commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2020-10-05 19:32:55
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.4249 (New)
Package is "rubygem-rack-protection"
Mon Oct 5 19:32:55 2020 rev:8 rq:838069 version:2.1.0
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2020-03-07 21:39:36.264327485 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.4249/rubygem-rack-protection.changes
2020-10-05 19:33:04.277188003 +0200
@@ -1,0 +2,6 @@
+Fri Sep 25 14:42:38 UTC 2020 - Stephan Kulow
+
+updated to version 2.1.0
+ no changelog found
+
+---
Old:
rack-protection-2.0.8.1.gem
New:
rack-protection-2.1.0.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.8U6loY/_old 2020-10-05 19:33:04.845190398 +0200
+++ /var/tmp/diff_new_pack.8U6loY/_new 2020-10-05 19:33:04.849190414 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-protection
-Version:2.0.8.1
+Version:2.1.0
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
++ rack-protection-2.0.8.1.gem -> rack-protection-2.1.0.gem ++
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/authenticity_token.rb
new/lib/rack/protection/authenticity_token.rb
--- old/lib/rack/protection/authenticity_token.rb 2020-01-01
21:06:51.0 +0100
+++ new/lib/rack/protection/authenticity_token.rb 2020-09-04
20:46:28.0 +0200
@@ -63,7 +63,7 @@
# With Authenticity Token
# This successfully takes you to back to this form.
#
-#
+#
#
#
#
@@ -189,7 +189,14 @@
end
def xor_byte_strings(s1, s2)
-s1.bytes.zip(s2.bytes).map { |(c1,c2)| c1 ^ c2 }.pack('c*')
+s2 = s2.dup
+size = s1.bytesize
+i = 0
+while i < size
+ s2.setbyte(i, s1.getbyte(i) ^ s2.getbyte(i))
+ i += 1
+end
+s2
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/content_security_policy.rb
new/lib/rack/protection/content_security_policy.rb
--- old/lib/rack/protection/content_security_policy.rb 2020-01-01
21:06:51.0 +0100
+++ new/lib/rack/protection/content_security_policy.rb 2020-09-04
20:46:28.0 +0200
@@ -36,16 +36,15 @@
# to be used in a policy.
#
class ContentSecurityPolicy < Base
- default_options default_src: :none, script_src: "'self'",
- img_src: "'self'", style_src: "'self'",
- connect_src: "'self'", report_only: false
+ default_options default_src: "'self'", report_only: false
DIRECTIVES = %i(base_uri child_src connect_src default_src
font_src form_action frame_ancestors frame_src
img_src manifest_src media_src object_src
plugin_types referrer reflected_xss report_to
report_uri require_sri_for sandbox script_src
- style_src worker_src).freeze
+ style_src worker_src webrtc_src navigate_to
+ prefetch_src).freeze
NO_ARG_DIRECTIVES = %i(block_all_mixed_content disown_opener
upgrade_insecure_requests).freeze
@@ -62,7 +61,7 @@
# Set these key values to boolean 'true' to include in policy
NO_ARG_DIRECTIVES.each do |d|
if options.key?(d) && options[d].is_a?(TrueClass)
-directives << d.to_s.sub(/_/, '-')
+directives << d.to_s.tr('_', '-')
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/http_origin.rb
new/lib/rack/protection/http_origin.rb
--- old/lib/rack/protection/http_origin.rb 2020-01-01 21:06:51.0
+0100
+++ new/lib/rack/protection/http_origin.rb 2020-09-04 20:46:28.0
+0200
@@ -9,11 +9,11 @@
# http://tools.ietf.org/html/draft-abarth-origin
#
# Does not accept unsafe HTTP requests when value of Origin HTTP request
header
-# does not match default or whitelisted URIs.
