commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2020-10-05 19:32:55 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.4249 (New) Package is "rubygem-rack-protection" Mon Oct 5 19:32:55 2020 rev:8 rq:838069 version:2.1.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2020-03-07 21:39:36.264327485 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.4249/rubygem-rack-protection.changes 2020-10-05 19:33:04.277188003 +0200 @@ -1,0 +2,6 @@ +Fri Sep 25 14:42:38 UTC 2020 - Stephan Kulow + +updated to version 2.1.0 + no changelog found + +--- Old: rack-protection-2.0.8.1.gem New: rack-protection-2.1.0.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.8U6loY/_old 2020-10-05 19:33:04.845190398 +0200 +++ /var/tmp/diff_new_pack.8U6loY/_new 2020-10-05 19:33:04.849190414 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-rack-protection -Version:2.0.8.1 +Version:2.1.0 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} ++ rack-protection-2.0.8.1.gem -> rack-protection-2.1.0.gem ++ Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/authenticity_token.rb new/lib/rack/protection/authenticity_token.rb --- old/lib/rack/protection/authenticity_token.rb 2020-01-01 21:06:51.0 +0100 +++ new/lib/rack/protection/authenticity_token.rb 2020-09-04 20:46:28.0 +0200 @@ -63,7 +63,7 @@ # With Authenticity Token # This successfully takes you to back to this form. # -# +# # # # @@ -189,7 +189,14 @@ end def xor_byte_strings(s1, s2) -s1.bytes.zip(s2.bytes).map { |(c1,c2)| c1 ^ c2 }.pack('c*') +s2 = s2.dup +size = s1.bytesize +i = 0 +while i < size + s2.setbyte(i, s1.getbyte(i) ^ s2.getbyte(i)) + i += 1 +end +s2 end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/content_security_policy.rb new/lib/rack/protection/content_security_policy.rb --- old/lib/rack/protection/content_security_policy.rb 2020-01-01 21:06:51.0 +0100 +++ new/lib/rack/protection/content_security_policy.rb 2020-09-04 20:46:28.0 +0200 @@ -36,16 +36,15 @@ # to be used in a policy. # class ContentSecurityPolicy < Base - default_options default_src: :none, script_src: "'self'", - img_src: "'self'", style_src: "'self'", - connect_src: "'self'", report_only: false + default_options default_src: "'self'", report_only: false DIRECTIVES = %i(base_uri child_src connect_src default_src font_src form_action frame_ancestors frame_src img_src manifest_src media_src object_src plugin_types referrer reflected_xss report_to report_uri require_sri_for sandbox script_src - style_src worker_src).freeze + style_src worker_src webrtc_src navigate_to + prefetch_src).freeze NO_ARG_DIRECTIVES = %i(block_all_mixed_content disown_opener upgrade_insecure_requests).freeze @@ -62,7 +61,7 @@ # Set these key values to boolean 'true' to include in policy NO_ARG_DIRECTIVES.each do |d| if options.key?(d) && options[d].is_a?(TrueClass) -directives << d.to_s.sub(/_/, '-') +directives << d.to_s.tr('_', '-') end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/http_origin.rb new/lib/rack/protection/http_origin.rb --- old/lib/rack/protection/http_origin.rb 2020-01-01 21:06:51.0 +0100 +++ new/lib/rack/protection/http_origin.rb 2020-09-04 20:46:28.0 +0200 @@ -9,11 +9,11 @@ # http://tools.ietf.org/html/draft-abarth-origin # # Does not accept unsafe HTTP requests when value of Origin HTTP request header -# does not match default or whitelisted URIs. +# does
commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2020-03-07 21:39:31 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.26092 (New) Package is "rubygem-rack-protection" Sat Mar 7 21:39:31 2020 rev:7 rq:773838 version:2.0.8.1 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2019-03-04 09:21:05.716593207 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.26092/rubygem-rack-protection.changes 2020-03-07 21:39:36.264327485 +0100 @@ -1,0 +2,6 @@ +Mon Feb 10 15:28:56 UTC 2020 - Stephan Kulow + +- updated to version 2.0.8.1 + no changelog found + +--- Old: rack-protection-2.0.5.gem New: rack-protection-2.0.8.1.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.bAbAWa/_old 2020-03-07 21:39:36.776327830 +0100 +++ /var/tmp/diff_new_pack.bAbAWa/_new 2020-03-07 21:39:36.780327832 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-rack-protection # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-rack-protection -Version:2.0.5 +Version:2.0.8.1 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} @@ -32,7 +32,7 @@ BuildRequires: %{rubygem gem2rpm} BuildRequires: %{ruby} BuildRequires: ruby-macros >= 5 -Url:http://sinatrarb.com/protection/ +URL:http://sinatrarb.com/protection/ Source: https://rubygems.org/gems/%{mod_full_name}.gem Source1:gem2rpm.yml Summary:Protect against typical web attacks, works with all Rack apps, ++ rack-protection-2.0.5.gem -> rack-protection-2.0.8.1.gem ++ Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/path_traversal.rb new/lib/rack/protection/path_traversal.rb --- old/lib/rack/protection/path_traversal.rb 2018-12-22 12:11:12.0 +0100 +++ new/lib/rack/protection/path_traversal.rb 2020-01-01 21:06:51.0 +0100 @@ -19,18 +19,10 @@ end def cleanup(path) -if path.respond_to?(:encoding) - # Ruby 1.9+ M17N - encoding = path.encoding - dot = '.'.encode(encoding) - slash = '/'.encode(encoding) - backslash = '\\'.encode(encoding) -else - # Ruby 1.8 - dot = '.' - slash = '/' - backslash = '\\' -end +encoding = path.encoding +dot = '.'.encode(encoding) +slash = '/'.encode(encoding) +backslash = '\\'.encode(encoding) parts = [] unescaped = path.gsub(/%2e/i, dot).gsub(/%2f/i, slash).gsub(/%5c/i, backslash) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/version.rb new/lib/rack/protection/version.rb --- old/lib/rack/protection/version.rb 2018-12-22 12:11:12.0 +0100 +++ new/lib/rack/protection/version.rb 2020-01-01 21:06:51.0 +0100 @@ -1,5 +1,5 @@ module Rack module Protection -VERSION = '2.0.5' +VERSION = '2.0.8.1' end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata2018-12-22 12:11:12.0 +0100 +++ new/metadata2020-01-01 21:06:51.0 +0100 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: rack-protection version: !ruby/object:Gem::Version - version: 2.0.5 + version: 2.0.8.1 platform: ruby authors: - https://github.com/sinatra/sinatra/graphs/contributors autorequire: bindir: bin cert_chain: [] -date: 2018-12-22 00:00:00.0 Z +date: 2020-01-01 00:00:00.0 Z dependencies: - !ruby/object:Gem::Dependency name: rack @@ -106,7 +106,7 @@ version: '0' requirements: [] rubyforge_project: -rubygems_version: 2.7.6 +rubygems_version: 2.7.3 signing_key: specification_version: 4 summary: Protect against typical web attacks, works with all Rack apps, including
commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2019-03-04 09:21:03 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.28833 (New) Package is "rubygem-rack-protection" Mon Mar 4 09:21:03 2019 rev:6 rq:679535 version:2.0.5 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2018-12-04 20:57:11.296662489 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.28833/rubygem-rack-protection.changes 2019-03-04 09:21:05.716593207 +0100 @@ -1,0 +2,6 @@ +Mon Jan 14 13:53:01 UTC 2019 - Stephan Kulow + +- updated to version 2.0.5 + no changelog found + +--- Old: rack-protection-2.0.4.gem New: rack-protection-2.0.5.