/ruby-sinatra: update to 3.0.5

It also update rack-protection and sinatra-contrib.


3.0.5 (2022-12-16)

* Fix: Add Zeitwerk compatibility. #1831 by Dawid Janczak
* Fix: Allow CALLERS_TO_IGNORE to be overridden

3.0.4 (2022-11-25)

* Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei
  Sakai

3.0.3 (2022-11-11)

* Fix: fixed ReDoS for Rack::Protection::IPSpoofing. #1823 by @ooooooo-q

3.0.2 (2022-10-01)

* New: Add Haml 6 support. #1820 by Jordan Owens

3.0.1 (2022-09-26)

* Fix: Revert removal of rack-protection.rb. #1814 by Olle Jonsson

* Fix: Revert change to server start and stop messaging by using
  Kernel#warn. Renamed internal warn method warn_for_deprecation. #1818 by
  Jordan Owens

3.0.0 (2022-09-26)

* New: Add Falcon support. #1794 by Samuel Williams and @horaciob
* New: Add AES GCM encryption support for session cookies. [#1324] (#1324)
  by Michael Coyne
* Deprecated: Sinatra Reloader will be removed in the next major release.
* Fix: Internal Sinatra errors now extend Sinatra::Error. This fixes #1204
  and #1518. bda8c29d by Jordan Owens
* Fix: Preserve query param value if named route param nil. #1676 by Jordan
  Owens
* Require Ruby 2.6 as minimum Ruby version. #1699 by Eloy PĂ©rez
* Breaking change: Remove support for the Stylus template engine. #1697 by
  Eloy PĂ©rez
* Breaking change: Remove support for the erubis template engine. #1761 by
  Eloy PĂ©rez
* Breaking change: Remove support for the textile template engine. #1766 by
  Eloy PĂ©rez
* Breaking change: Remove support for SASS as a template engine. #1768 by
  Eloy PĂ©rez
* Breaking change: Remove support for Wlang as a template engine. #1780 by
  Eloy PĂ©rez
* Breaking change: Remove support for CoffeeScript as a template
  engine. #1790 by Eloy PĂ©rez
* Breaking change: Remove support for Mediawiki as a template engine. #1791
  by Eloy PĂ©rez
* Breaking change: Remove support for Creole as a template engine. #1792 by
  Eloy PĂ©rez
* Breaking change: Remove support for Radius as a template engine. #1793 by
  Eloy PĂ©rez
* Breaking change: Remove support for the defunct Less templating
  library. See #1716, #1715 for more discussion and background. d1af2f1e by
  Olle Jonsson
* Breaking change: Remove Reel integration. 54597502 by Olle Jonsson
* CI: Start testing on Ruby 3.1. 60e221940 and b0fa4bef by Johannes WĂĽrbach
* Use Kernel#caller_locations. #1491 by Julik Tarkhanov
* Docs: Japanese documentation: Add notes about the default_content_type
  setting. #1650 by Akifumi Tominaga
* Docs: Polish documentation: Add section about Multithreaded modes and
  Routes. #1708 by Patrick Gramatowski
* Docs: Japanese documentation: Make Session section reflect changes done to
  README.md. #1731 by @shu-i-chi

Revision 1.17 / (download) - annotate - [select for diffs], Thu Sep 1 13:49:14 2022 UTC (17 months, 3 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)

www/ruby-rack-protection: update to 2.2.2

2.2.0 (2022-02-15)

* Fix broken origin_whitelist option. Fixes #1641 #1642 by Takeshi YASHIRO.

2.2.1 (2022-07-15)

No change.

2.2.2 (2022-07-23)

No change.

Revision 1.16 / (download) - annotate - [select for diffs], Mon Sep 14 15:45:31 2020 UTC (3 years, 5 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

www/ruby-rack-protection: update to 2.1.0

Update ruby-rack-protection package to 2.1.0.


2.1.0 (2020-09-05)

* Add Rack::Protection::ReferrerPolicy #1291 by Stefan Sundin

Revision 1.15 / (download) - annotate - [select for diffs], Fri Mar 20 16:29:38 2020 UTC (3 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

www/ruby-rack-protection: update to 2.0.8.1

Update ruby-rack-protection to 2.0.8.1.


### rack-protection

* Don't track the Accept-Language header by default [#1504](https://github.com/sinatra/sinatra/pull/1504) by Artem Chistyakov

Revision 1.14 / (download) - annotate - [select for diffs], Sun Sep 23 17:06:28 2018 UTC (5 years, 5 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

www/ruby-rack-protection: update to 2.0.4

2.0.4 / 2018-09-15

* Don't blow up when passing frozen string to send_file disposition #1137 by
  Andrew Selder

* Fix ubygems LoadError #1436 by Pavel RosickĂ˝

* Unescape regex captures #1446 by Jordan Owens

* Slight performance improvements for IndifferentHash #1427 by Mike Pastore

* Improve development support and documentation and source code by Will Yang,
  Jake Craige, Grey Baker and Guilherme Goettems Schneider

2.0.3 / 2018-06-09

* Fix the backports gem regression #1442 by Marc-André Lafortune

2.0.2 / 2018-06-05

* Escape invalid query parameters #1432 by Kunpei Sakai

	o The patch fixes CVE-2018-11627.