+# does
commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2020-03-07 21:39:31
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.26092 (New)
Package is "rubygem-rack-protection"
Sat Mar 7 21:39:31 2020 rev:7 rq:773838 version:2.0.8.1
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2019-03-04 09:21:05.716593207 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.26092/rubygem-rack-protection.changes
2020-03-07 21:39:36.264327485 +0100
@@ -1,0 +2,6 @@
+Mon Feb 10 15:28:56 UTC 2020 - Stephan Kulow
+
+- updated to version 2.0.8.1
+ no changelog found
+
+---
Old:
rack-protection-2.0.5.gem
New:
rack-protection-2.0.8.1.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.bAbAWa/_old 2020-03-07 21:39:36.776327830 +0100
+++ /var/tmp/diff_new_pack.bAbAWa/_new 2020-03-07 21:39:36.780327832 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-rack-protection
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-protection
-Version:2.0.5
+Version:2.0.8.1
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
@@ -32,7 +32,7 @@
BuildRequires: %{rubygem gem2rpm}
BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
-Url:http://sinatrarb.com/protection/
+URL:http://sinatrarb.com/protection/
Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1:gem2rpm.yml
Summary:Protect against typical web attacks, works with all Rack apps,
++ rack-protection-2.0.5.gem -> rack-protection-2.0.8.1.gem ++
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/path_traversal.rb
new/lib/rack/protection/path_traversal.rb
--- old/lib/rack/protection/path_traversal.rb 2018-12-22 12:11:12.0
+0100
+++ new/lib/rack/protection/path_traversal.rb 2020-01-01 21:06:51.0
+0100
@@ -19,18 +19,10 @@
end
def cleanup(path)
-if path.respond_to?(:encoding)
- # Ruby 1.9+ M17N
- encoding = path.encoding
- dot = '.'.encode(encoding)
- slash = '/'.encode(encoding)
- backslash = '\\'.encode(encoding)
-else
- # Ruby 1.8
- dot = '.'
- slash = '/'
- backslash = '\\'
-end
+encoding = path.encoding
+dot = '.'.encode(encoding)
+slash = '/'.encode(encoding)
+backslash = '\\'.encode(encoding)
parts = []
unescaped = path.gsub(/%2e/i, dot).gsub(/%2f/i, slash).gsub(/%5c/i,
backslash)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/version.rb
new/lib/rack/protection/version.rb
--- old/lib/rack/protection/version.rb 2018-12-22 12:11:12.0 +0100
+++ new/lib/rack/protection/version.rb 2020-01-01 21:06:51.0 +0100
@@ -1,5 +1,5 @@
module Rack
module Protection
-VERSION = '2.0.5'
+VERSION = '2.0.8.1'
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata2018-12-22 12:11:12.0 +0100
+++ new/metadata2020-01-01 21:06:51.0 +0100
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: rack-protection
version: !ruby/object:Gem::Version
- version: 2.0.5
+ version: 2.0.8.1
platform: ruby
authors:
- https://github.com/sinatra/sinatra/graphs/contributors
autorequire:
bindir: bin
cert_chain: []
-date: 2018-12-22 00:00:00.0 Z
+date: 2020-01-01 00:00:00.0 Z
dependencies:
- !ruby/object:Gem::Dependency
name: rack
@@ -106,7 +106,7 @@
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 2.7.3
signing_key:
specification_version: 4
summary: Protect against typical web attacks, works with all Rack apps,
including
commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2019-03-04 09:21:03
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.28833 (New)
Package is "rubygem-rack-protection"
Mon Mar 4 09:21:03 2019 rev:6 rq:679535 version:2.0.5
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2018-12-04 20:57:11.296662489 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.28833/rubygem-rack-protection.changes
2019-03-04 09:21:05.716593207 +0100
@@ -1,0 +2,6 @@
+Mon Jan 14 13:53:01 UTC 2019 - Stephan Kulow
+
+- updated to version 2.0.5
+ no changelog found
+
+---
Old:
rack-protection-2.0.4.gem
New:
