ruby3.4-rubygem-rack-3.1.8-slfo.1.1.1 RPM for x86_64

From OpenSuSE Leap 16.0 for x86_64

Rack provides a minimal, modular and adaptable interface for developing
web applications in Ruby. By wrapping HTTP requests and responses in
the simplest way possible, it unifies and distills the API for web
servers, web frameworks, and software in between (the so-called
middleware) into a single method call.

Provides

• ruby3.4-rubygem-rack
• ruby3.4-rubygem-rack(x86-64)
• rubygem(rack)
• rubygem(ruby:3.4.0:rack)
• rubygem(ruby:3.4.0:rack:3)
• rubygem(ruby:3.4.0:rack:3.1)
• rubygem(ruby:3.4.0:rack:3.1.8)

Requires

• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• ruby(abi) = 3.4.0

License

MIT

Changelog

* Mon Nov 04 2024 [email protected]
  - New upstream release 3.1.8, see bundled CHANGELOG.md
* Fri Jun 21 2024 [email protected]
  - New upstream release 3.1.3, see bundled CHANGELOG.md
* Tue Feb 27 2024 [email protected]
  - version update to 3.0.9.1
    * Fixed ReDoS in Accept header parsing [CVE-2024-26146][bsc#1220248]
    * Fixed ReDoS in Content Type header parsing [CVE-2024-25126][bsc#1220239]
    * Reject Range headers which are too large [CVE-2024-26141][bsc#1220242]
    * Fix content-length calcuation in Rack:Response#write #2150
* Tue Nov 14 2023 [email protected]
  - 3.0.8:
    [#]# What's Changed
    * Backport "Fix some unused variable verbose warnings" by @skipkayhil in https://github.com/rack/rack/pull/2084
    [#]# New Contributors
    * @skipkayhil made their first contribution in https://github.com/rack/rack/pull/2084
    * *Full Changelog**: https://github.com/rack/rack/compare/v3.0.7...v3.0.8
* Mon Mar 20 2023 [email protected]
  - version update to 3.0.7
    [3.0.7] - 2023-03-16
      Make query parameters without = have nil values. (#2059, @jeremyevans)
    [3.0.6.1] - 2023-03-13
      [CVE-2023-27539] Avoid ReDoS in header parsing [bsc#1209503]
    [3.0.6] - 2023-03-13
      Add QueryParser#missing_value for handling missing values + tests. (#2052, @ioquatix)
    [3.0.5] - 2023-03-13
      Split form/query parsing into two steps. (#2038, @matthewd)
* Thu Mar 09 2023 [email protected]
  - version update to 3.0.4.2
    * rack.input is now optional, and if missing, will raise an error.
      Use this to fail on multipart parsing a request without an input body.
      (#2018, @ioquatix)
    * Introduce module Rack::BadRequest which is included in multipart and
      query parser errors. (#2019, @ioquatix)
    * MIME type for JavaScript files (.js) changed from application/javascript
      to text/javascript (1bd0f15)
    * fixes CVE-2023-27530 [bsc#1209095]
* Fri Jan 20 2023 [email protected]
  updated to version 3.0.4.1
    [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
    [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
    [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)
    For more detailed information see the installed CHANGELOG.md
* Wed Dec 07 2022 [email protected]
  updated to version 3.0.2
    see installed CHANGELOG.md
    [#]# [3.0.2] -2022-12-05
    [#]## Fixed
    - `Utils.build_nested_query` URL-encodes nested field names including the square brackets.
    - Allow `Rack::Response` to pass through streaming bodies. ([#1993](https://github.com/rack/rack/pull/1993), [@ioquatix])
    [#]# [3.0.1] - 2022-11-18
    [#]## Fixed
    - `MethodOverride` does not look for an override if a request does not include form/parseable data.
    - `Rack::Lint::Wrapper` correctly handles `respond_to?` with `to_ary`, `each`, `call` and `to_path`, forwarding to the body. ([#1981](https://github.com/rack/rack/pull/1981), [@ioquatix])
* Mon Oct 10 2022 [email protected]
  updated to version 3.0.0
    see installed CHANGELOG.md
    [#]# [3.0.0] - 2022-09-06
    - No changes
    [#]# [3.0.0.rc1] - 2022-09-04
    [#]## SPEC Changes
    - Stream argument must implement `<<` https://github.com/rack/rack/pull/1959
    - `close` may be called on `rack.input` https://github.com/rack/rack/pull/1956
    - `rack.response_finished` may be used for executing code after the response has been finished https://github.com/rack/rack/pull/1952
    [#]# [3.0.0.beta1] - 2022-08-08
    [#]## Security
    - Do not use semicolon as GET parameter separator. ([#1733](https://github.com/rack/rack/pull/1733), [@jeremyevans])
    [#]## SPEC Changes
    - Response array must now be non-frozen.
