Hello community,
here is the log from the commit of package rubygem-sprockets for
openSUSE:Factory checked in at 2014-11-24 11:12:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-sprockets (Old)
and /work/SRC/openSUSE:Factory/.rubygem-sprockets.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-sprockets"
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-sprockets/rubygem-sprockets.changes
2014-05-21 16:30:27.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-sprockets.new/rubygem-sprockets.changes
2014-11-24 11:12:49.000000000 +0100
@@ -1,0 +2,10 @@
+Sun Oct 12 16:49:48 UTC 2014 - co...@suse.com
+
+- updated to version 2.12.2
+ * Ensure internal asset lookups calls are still restricted to load paths
within
+ asset compiles. Though, you should not depend on internal asset resolves to
be
+ completely restricted for security reasons. Assets themselves should be
+ considered full scripting environments with filesystem access.
+- adapt to new rubygem packaging
+
+-------------------------------------------------------------------
Old:
----
sprockets-2.12.1.gem
New:
----
sprockets-2.12.2.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-sprockets.spec ++++++
--- /var/tmp/diff_new_pack.NEZxEX/_old 2014-11-24 11:12:49.000000000 +0100
+++ /var/tmp/diff_new_pack.NEZxEX/_new 2014-11-24 11:12:49.000000000 +0100
@@ -17,15 +17,14 @@
Name: rubygem-sprockets
-Version: 2.12.1
+Version: 2.12.2
Release: 0
%define mod_name sprockets
%define mod_full_name %{mod_name}-%{version}
-%define mod_branch -%{version}
-%define mod_weight 21201
-
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: ruby-macros >= 3
+BuildRequires: %{rubygem gem2rpm}
+BuildRequires: %{ruby}
+BuildRequires: ruby-macros >= 5
BuildRequires: update-alternatives
Url: http://getsprockets.org/
Source: http://rubygems.org/gems/%{mod_full_name}.gem
@@ -38,54 +37,16 @@
Sprockets is a Rack-based asset packaging system that concatenates and serves
JavaScript, CoffeeScript, CSS, LESS, Sass, and SCSS.
-%package doc
-Summary: RDoc documentation for %{mod_name}
-Group: Development/Languages/Ruby
-Requires: %{name} = %{version}
-
-%description doc
-Documentation generated at gem installation time.
-Usually in RDoc and RI formats.
-
%prep
-#gem_unpack
-#if you need patches, apply them here and replace the # with a % sign in the
surrounding lines
-#gem_build
%build
%install
-%gem_install -f
-mkdir -p %{buildroot}%{_sysconfdir}/alternatives
-mv %{buildroot}%{_bindir}/sprockets{,%{mod_branch}}
-touch %{buildroot}%{_sysconfdir}/alternatives/sprockets
-ln -s %{_sysconfdir}/alternatives/sprockets %{buildroot}%{_bindir}/sprockets
-
-mkdir -p %{buildroot}%{_docdir}/%{name}
-ln -s %{gem_base}/gems/%{mod_full_name}/LICENSE
%buildroot/%{_docdir}/%{name}/LICENSE
-ln -s %{gem_base}/gems/%{mod_full_name}/README.md
%buildroot/%{_docdir}/%{name}/README.md
-
-%post
-/usr/sbin/update-alternatives --install \
- %{_bindir}/sprockets sprockets %{_bindir}/sprockets%{mod_branch}
%{mod_weight}
-
-%preun
-if [ "$1" = 0 ] ; then
- /usr/sbin/update-alternatives --remove sprockets
%{_bindir}/sprockets%{mod_branch}
-fi
-
-%files
-%defattr(-,root,root,-)
-%{_docdir}/%{name}
-%{_bindir}/sprockets%{mod_branch}
-%{_bindir}/sprockets
-%ghost %{_sysconfdir}/alternatives/sprockets
-%{gem_base}/cache/%{mod_full_name}.gem
-%{gem_base}/gems/%{mod_full_name}/
-%{gem_base}/specifications/%{mod_full_name}.gemspec
-
-%files doc
-%defattr(-,root,root,-)
-%doc %{gem_base}/doc
+%gem_install \
+ --symlink-binaries \
+ --doc-files="LICENSE README.md" \
+ -f
+
+%gem_packages
%changelog
++++++ sprockets-2.12.1.gem -> sprockets-2.12.2.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 1970-01-01 01:00:00.000000000 +0100
+++ new/README.md 2014-09-06 06:34:57.000000000 +0200
@@ -366,6 +366,13 @@
## Version History ##
+**2.12.2** (September 5, 2014)
+
+* Ensure internal asset lookups calls are still restricted to load paths within
+ asset compiles. Though, you should not depend on internal asset resolves to
be
+ completely restricted for security reasons. Assets themselves should be
+ considered full scripting environments with filesystem access.