rack-protection-2.0.5.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.CglVcV/_old 2019-03-04 09:21:06.384593087 +0100
+++ /var/tmp/diff_new_pack.CglVcV/_new 2019-03-04 09:21:06.384593087 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-rack-protection
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-protection
-Version:2.0.4
+Version:2.0.5
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
++ rack-protection-2.0.4.gem -> rack-protection-2.0.5.gem ++
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/session_hijacking.rb
new/lib/rack/protection/session_hijacking.rb
--- old/lib/rack/protection/session_hijacking.rb2018-09-15
11:38:53.0 +0200
+++ new/lib/rack/protection/session_hijacking.rb2018-12-22
12:11:12.0 +0100
@@ -14,7 +14,7 @@
class SessionHijacking < Base
default_reaction :drop_session
default_options :tracking_key => :tracking, :encrypt_tracking => true,
-:track => %w[HTTP_USER_AGENT HTTP_ACCEPT_LANGUAGE]
+:track => %w[HTTP_USER_AGENT]
def accepts?(env)
session = session env
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/version.rb
new/lib/rack/protection/version.rb
--- old/lib/rack/protection/version.rb 2018-09-15 11:38:53.0 +0200
+++ new/lib/rack/protection/version.rb 2018-12-22 12:11:12.0 +0100
@@ -1,5 +1,5 @@
module Rack
module Protection
-VERSION = '2.0.4'
+VERSION = '2.0.5'
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata2018-09-15 11:38:53.0 +0200
+++ new/metadata2018-12-22 12:11:12.0 +0100
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: rack-protection
version: !ruby/object:Gem::Version
- version: 2.0.4
+ version: 2.0.5
platform: ruby
authors:
- https://github.com/sinatra/sinatra/graphs/contributors
autorequire:
bindir: bin
cert_chain: []
-date: 2018-09-15 00:00:00.0 Z
+date: 2018-12-22 00:00:00.0 Z
dependencies:
- !ruby/object:Gem::Dependency
name: rack
@@ -106,7 +106,7 @@
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.6.8
+rubygems_version: 2.7.6
signing_key:
specification_version: 4
summary: Protect against typical web attacks, works with all Rack apps,
including
commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2018-12-04 20:57:09
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.19453 (New)
Package is "rubygem-rack-protection"
Tue Dec 4 20:57:09 2018 rev:5 rq:653709 version:2.0.4
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2018-07-18 22:52:12.235306299 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new.19453/rubygem-rack-protection.changes
2018-12-04 20:57:11.296662489 +0100
@@ -1,0 +2,6 @@
+Thu Nov 22 05:30:27 UTC 2018 - Stephan Kulow
+
+- updated to version 2.0.4
+ no changelog found
+
+---
Old:
rack-protection-2.0.3.gem
New:
rack-protection-2.0.4.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.685KOF/_old 2018-12-04 20:57:11.744661996 +0100
+++ /var/tmp/diff_new_pack.685KOF/_new 2018-12-04 20:57:11.744661996 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-protection
-Version:2.0.3
+Version:2.0.4
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
@@ -32,7 +32,7 @@
BuildRequires: %{rubygem gem2rpm}
BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
-Url:http://www.sinatrarb.com/protection/
+Url:http://sinatrarb.com/protection/
Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1:gem2rpm.yml
Summary:Protect against typical web attacks, works with all Rack apps,
++ rack-protection-2.0.3.gem -> rack-protection-2.0.4.gem ++
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/version.rb
new/lib/rack/protection/version.rb
--- old/lib/rack/protection/version.rb 2018-06-08 18:04:25.0 +0200
+++ new/lib/rack/protection/version.rb 2018-09-15 11:38:53.0 +0200
@@ -1,5 +1,5 @@
module Rack
module Protection
-VERSION = '2.0.3'
+VERSION = '2.0.4'
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata2018-06-08 18:04:25.0 +0200