    - Response `status` must now be an integer greater than or equal to 100.
    - Response `headers` must now be an unfrozen hash.
    - Response header keys can no longer include uppercase characters.
    - Response header values can be an `Array` to handle multiple values (and no longer supports `\n` encoded headers).
    - Response body can now respond to `#call` (streaming body) instead of `#each` (enumerable body), for the equivalent of response hijacking in previous versions.
    - Middleware must no longer call `#each` on the body, but they can call `#to_ary` on the body if it responds to `#to_ary`.
    - `rack.input` is no longer required to be rewindable.
    - `rack.multithread`/`rack.multiprocess`/`rack.run_once`/`rack.version` are no longer required environment keys.
    - `SERVER_PROTOCOL` is now a required environment key, matching the HTTP protocol used in the request.
    - `rack.hijack?` (partial hijack) and `rack.hijack` (full hijack) are now independently optional.
    - `rack.hijack_io` has been removed completely.
    - `rack.response_finished` is an optional environment key which contains an array of callable objects that must accept `#call(env, status, headers, error)` and are invoked after the response is finished (either successfully or unsucessfully).
    - It is okay to call `#close` on `rack.input` to indicate that you no longer need or care about the input.
    - The stream argument supplied to the streaming body and hijack must support `#<<` for writing output.
    [#]## Removed
    - Remove `rack.multithread`/`rack.multiprocess`/`rack.run_once`. These variables generally come too late to be useful. ([#1720](https://github.com/rack/rack/pull/1720), [@ioquatix], [@jeremyevans]))
    - Remove deprecated Rack::Request::SCHEME_WHITELIST. ([@jeremyevans])
    - Remove internal cookie deletion using pattern matching, there are very few practical cases where it would be useful and browsers handle it correctly without us doing anything special. ([#1844](https://github.com/rack/rack/pull/1844), [@ioquatix])
    - Remove `rack.version` as it comes too late to be useful. ([#1938](https://github.com/rack/rack/pull/1938), [@ioquatix])
    - Extract `rackup` command, `Rack::Server`, `Rack::Handler` and related code into a separate gem. ([#1937](https://github.com/rack/rack/pull/1937), [@ioquatix])
    [#]## Added
    - `Rack::Headers` added to support lower-case header keys. ([@jeremyevans])
    - `Rack::Utils#set_cookie_header` now supports `escape_key: false` to avoid key escaping.  ([@jeremyevans])
    - `Rack::RewindableInput` supports size. ([@ahorek](https://github.com/ahorek))
    - `Rack::RewindableInput::Middleware` added for making `rack.input` rewindable. ([@jeremyevans])
    - The RFC 7239 Forwarded header is now supported and considered by default when looking for information on forwarding, falling back to the X-Forwarded-* headers. `Rack::Request.forwarded_priority` accessor has been added for configuring the priority of which header to check.  ([#1423](https://github.com/rack/rack/issues/1423), [@jeremyevans])
    - Allow response headers to contain array of values. ([#1598](https://github.com/rack/rack/issues/1598), [@ioquatix])
    - Support callable body for explicit streaming support and clarify streaming response body behaviour. ([#1745](https://github.com/rack/rack/pull/1745), [@ioquatix], [#1748](https://github.com/rack/rack/pull/1748), [@wjordan])
    - Allow `Rack::Builder#run` to take a block instead of an argument. ([#1942](https://github.com/rack/rack/pull/1942), [@ioquatix])
    - Add `rack.response_finished` to `Rack::Lint`. ([#1802](https://github.com/rack/rack/pull/1802), [@BlakeWilliams], [#1952](https://github.com/rack/rack/pull/1952), [@ioquatix])
    - The stream argument must implement `#<<`. ([#1959](https://github.com/rack/rack/pull/1959), [@ioquatix])
    [#]## Changed
    - BREAKING CHANGE: Require `status` to be an Integer. ([#1662](https://github.com/rack/rack/pull/1662), [@olleolleolle](https://github.com/olleolleolle))
    - BREAKING CHANGE: Query parsing now treats parameters without `=` as having the empty string value instead of nil value, to conform to the URL spec. ([#1696](https://github.com/rack/rack/issues/1696), [@jeremyevans])