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.CglVcV/_old 2019-03-04 09:21:06.384593087 +0100 +++ /var/tmp/diff_new_pack.CglVcV/_new 2019-03-04 09:21:06.384593087 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-rack-protection # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-rack-protection -Version:2.0.4 +Version:2.0.5 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} ++ rack-protection-2.0.4.gem -> rack-protection-2.0.5.gem ++ Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/session_hijacking.rb new/lib/rack/protection/session_hijacking.rb --- old/lib/rack/protection/session_hijacking.rb2018-09-15 11:38:53.0 +0200 +++ new/lib/rack/protection/session_hijacking.rb2018-12-22 12:11:12.0 +0100 @@ -14,7 +14,7 @@ class SessionHijacking < Base default_reaction :drop_session default_options :tracking_key => :tracking, :encrypt_tracking => true, -:track => %w[HTTP_USER_AGENT HTTP_ACCEPT_LANGUAGE] +:track => %w[HTTP_USER_AGENT] def accepts?(env) session = session env diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/version.rb new/lib/rack/protection/version.rb --- old/lib/rack/protection/version.rb 2018-09-15 11:38:53.0 +0200 +++ new/lib/rack/protection/version.rb 2018-12-22 12:11:12.0 +0100 @@ -1,5 +1,5 @@ module Rack module Protection -VERSION = '2.0.4' +VERSION = '2.0.5' end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata2018-09-15 11:38:53.0 +0200 +++ new/metadata2018-12-22 12:11:12.0 +0100 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: rack-protection version: !ruby/object:Gem::Version - version: 2.0.4 + version: 2.0.5 platform: ruby authors: - https://github.com/sinatra/sinatra/graphs/contributors autorequire: bindir: bin cert_chain: [] -date: 2018-09-15 00:00:00.0 Z +date: 2018-12-22 00:00:00.0 Z dependencies: - !ruby/object:Gem::Dependency name: rack @@ -106,7 +106,7 @@ version: '0' requirements: [] rubyforge_project: -rubygems_version: 2.6.8 +rubygems_version: 2.7.6 signing_key: specification_version: 4 summary: Protect against typical web attacks, works with all Rack apps, including
commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2018-12-04 20:57:09 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.19453 (New) Package is "rubygem-rack-protection" Tue Dec 4 20:57:09 2018 rev:5 rq:653709 version:2.0.4 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2018-07-18 22:52:12.235306299 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.19453/rubygem-rack-protection.changes 2018-12-04 20:57:11.296662489 +0100 @@ -1,0 +2,6 @@ +Thu Nov 22 05:30:27 UTC 2018 - Stephan Kulow + +- updated to version 2.0.4 + no changelog found + +--- Old: rack-protection-2.0.3.gem New: rack-protection-2.0.4.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.685KOF/_old 2018-12-04 20:57:11.744661996 +0100 +++ /var/tmp/diff_new_pack.685KOF/_new 2018-12-04 20:57:11.744661996 +0100 @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -24,7 +24,7 @@ # Name: rubygem-rack-protection -Version:2.0.3 +Version:2.0.4 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} @@ -32,7 +32,7 @@ BuildRequires: %{rubygem gem2rpm} BuildRequires: %{ruby} BuildRequires: ruby-macros >= 5 -Url:http://www.sinatrarb.com/protection/ +Url:http://sinatrarb.com/protection/ Source: https://rubygems.org/gems/%{mod_full_name}.gem Source1:gem2rpm.yml Summary:Protect against typical web attacks, works with all Rack apps, ++ rack-protection-2.0.3.gem -> rack-protection-2.0.4.gem ++ Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/version.rb new/lib/rack/protection/version.rb --- old/lib/rack/protection/version.rb 2018-06-08 18:04:25.0 +0200 +++ new/lib/rack/protection/version.rb 2018-09-15 11:38:53.0 +0200 @@ -1,5 +1,5 @@ module Rack module Protection -VERSION = '2.0.3' +VERSION = '2.0.4' end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata2018-06-08 18:04:25.0 +0200 +++ new/metadata2018-09-15 11:38:53.0 +0200 