+++ new/metadata2018-09-15 11:38:53.0 +0200
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: rack-protection
version: !ruby/object:Gem::Version
- version: 2.0.3
+ version: 2.0.4
platform: ruby
authors:
- https://github.com/sinatra/sinatra/graphs/contributors
autorequire:
bindir: bin
cert_chain: []
-date: 2018-06-08 00:00:00.0 Z
+date: 2018-09-15 00:00:00.0 Z
dependencies:
- !ruby/object:Gem::Dependency
name: rack
@@ -83,10 +83,13 @@
- lib/rack/protection/version.rb
- lib/rack/protection/xss_header.rb
- rack-protection.gemspec
-homepage: http://www.sinatrarb.com/protection/
+homepage: http://sinatrarb.com/protection/
licenses:
- MIT
-metadata: {}
+metadata:
+ source_code_uri:
https://github.com/sinatra/sinatra/tree/master/rack-protection
+ homepage_uri: http://sinatrarb.com/protection/
+ documentation_uri: https://www.rubydoc.info/gems/rack-protection
post_install_message:
rdoc_options: []
require_paths:
@@ -103,7 +106,7 @@
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 2.6.8
signing_key:
specification_version: 4
summary: Protect against typical web attacks, works with all Rack apps,
including
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rack-protection.gemspec new/rack-protection.gemspec
--- old/rack-protection.gemspec 2018-06-08 18:04:25.0 +0200
+++ new/rack-protection.gemspec 2018-09-15 11:38:53.0 +0200
@@ -5,7 +5,7 @@
s.name= "rack-protection"
s.version = version
s.description = "Protect against typical web attacks, works with all Rack
apps, including Rails."
- s.homepage= "http://www.sinatrarb.com/protection/;
+ s.homepage= "http://sinatrarb.com/protection/;
s.summary = s.description
s.license = 'MIT'
s.authors = ["https://github.com/sinatra/sinatra/graphs/contributors;]
@@ -18,6 +18,21 @@
commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2018-07-18 22:50:56
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new (New)
Package is "rubygem-rack-protection"
Wed Jul 18 22:50:56 2018 rev:4 rq:621027 version:2.0.3
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2018-02-19 13:04:18.082863967 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new/rubygem-rack-protection.changes
2018-07-18 22:52:12.235306299 +0200
@@ -1,0 +2,12 @@
+Fri Jun 8 17:27:24 UTC 2018 - factory-a...@kulow.org
+
+- updated to version 2.0.3
+ no changelog found
+
+---
+Tue Jun 5 17:21:10 UTC 2018 - factory-a...@kulow.org
+
+- updated to version 2.0.2
+ no changelog found
+
+---
Old:
rack-protection-2.0.1.gem
New:
rack-protection-2.0.3.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.XSRUCB/_old 2018-07-18 22:52:12.839304295 +0200
+++ /var/tmp/diff_new_pack.XSRUCB/_new 2018-07-18 22:52:12.839304295 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-protection
-Version:2.0.1
+Version:2.0.3
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
++ rack-protection-2.0.1.gem -> rack-protection-2.0.3.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Gemfile new/Gemfile
--- old/Gemfile 2018-02-16 16:43:47.0 +0100
+++ new/Gemfile 2018-06-08 18:04:25.0 +0200
@@ -1,4 +1,4 @@
-source "http://rubygems.org;
+source "https://rubygems.org;
# encoding: utf-8
gem 'rake'
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/protection/authenticity_token.rb
new/lib/rack/protection/authenticity_token.rb
--- old/lib/rack/protection/authenticity_token.rb 2018-02-16
16:43:47.0 +0100
+++ new/lib/rack/protection/authenticity_token.rb 2018-06-08
18:04:25.0 +0200
@@ -9,14 +9,78 @@
# Supported browsers:: all
# More infos::
http://en.wikipedia.org/wiki/Cross-site_request_forgery
#
-# Only accepts unsafe HTTP requests if a given access token matches the
token
-# included in the session.
+# This middleware only accepts requests other than GET,
+# HEAD, OPTIONS, TRACE if their given access
+# token matches the token included in the session.
#
-# Compatible with rack-csrf.