* Fix undefined method error for Sinatra::RequiredParams with hash key #1431
  by Arpit Chauhan

* Add xml content-types to valid html_types for Rack::Protection #1413 by
  Reenan Arbitrario

* Encode route parameters using :default_encoding setting #1412 by Brian
  m. Carlson

* Fix unpredictable behaviour from Sinatra::ConfigFile #1244 by John Hope

* Add Sinatra::IndifferentHash#slice #1405 by Shota Iguchi

* Remove status code 205 from drop body response #1398 by Shota Iguchi

* Ignore empty captures from params #1390 by Shota Iguchi

* Improve development support and documentation and source code by Zp Yuan,
  Andreas Finger, Olle Jonsson, Shota Iguchi, Nikita Bulai and Joshua O'Brien

Revision 1.13 / (download) - annotate - [select for diffs], Sat Mar 17 15:52:27 2018 UTC (5 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)

www/ruby-rack-protection: update to 2.0.1

0.2.1						2018/02/16

* enhanced path validation in Windows

Revision 1.12 / (download) - annotate - [select for diffs], Mon Jan 8 22:09:48 2018 UTC (6 years, 1 month ago) by taca
Branch: MAIN
Changes since 1.11: +1 -3 lines
Diff to previous 1.11 (colored)

www: allow use of ruby25

Revision 1.11 / (download) - annotate - [select for diffs], Sun Jul 30 22:32:28 2017 UTC (6 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Switch github HOMEPAGEs to https.

Revision 1.10 / (download) - annotate - [select for diffs], Sun Jun 18 13:48:54 2017 UTC (6 years, 8 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

Add 24 to RUBY_VERSIONS_ACCEPTED.

Revision 1.9 / (download) - annotate - [select for diffs], Mon Jun 5 03:29:38 2017 UTC (6 years, 8 months ago) by taca
Branch: MAIN
Changes since 1.8: +3 -1 lines
Diff to previous 1.8 (colored)

Restrict ruby's version to 22 and 23.

Revision 1.8 / (download) - annotate - [select for diffs], Sun Jun 4 15:18:22 2017 UTC (6 years, 8 months ago) by taca
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)

Update ruby-rack-protection to 2.0.0.

No its own changes but here is related changes from Sinatra's changes.

 * Modernize Rack::Protection::ContentSecurityPolicy with CSP Level 2 and 3
   Directives #1202 by Glenn Rempe
 * Adds preload option to Rack:Protection:StrictTransport #1209 by Ed Robinson
 * rack-protection: Bundle StrictTransport, CookieTossing, and CSP #1267 by
   Mike Pastore

Revision 1.7 / (download) - annotate - [select for diffs], Fri Mar 13 17:26:00 2015 UTC (8 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4, pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

Update ruby-rack-protection to 1.5.3.

* Discard invalid Referer header.
  If an invalid Referer header such as "http://example.com/bad|uri" is
  provided, ignore the value of it and skip using the Host header fallback.
* refactor instantiation.
* fix typoed header name.
* clarify reaction warning, test it.

Revision 1.6 / (download) - annotate - [select for diffs], Fri Mar 14 19:24:32 2014 UTC (9 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Update ruby-rack-protection to 1.5.2.

Changes are not available, please refer commit log:
<https://github.com/rkh/rack-protection/commits/master>.

Revision 1.5 / (download) - annotate - [select for diffs], Sun Mar 17 16:16:39 2013 UTC (10 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

Update ruby-rack-protection to 1.5.0.

* Add a `report` reaction.
  This reaction does not halt the request, but leaves it up to the app to
  react on this information.  This allows e.g. frameworks to ignore failures
  in certain conditions.

Revision 1.4 / (download) - annotate - [select for diffs], Sun Mar 10 13:07:29 2013 UTC (10 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

Update ruby-rack-protection to 1.4.0.

* fix docs
* Introducing :use
* remove note about NoReferrer
*  xhr requests cannot be used for the json attack, fixes #39

Revision 1.3 / (download) - annotate - [select for diffs], Thu Jan 17 12:43:34 2013 UTC (11 years, 1 month ago) by taca
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

Update ruby-rack-protection to 1.3.2.

No changes are available, Various bug fixes and improvement.

Revision 1.2 / (download) - annotate - [select for diffs], Sun Jan 8 03:01:22 2012 UTC (12 years, 1 month ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Update ruby-rack-protection to 1.2.0.

Changes:
* Show warnings for JsonCsrtf attacks.
* do not enable parameter escaping by default, fixes #8.
* Use more specific namespace declaration in Rack::Builder configuration.
* NotimpelentedError typo fix
* add test that makes sure passingin on :track option works. related to #6.
* deal with PATH_INFO being nil, fixes #7.
* do not track HTTP_VERSION, fixes #6.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Dec 16 15:28:34 2011 UTC (12 years, 2 months ago) by taca
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Importing www/ruby-rack-protection pacakge version 1.1.4.


Rack::Protection

You should use protection!

This gem protects against typical web attacks.
Should work for all Rack apps, including Rails.


Revision 1.1 / (download) - annotate - [select for diffs], Fri Dec 16 15:28:34 2011 UTC (12 years, 2 months ago) by taca
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>