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: rack-protection version: !ruby/object:Gem::Version - version: 2.0.3 + version: 2.0.4 platform: ruby authors: - https://github.com/sinatra/sinatra/graphs/contributors autorequire: bindir: bin cert_chain: [] -date: 2018-06-08 00:00:00.0 Z +date: 2018-09-15 00:00:00.0 Z dependencies: - !ruby/object:Gem::Dependency name: rack @@ -83,10 +83,13 @@ - lib/rack/protection/version.rb - lib/rack/protection/xss_header.rb - rack-protection.gemspec -homepage: http://www.sinatrarb.com/protection/ +homepage: http://sinatrarb.com/protection/ licenses: - MIT -metadata: {} +metadata: + source_code_uri: https://github.com/sinatra/sinatra/tree/master/rack-protection + homepage_uri: http://sinatrarb.com/protection/ + documentation_uri: https://www.rubydoc.info/gems/rack-protection post_install_message: rdoc_options: [] require_paths: @@ -103,7 +106,7 @@ version: '0' requirements: [] rubyforge_project: -rubygems_version: 2.7.6 +rubygems_version: 2.6.8 signing_key: specification_version: 4 summary: Protect against typical web attacks, works with all Rack apps, including diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rack-protection.gemspec new/rack-protection.gemspec --- old/rack-protection.gemspec 2018-06-08 18:04:25.0 +0200 +++ new/rack-protection.gemspec 2018-09-15 11:38:53.0 +0200 @@ -5,7 +5,7 @@ s.name= "rack-protection" s.version = version s.description = "Protect against typical web attacks, works with all Rack apps, including Rails." - s.homepage= "http://www.sinatrarb.com/protection/; + s.homepage= "http://sinatrarb.com/protection/; s.summary = s.description s.license = 'MIT' s.authors = ["https://github.com/sinatra/sinatra/graphs/contributors;] @@ -18,6 +18,21 @@
commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2018-07-18 22:50:56 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new (New) Package is "rubygem-rack-protection" Wed Jul 18 22:50:56 2018 rev:4 rq:621027 version:2.0.3 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2018-02-19 13:04:18.082863967 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new/rubygem-rack-protection.changes 2018-07-18 22:52:12.235306299 +0200 @@ -1,0 +2,12 @@ +Fri Jun 8 17:27:24 UTC 2018 - factory-a...@kulow.org + +- updated to version 2.0.3 + no changelog found + +--- +Tue Jun 5 17:21:10 UTC 2018 - factory-a...@kulow.org + +- updated to version 2.0.2 + no changelog found + +--- Old: rack-protection-2.0.1.gem New: rack-protection-2.0.3.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.XSRUCB/_old 2018-07-18 22:52:12.839304295 +0200 +++ /var/tmp/diff_new_pack.XSRUCB/_new 2018-07-18 22:52:12.839304295 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-rack-protection -Version:2.0.1 +Version:2.0.3 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} ++ rack-protection-2.0.1.gem -> rack-protection-2.0.3.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Gemfile new/Gemfile --- old/Gemfile 2018-02-16 16:43:47.0 +0100 +++ new/Gemfile 2018-06-08 18:04:25.0 +0200 @@ -1,4 +1,4 @@ -source "http://rubygems.org; +source "https://rubygems.org; # encoding: utf-8 gem 'rake' Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/rack/protection/authenticity_token.rb new/lib/rack/protection/authenticity_token.rb --- old/lib/rack/protection/authenticity_token.rb 2018-02-16 16:43:47.0 +0100 +++ new/lib/rack/protection/authenticity_token.rb 2018-06-08 18:04:25.0 +0200 @@ -9,14 +9,78 @@ # Supported browsers:: all # More infos:: http://en.wikipedia.org/wiki/Cross-site_request_forgery # -# Only accepts unsafe HTTP requests if a given access token matches the token -# included in the session. +# This middleware only accepts requests other than