    - Relax validations around `Rack::Request#host` and `Rack::Request#hostname`. ([#1606](https://github.com/rack/rack/issues/1606), [@pvande](https://github.com/pvande))
    - Removed antiquated handlers: FCGI, LSWS, SCGI, Thin. ([#1658](https://github.com/rack/rack/pull/1658), [@ioquatix])
    - Removed options from `Rack::Builder.parse_file` and `Rack::Builder.load_file`. ([#1663](https://github.com/rack/rack/pull/1663), [@ioquatix])
    - `Rack::HTTP_VERSION` has been removed and the `HTTP_VERSION` env setting is no longer set in the CGI and Webrick handlers. ([#970](https://github.com/rack/rack/issues/970), [@jeremyevans])
    - `Rack::Request#[]` and `#[]=` now warn even in non-verbose mode. ([#1277](https://github.com/rack/rack/issues/1277), [@jeremyevans])
    - Decrease default allowed parameter recursion level from 100 to 32. ([#1640](https://github.com/rack/rack/issues/1640), [@jeremyevans])
    - Attempting to parse a multipart response with an empty body now raises Rack::Multipart::EmptyContentError. ([#1603](https://github.com/rack/rack/issues/1603), [@jeremyevans])
    - `Rack::Utils.secure_compare` uses OpenSSL's faster implementation if available. ([#1711](https://github.com/rack/rack/pull/1711), [@bdewater](https://github.com/bdewater))
    - `Rack::Request#POST` now caches an empty hash if input content type is not parseable. ([#749](https://github.com/rack/rack/pull/749), [@jeremyevans])
    - BREAKING CHANGE: Updated `trusted_proxy?` to match full 127.0.0.0/8 network. ([#1781](https://github.com/rack/rack/pull/1781), [@snbloch](https://github.com/snbloch))
    - Explicitly deprecate `Rack::File` which was an alias for `Rack::Files`. ([#1811](https://github.com/rack/rack/pull/1720), [@ioquatix]).
    - Moved `Rack::Session` into [separate gem](https://github.com/rack/rack-session). ([#1805](https://github.com/rack/rack/pull/1805), [@ioquatix])
    - `rackup -D` option to daemonizes no longer changes the working directory to the root. ([#1813](https://github.com/rack/rack/pull/1813), [@jeremyevans])
    - The `x-forwarded-proto` header is now considered before the `x-forwarded-scheme` header for determining the forwarded protocol. `Rack::Request.x_forwarded_proto_priority` accessor has been added for configuring the priority of which header to check.  ([#1809](https://github.com/rack/rack/issues/1809), [@jeremyevans])
    - `Rack::Request.forwarded_authority` (and methods that call it, such as `host`) now returns the last authority in the forwarded header, instead of the first, as earlier forwarded authorities can be forged by clients. This restores the Rack 2.1 behavior. ([#1829](https://github.com/rack/rack/issues/1809), [@jeremyevans])
    - Use lower case cookie attributes when creating cookies, and fold cookie attributes to lower case when reading cookies (specifically impacting `secure` and `httponly` attributes). ([#1849](https://github.com/rack/rack/pull/1849), [@ioquatix])
    - The response array must now be mutable (non-frozen) so middleware can modify it without allocating a new Array,therefore reducing object allocations. ([#1887](https://github.com/rack/rack/pull/1887), [#1927](https://github.com/rack/rack/pull/1927), [@amatsuda], [@ioquatix])
    - `rack.hijack?` (partial hijack) and `rack.hijack` (full hijack) are now independently optional. `rack.hijack_io` is no longer required/specified. ([#1939](https://github.com/rack/rack/pull/1939), [@ioquatix])
    - Allow calling close on `rack.input`. ([#1956](https://github.com/rack/rack/pull/1956), [@ioquatix])
    [#]## Fixed
    - Make Rack::MockResponse handle non-hash headers. ([#1629](https://github.com/rack/rack/issues/1629), [@jeremyevans])
    - TempfileReaper now deletes temp files if application raises an exception. ([#1679](https://github.com/rack/rack/issues/1679), [@jeremyevans])
    - Handle cookies with values that end in '=' ([#1645](https://github.com/rack/rack/pull/1645), [@lukaso](https://github.com/lukaso))
    - Make `Rack::NullLogger` respond to `#fatal!` [@jeremyevans])
    - Fix multipart filename generation for filenames that contain spaces. Encode spaces as "%20" instead of "+" which will be decoded properly by the multipart parser. ([#1736](https://github.com/rack/rack/pull/1645), [@muirdm](https://github.com/muirdm))