+
**2.12.1** (April 17, 2014)
* Fix making manifest target directory when its different than the output
directory.
Files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/sprockets/base.rb new/lib/sprockets/base.rb
--- old/lib/sprockets/base.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/lib/sprockets/base.rb 2014-09-06 06:34:57.000000000 +0200
@@ -261,7 +261,7 @@
# Find asset by logical path or expanded path.
def find_asset(path, options = {})
logical_path = path
- pathname = Pathname.new(path)
+ pathname = Pathname.new(path).cleanpath
if pathname.absolute?
return unless stat(pathname)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/sprockets/sass_functions.rb
new/lib/sprockets/sass_functions.rb
--- old/lib/sprockets/sass_functions.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/lib/sprockets/sass_functions.rb 2014-09-06 06:34:57.000000000 +0200
@@ -3,59 +3,59 @@
module Sprockets
module SassFunctions
def asset_path(path)
- Sass::Script::String.new(sprockets_context.asset_path(path.value),
:string)
+ ::Sass::Script::String.new(sprockets_context.asset_path(path.value),
:string)
end
def asset_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.asset_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.asset_path(path.value) + ")")
end
def image_path(path)
- Sass::Script::String.new(sprockets_context.image_path(path.value),
:string)
+ ::Sass::Script::String.new(sprockets_context.image_path(path.value),
:string)
end
def image_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.image_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.image_path(path.value) + ")")
end
def video_path(path)
- Sass::Script::String.new(sprockets_context.video_path(path.value),
:string)
+ ::Sass::Script::String.new(sprockets_context.video_path(path.value),
:string)
end
def video_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.video_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.video_path(path.value) + ")")
end
def audio_path(path)
- Sass::Script::String.new(sprockets_context.audio_path(path.value),
:string)
+ ::Sass::Script::String.new(sprockets_context.audio_path(path.value),
:string)
end
def audio_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.audio_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.audio_path(path.value) + ")")
end
def font_path(path)
- Sass::Script::String.new(sprockets_context.font_path(path.value),
:string)
+ ::Sass::Script::String.new(sprockets_context.font_path(path.value),
:string)
end
def font_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.font_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.font_path(path.value) + ")")
end
def javascript_path(path)
- Sass::Script::String.new(sprockets_context.javascript_path(path.value),
:string)
+
::Sass::Script::String.new(sprockets_context.javascript_path(path.value),
:string)
end
def javascript_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.javascript_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.javascript_path(path.value) + ")")
end
def stylesheet_path(path)
- Sass::Script::String.new(sprockets_context.stylesheet_path(path.value),
:string)
+
::Sass::Script::String.new(sprockets_context.stylesheet_path(path.value),
:string)
end
def stylesheet_url(path)
- Sass::Script::String.new("url(" +
sprockets_context.stylesheet_path(path.value) + ")")
+ ::Sass::Script::String.new("url(" +
sprockets_context.stylesheet_path(path.value) + ")")
end
protected
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/sprockets/sass_importer.rb
new/lib/sprockets/sass_importer.rb
--- old/lib/sprockets/sass_importer.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/lib/sprockets/sass_importer.rb 2014-09-06 06:34:57.000000000 +0200