GET, +# HEAD, OPTIONS, TRACE if their given access +# token matches the token included in the session. # -# Compatible with rack-csrf. +# It checks the X-CSRF-Token header and the POST form +# data. # -# Options: +# Compatible with the {rack-csrf}[https://rubygems.org/gems/rack_csrf] gem. # -# authenticity_param: Defines the param's name that should contain the token on a request. +# == Options +# +# [:authenticity_param] the name of the param that should contain +#the token on a request. Default value: +#"authenticity_token" +# +# == Example: Forms application +# +# To show what the AuthenticityToken does, this section includes a sample +# program which shows two forms. One with, and one without a CSRF token +# The one without CSRF token field will get a 403 Forbidden response. +# +# Install the gem, then run the program: +# +# gem install 'rack-protection' +# ruby server.rb +# +# Here is server.rb: +# +# require 'rack/protection' +# +# app = Rack::Builder.app do +# use Rack::Session::Cookie, secret: 'secret' +# use Rack::Protection::AuthenticityToken +# +# run -> (env) do +# [200, {}, [ +# <<~EOS +# +# +# +# +# rack-protection minimal example +# +# +# Without Authenticity Token +# This takes you to Forbidden +# +# +# +# +# +# With Authenticity Token +# This successfully takes you to back to this form. +# +# +# +# +# +# +# +# EOS +# ]] +# end +# end +# +# Rack::Handler::WEBrick.run app
commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2018-02-19 13:03:40 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new (New) Package is "rubygem-rack-protection" Mon Feb 19 13:03:40 2018 rev:3 rq:577914 version:2.0.1 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2017-06-08 15:01:31.723508242 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new/rubygem-rack-protection.changes 2018-02-19 13:04:18.082863967 +0100 @@ -1,0 +2,6 @@ +Sat Feb 17 05:31:13 UTC 2018 - factory-a...@kulow.org + +- updated to version 2.0.1 + no changelog found + +--- Old: rack-protection-2.0.0.gem New: rack-protection-2.0.1.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.HcehXC/_old 2018-02-19 13:04:18.822837281 +0100 +++ /var/tmp/diff_new_pack.HcehXC/_new 2018-02-19 13:04:18.826837136 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-rack-protection # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-rack-protection -Version:2.0.0 +Version:2.0.1 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} @@ -32,8 +32,8 @@ BuildRequires: %{rubygem gem2rpm} BuildRequires: %{ruby} BuildRequires: ruby-macros >= 5 -Url:http://github.com/sinatra/sinatra/tree/master/rack-protection -Source: http://rubygems.org/gems/%{mod_full_name}.gem +Url:http://www.sinatrarb.com/protection/ +Source: https://rubygems.org/gems/%{mod_full_name}.gem Source1:gem2rpm.yml Summary:Protect against typical web attacks, works with all Rack apps, License:MIT ++ rack-protection-2.0.0.gem -> rack-protection-2.0.1.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2017-05-07 02:06:07.0 +0200 +++ new/README.md 2018-02-16 16:43:47.0 +0100 @@ -1,7 +1,5 @@ # Rack::Protection -[![Build Status](https://secure.travis-ci.org/sinatra/rack-protection.png)](http://travis-ci.org/sinatra/rack-protection) - This gem protects against typical web attacks. Should work for all Rack apps, including Rails. @@ -40,55 +38,55 @@ Prevented by: -* `Rack::Protection::AuthenticityToken` (not included by `use Rack::Protection`) -* `Rack::Protection::FormToken` (not included by `use Rack::Protection`) -* `Rack::Protection::JsonCsrf` -* `Rack::Protection::RemoteReferrer` (not included by `use Rack::Protection`) -* `Rack::Protection::RemoteToken` -* `Rack::Protection::HttpOrigin` +* [`Rack::Protection::AuthenticityToken`][authenticity-token] (not