    - `Rack::Request#scheme` returns `ws` or `wss` when one of the `X-Forwarded-Scheme` / `X-Forwarded-Proto` headers is set to `ws` or `wss`, respectively. ([#1730](https://github.com/rack/rack/issues/1730), [@erwanst](https://github.com/erwanst))
* Fri Jul 08 2022 [email protected]
  - updated to version 2.2.4
    * Better support for lower case headers in `Rack::ETag` middleware. ([#1919](https://github.com/rack/rack/pull/1919), [@ioquatix](https://github.com/ioquatix))
    * Use custom exception on params too deep error. ([#1838](https://github.com/rack/rack/pull/1838), [@simi](https://github.com/simi))
* Mon May 30 2022 [email protected]
  - updated to version 2.2.3.1
    [CVE-2022-30123] Fix shell escaping issue in Common Logger
    [CVE-2022-30122] Restrict parsing of broken MIME attachments
* Thu Jun 18 2020 [email protected]
  - updated to version 2.2.3
    see installed CHANGELOG.md
    [#]# [2.2.3] - 2020-06-15
      [CVE-2020-8184] Only decode cookie values
* Tue Feb 18 2020 [email protected]
  - updated to version 2.2.2
    see installed CHANGELOG.md
    [#]# [2.2.2] - 2020-02-11
    [#]## Fixed
    - Fix incorrect Rack::Request#host value. ([#1591](https://github.com/rack/rack/pull/1591), [@ioquatix](https://github.com/ioquatix))
    - Revert Rack::Handler::Thin implementation. ([#1583](https://github.com/rack/rack/pull/1583), [@jeremyevans](https://github.com/jeremyevans))
    - Double assignment is still needed to prevent an "unused variable" warning. ([#1589](https://github.com/rack/rack/pull/1589), [@kamipo](https://github.com/kamipo))
    - Fix to handle same_site option for session pool. ([#1587](https://github.com/rack/rack/pull/1587), [@kamipo](https://github.com/kamipo))
* Mon Feb 10 2020 [email protected]
  - updated to version 2.2.1
    see installed CHANGELOG.md
    [#] Changelog
    All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
    [#]# [2.2.1] - 2020-02-09
    [#]## Fixed
    - Rework `Rack::Request#ip` to handle empty `forwarded_for`. ([#1577](https://github.com/rack/rack/pull/1577), [@ioquatix](https://github.com/ioquatix))
    [#]# [2.2.0] - 2020-02-08
    [#]## SPEC Changes
    - `rack.session` request environment entry must respond to `to_hash` and return unfrozen Hash. ([@jeremyevans](https://github.com/jeremyevans))
    - Request environment cannot be frozen. ([@jeremyevans](https://github.com/jeremyevans))
    - CGI values in the request environment with non-ASCII characters must use ASCII-8BIT encoding. ([@jeremyevans](https://github.com/jeremyevans))
    - Improve SPEC/lint relating to SERVER_NAME, SERVER_PORT and HTTP_HOST. ([#1561](https://github.com/rack/rack/pull/1561), [@ioquatix](https://github.com/ioquatix))
    [#]## Added
    - `rackup` supports multiple `-r` options and will require all arguments. ([@jeremyevans](https://github.com/jeremyevans))
    - `Server` supports an array of paths to require for the `:require` option. ([@khotta](https://github.com/khotta))
    - `Files` supports multipart range requests. ([@fatkodima](https://github.com/fatkodima))
    - `Multipart::UploadedFile` supports an IO-like object instead of using the filesystem, using `:filename` and `:io` options. ([@jeremyevans](https://github.com/jeremyevans))
    - `Multipart::UploadedFile` supports keyword arguments `:path`, `:content_type`, and `:binary` in addition to positional arguments. ([@jeremyevans](https://github.com/jeremyevans))
    - `Static` supports a `:cascade` option for calling the app if there is no matching file. ([@jeremyevans](https://github.com/jeremyevans))
    - `Session::Abstract::SessionHash#dig`. ([@jeremyevans](https://github.com/jeremyevans))
    - `Response.[]` and `MockResponse.[]` for creating instances using status, headers, and body. ([@ioquatix](https://github.com/ioquatix))
    - Convenient cache and content type methods for `Rack::Response`. ([#1555](https://github.com/rack/rack/pull/1555), [@ioquatix](https://github.com/ioquatix))
    [#]## Changed
    - `Request#params` no longer rescues EOFError. ([@jeremyevans](https://github.com/jeremyevans))
    - `Directory` uses a streaming approach, significantly improving time to first byte for large directories. ([@jeremyevans](https://github.com/jeremyevans))
    - `Directory` no longer includes a Parent directory link in the root directory index. ([@jeremyevans](https://github.com/jeremyevans))
    - `QueryParser#parse_nested_query` uses original backtrace when reraising exception with new class. ([@jeremyevans](https://github.com/jeremyevans))