+# It checks the X-CSRF-Token header and the POST form
+# data.
#
-# Options:
+# Compatible with the {rack-csrf}[https://rubygems.org/gems/rack_csrf] gem.
#
-# authenticity_param: Defines the param's name that should contain the
token on a request.
+# == Options
+#
+# [:authenticity_param] the name of the param that should contain
+#the token on a request. Default value:
+#"authenticity_token"
+#
+# == Example: Forms application
+#
+# To show what the AuthenticityToken does, this section includes a sample
+# program which shows two forms. One with, and one without a CSRF token
+# The one without CSRF token field will get a 403 Forbidden response.
+#
+# Install the gem, then run the program:
+#
+# gem install 'rack-protection'
+# ruby server.rb
+#
+# Here is server.rb:
+#
+# require 'rack/protection'
+#
+# app = Rack::Builder.app do
+# use Rack::Session::Cookie, secret: 'secret'
+# use Rack::Protection::AuthenticityToken
+#
+# run -> (env) do
+# [200, {}, [
+# <<~EOS
+#
+#
+#
+#
+# rack-protection minimal example
+#
+#
+# Without Authenticity Token
+# This takes you to Forbidden
+#
+#
+#
+#
+#
+# With Authenticity Token
+# This successfully takes you to back to this form.
+#
+#
+#
+#
+#
+#
+#
+# EOS
+# ]]
+# end
+# end
+#
+# Rack::Handler::WEBrick.run app
commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2018-02-19 13:03:40
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new (New)
Package is "rubygem-rack-protection"
Mon Feb 19 13:03:40 2018 rev:3 rq:577914 version:2.0.1
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2017-06-08 15:01:31.723508242 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new/rubygem-rack-protection.changes
2018-02-19 13:04:18.082863967 +0100
@@ -1,0 +2,6 @@
+Sat Feb 17 05:31:13 UTC 2018 - factory-a...@kulow.org
+
+- updated to version 2.0.1
+ no changelog found
+
+---
Old:
rack-protection-2.0.0.gem
New:
rack-protection-2.0.1.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.HcehXC/_old 2018-02-19 13:04:18.822837281 +0100
+++ /var/tmp/diff_new_pack.HcehXC/_new 2018-02-19 13:04:18.826837136 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-rack-protection
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-protection
-Version:2.0.0
+Version:2.0.1
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
@@ -32,8 +32,8 @@
BuildRequires: %{rubygem gem2rpm}
BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
-Url:http://github.com/sinatra/sinatra/tree/master/rack-protection
-Source: http://rubygems.org/gems/%{mod_full_name}.gem
+Url:http://www.sinatrarb.com/protection/
+Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1:gem2rpm.yml
Summary:Protect against typical web attacks, works with all Rack apps,
License:MIT
++ rack-protection-2.0.0.gem -> rack-protection-2.0.1.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2017-05-07 02:06:07.0 +0200
+++ new/README.md 2018-02-16 16:43:47.0 +0100
@@ -1,7 +1,5 @@
# Rack::Protection
-[](http://travis-ci.org/sinatra/rack-protection)
-
This gem protects against typical web attacks.
Should work for all Rack apps, including Rails.