@@ -3,7 +3,7 @@
module Sprockets
# This custom importer that tracks all imported filenames during
# compile.
- class SassImporter < Sass::Importers::Filesystem
+ class SassImporter < ::Sass::Importers::Filesystem
attr_reader :imported_filenames
def initialize(*args)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/sprockets/version.rb new/lib/sprockets/version.rb
--- old/lib/sprockets/version.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/lib/sprockets/version.rb 2014-09-06 06:34:57.000000000 +0200
@@ -1,3 +1,3 @@
module Sprockets
- VERSION = "2.12.1"
+ VERSION = "2.12.2"
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 1970-01-01 01:00:00.000000000 +0100
+++ new/metadata 2014-09-06 06:34:57.000000000 +0200
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: sprockets
version: !ruby/object:Gem::Version
- version: 2.12.1
+ version: 2.12.2
platform: ruby
authors:
- Sam Stephenson
@@ -9,236 +9,236 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2014-04-17 00:00:00.000000000 Z
+date: 2014-09-06 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: hike
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.2'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.2'
- !ruby/object:Gem::Dependency
name: multi_json
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
- !ruby/object:Gem::Dependency
name: rack
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
- !ruby/object:Gem::Dependency
name: tilt
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.1'
- - - '!='
+ - - "!="
- !ruby/object:Gem::Version
version: 1.3.0
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.1'
- - - '!='
+ - - "!="
- !ruby/object:Gem::Version
version: 1.3.0
- !ruby/object:Gem::Dependency
name: closure-compiler
requirement: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
- !ruby/object:Gem::Dependency
name: coffee-script
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '2.0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '2.0'
- !ruby/object:Gem::Dependency
name: coffee-script-source
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.2'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.2'
- !ruby/object:Gem::Dependency
name: eco
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
- !ruby/object:Gem::Dependency
name: ejs
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
- !ruby/object:Gem::Dependency
name: execjs
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '1.0'
- !ruby/object:Gem::Dependency
name: json
requirement: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
- !ruby/object:Gem::Dependency
name: rack-test
requirement: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
- !ruby/object:Gem::Dependency
name: rake
requirement: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
- !ruby/object:Gem::Dependency
name: sass
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '3.1'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ~>
+ - - "~>"
- !ruby/object:Gem::Version
version: '3.1'
- !ruby/object:Gem::Dependency
name: uglifier
requirement: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
- !ruby/object:Gem::Dependency
name: yui-compressor
requirement: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
description: Sprockets is a Rack-based asset packaging system that
concatenates and
@@ -251,9 +251,11 @@
extensions: []
extra_rdoc_files: []
files:
-- README.md
- LICENSE
+- README.md
+- bin/sprockets
- lib/rake/sprocketstask.rb
+- lib/sprockets.rb
- lib/sprockets/asset.rb
- lib/sprockets/asset_attributes.rb
- lib/sprockets/base.rb
@@ -291,8 +293,6 @@
- lib/sprockets/utils.rb
- lib/sprockets/version.rb
- lib/sprockets/yui_compressor.rb
-- lib/sprockets.rb
-- bin/sprockets
homepage: http://getsprockets.org/
licenses:
- MIT
@@ -303,19 +303,18 @@
- lib
required_ruby_version: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
required_rubygems_version: !ruby/object:Gem::Requirement
requirements:
- - - '>='
+ - - ">="
- !ruby/object:Gem::Version
version: '0'
requirements: []
rubyforge_project: sprockets
-rubygems_version: 2.0.3
+rubygems_version: 2.2.2
signing_key:
specification_version: 4
summary: Rack-based asset packaging system
test_files: []
-has_rdoc:
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