included by `use Rack::Protection`) +* [`Rack::Protection::FormToken`][form-token] (not included by `use Rack::Protection`) +* [`Rack::Protection::JsonCsrf`][json-csrf] +* [`Rack::Protection::RemoteReferrer`][remote-referrer] (not included by `use Rack::Protection`) +* [`Rack::Protection::RemoteToken`][remote-token] +* [`Rack::Protection::HttpOrigin`][http-origin] ## Cross Site Scripting Prevented by: -* `Rack::Protection::EscapedParams` (not included by `use Rack::Protection`) -* `Rack::Protection::XSSHeader` (Internet Explorer and Chrome only) -* `Rack::Protection::ContentSecurityPolicy` +* [`Rack::Protection::EscapedParams`][escaped-params] (not included by `use Rack::Protection`) +* [`Rack::Protection::XSSHeader`][xss-header] (Internet Explorer and Chrome only) +* [`Rack::Protection::ContentSecurityPolicy`][content-security-policy] ## Clickjacking Prevented by: -* `Rack::Protection::FrameOptions` +* [`Rack::Protection::FrameOptions`][frame-options] ## Directory Traversal Prevented by: -* `Rack::Protection::PathTraversal` +* [`Rack::Protection::PathTraversal`][path-traversal] ## Session Hijacking Prevented by: -* `Rack::Protection::SessionHijacking` +* [`Rack::Protection::SessionHijacking`][session-hijacking] ## Cookie Tossing Prevented by: -* `Rack::Protection::CookieTossing` (not included by `use Rack::Protection`) +* [`Rack::Protection::CookieTossing`][cookie-tossing] (not included by `use Rack::Protection`) ## IP Spoofing Prevented by: -*
commit rubygem-rack-protection for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-rack-protection for openSUSE:Factory checked in at 2017-06-08 15:01:31 Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old) and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new (New) Package is "rubygem-rack-protection" Thu Jun 8 15:01:31 2017 rev:2 rq:497706 version:2.0.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes 2015-09-19 11:04:44.0 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new/rubygem-rack-protection.changes 2017-06-08 15:01:31.723508242 +0200 @@ -1,0 +2,6 @@ +Tue May 23 10:13:09 UTC 2017 - co...@suse.com + +- updated to version 2.0.0 + no changelog found + +--- Old: rack-protection-1.5.3.gem New: rack-protection-2.0.0.gem Other differences: -- ++ rubygem-rack-protection.spec ++ --- /var/tmp/diff_new_pack.vDknlo/_old 2017-06-08 15:01:32.323423575 +0200 +++ /var/tmp/diff_new_pack.vDknlo/_new 2017-06-08 15:01:32.323423575 +0200 @@ -1,7 +1,7 @@ # # spec file for package rubygem-rack-protection # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -14,6 +14,8 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + + # # This file was generated with a gem2rpm.yml and not just plain gem2rpm. # All sections marked as MANUAL, license headers, summaries and descriptions @@ -22,23 +24,24 @@ # Name: rubygem-rack-protection -Version:1.5.3 +Version:2.0.0 Release:0 %define mod_name rack-protection %define mod_full_name %{mod_name}-%{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: ruby-macros >= 5 -BuildRequires: %{ruby} BuildRequires: %{rubygem gem2rpm} -Url:http://github.com/rkh/rack-protection +BuildRequires: %{ruby} +BuildRequires: ruby-macros >= 5 +Url:http://github.com/sinatra/sinatra/tree/master/rack-protection Source: http://rubygems.org/gems/%{mod_full_name}.gem Source1: gem2rpm.yml -Summary:You should use protection! +Summary:Protect against typical web attacks, works with all Rack apps, License:MIT Group: Development/Languages/Ruby %description -You should use protection!. +Protect against typical web attacks, works with all Rack apps, including +Rails. %prep ++ rack-protection-1.5.3.gem -> rack-protection-2.0.0.gem ++ 1898 lines of diff (skipped)