@@ -40,55 +38,55 @@
Prevented by:
-* `Rack::Protection::AuthenticityToken` (not included by `use
Rack::Protection`)
-* `Rack::Protection::FormToken` (not included by `use Rack::Protection`)
-* `Rack::Protection::JsonCsrf`
-* `Rack::Protection::RemoteReferrer` (not included by `use Rack::Protection`)
-* `Rack::Protection::RemoteToken`
-* `Rack::Protection::HttpOrigin`
+* [`Rack::Protection::AuthenticityToken`][authenticity-token] (not included by
`use Rack::Protection`)
+* [`Rack::Protection::FormToken`][form-token] (not included by `use
Rack::Protection`)
+* [`Rack::Protection::JsonCsrf`][json-csrf]
+* [`Rack::Protection::RemoteReferrer`][remote-referrer] (not included by `use
Rack::Protection`)
+* [`Rack::Protection::RemoteToken`][remote-token]
+* [`Rack::Protection::HttpOrigin`][http-origin]
## Cross Site Scripting
Prevented by:
-* `Rack::Protection::EscapedParams` (not included by `use Rack::Protection`)
-* `Rack::Protection::XSSHeader` (Internet Explorer and Chrome only)
-* `Rack::Protection::ContentSecurityPolicy`
+* [`Rack::Protection::EscapedParams`][escaped-params] (not included by `use
Rack::Protection`)
+* [`Rack::Protection::XSSHeader`][xss-header] (Internet Explorer and Chrome
only)
+* [`Rack::Protection::ContentSecurityPolicy`][content-security-policy]
## Clickjacking
Prevented by:
-* `Rack::Protection::FrameOptions`
+* [`Rack::Protection::FrameOptions`][frame-options]
## Directory Traversal
Prevented by:
-* `Rack::Protection::PathTraversal`
+* [`Rack::Protection::PathTraversal`][path-traversal]
## Session Hijacking
Prevented by:
-* `Rack::Protection::SessionHijacking`
+* [`Rack::Protection::SessionHijacking`][session-hijacking]
## Cookie Tossing
Prevented by:
-* `Rack::Protection::CookieTossing` (not included by `use Rack::Protection`)
+* [`Rack::Protection::CookieTossing`][cookie-tossing] (not included by `use
Rack::Protection`)
## IP Spoofing
Prevented by:
-*
commit rubygem-rack-protection for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-rack-protection for
openSUSE:Factory checked in at 2017-06-08 15:01:31
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-protection (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-protection.new (New)
Package is "rubygem-rack-protection"
Thu Jun 8 15:01:31 2017 rev:2 rq:497706 version:2.0.0
Changes:
---
/work/SRC/openSUSE:Factory/rubygem-rack-protection/rubygem-rack-protection.changes
2015-09-19 11:04:44.0 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-protection.new/rubygem-rack-protection.changes
2017-06-08 15:01:31.723508242 +0200
@@ -1,0 +2,6 @@
+Tue May 23 10:13:09 UTC 2017 - co...@suse.com
+
+- updated to version 2.0.0
+ no changelog found
+
+---
Old:
rack-protection-1.5.3.gem
New:
rack-protection-2.0.0.gem
Other differences:
--
++ rubygem-rack-protection.spec ++
--- /var/tmp/diff_new_pack.vDknlo/_old 2017-06-08 15:01:32.323423575 +0200
+++ /var/tmp/diff_new_pack.vDknlo/_new 2017-06-08 15:01:32.323423575 +0200
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-rack-protection
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -14,6 +14,8 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
+
#
# This file was generated with a gem2rpm.yml and not just plain gem2rpm.
# All sections marked as MANUAL, license headers, summaries and descriptions
@@ -22,23 +24,24 @@
#
Name: rubygem-rack-protection
-Version:1.5.3
+Version:2.0.0
Release:0
%define mod_name rack-protection
%define mod_full_name %{mod_name}-%{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: ruby-macros >= 5
-BuildRequires: %{ruby}
BuildRequires: %{rubygem gem2rpm}
-Url:http://github.com/rkh/rack-protection
+BuildRequires: %{ruby}
+BuildRequires: ruby-macros >= 5
+Url:http://github.com/sinatra/sinatra/tree/master/rack-protection
Source: http://rubygems.org/gems/%{mod_full_name}.gem
Source1: gem2rpm.yml
-Summary:You should use protection!
+Summary:Protect against typical web attacks, works with all Rack apps,
License:MIT
Group: Development/Languages/Ruby
%description
-You should use protection!.
+Protect against typical web attacks, works with all Rack apps, including
+Rails.
%prep
++ rack-protection-1.5.3.gem -> rack-protection-2.0.0.gem ++
1898 lines of diff (skipped)