    - `ConditionalGet` follows RFC 7232 precedence if both If-None-Match and If-Modified-Since headers are provided. ([@jeremyevans](https://github.com/jeremyevans))
    - `.ru` files supports the `frozen-string-literal` magic comment. ([@eregon](https://github.com/eregon))
    - Rely on autoload to load constants instead of requiring internal files, make sure to require 'rack' and not just 'rack/...'. ([@jeremyevans](https://github.com/jeremyevans))
    - `Etag` will continue sending ETag even if the response should not be cached. ([@henm](https://github.com/henm))
    - `Request#host_with_port` no longer includes a colon for a missing or empty port. ([@AlexWayfer](https://github.com/AlexWayfer))
    - All handlers uses keywords arguments instead of an options hash argument. ([@ioquatix](https://github.com/ioquatix))
    - `Files` handling of range requests no longer return a body that supports `to_path`, to ensure range requests are handled correctly. ([@jeremyevans](https://github.com/jeremyevans))
    - `Multipart::Generator` only includes `Content-Length` for files with paths, and `Content-Disposition` `filename` if the `UploadedFile` instance has one. ([@jeremyevans](https://github.com/jeremyevans))
    - `Request#ssl?` is true for the `wss` scheme (secure websockets). ([@jeremyevans](https://github.com/jeremyevans))
    - `Rack::HeaderHash` is memoized by default. ([#1549](https://github.com/rack/rack/pull/1549), [@ioquatix](https://github.com/ioquatix))
    - `Rack::Directory` allow directory traversal inside root directory. ([#1417](https://github.com/rack/rack/pull/1417), [@ThomasSevestre](https://github.com/ThomasSevestre))
    - Sort encodings by server preference. ([#1184](https://github.com/rack/rack/pull/1184), [@ioquatix](https://github.com/ioquatix), [@wjordan](https://github.com/wjordan))
    - Rework host/hostname/authority implementation in `Rack::Request`. `#host` and `#host_with_port` have been changed to correctly return IPv6 addresses formatted with square brackets, as defined by [RFC3986](https://tools.ietf.org/html/rfc3986#section-3.2.2). ([#1561](https://github.com/rack/rack/pull/1561), [@ioquatix](https://github.com/ioquatix))
    - `Rack::Builder` parsing options on first `#\` line is deprecated. ([#1574](https://github.com/rack/rack/pull/1574), [@ioquatix](https://github.com/ioquatix))
    [#]## Removed
    - `Directory#path` as it was not used and always returned nil. ([@jeremyevans](https://github.com/jeremyevans))
    - `BodyProxy#each` as it was only needed to work around a bug in Ruby <1.9.3. ([@jeremyevans](https://github.com/jeremyevans))
    - `URLMap::INFINITY` and `URLMap::NEGATIVE_INFINITY`, in favor of `Float::INFINITY`. ([@ch1c0t](https://github.com/ch1c0t))
    - Deprecation of `Rack::File`. It will be deprecated again in rack 2.2 or 3.0. ([@rafaelfranca](https://github.com/rafaelfranca))
    - Support for Ruby 2.2 as it is well past EOL. ([@ioquatix](https://github.com/ioquatix))
    - Remove `Rack::Files#response_body` as the implementation was broken. ([#1153](https://github.com/rack/rack/pull/1153), [@ioquatix](https://github.com/ioquatix))
    - Remove `SERVER_ADDR` which was never part of the original SPEC. ([#1573](https://github.com/rack/rack/pull/1573), [@ioquatix](https://github.com/ioquatix))
    [#]## Fixed
    - `Directory` correctly handles root paths containing glob metacharacters. ([@jeremyevans](https://github.com/jeremyevans))
    - `Cascade` uses a new response object for each call if initialized with no apps. ([@jeremyevans](https://github.com/jeremyevans))
    - `BodyProxy` correctly delegates keyword arguments to the body object on Ruby 2.7+. ([@jeremyevans](https://github.com/jeremyevans))
    - `BodyProxy#method` correctly handles methods delegated to the body object. ([@jeremyevans](https://github.com/jeremyevans))
    - `Request#host` and `Request#host_with_port` handle IPv6 addresses correctly. ([@AlexWayfer](https://github.com/AlexWayfer))
    - `Lint` checks when response hijacking that `rack.hijack` is called with a valid object. ([@jeremyevans](https://github.com/jeremyevans))
    - `Response#write` correctly updates `Content-Length` if initialized with a body. ([@jeremyevans](https://github.com/jeremyevans))
    - `CommonLogger` includes `SCRIPT_NAME` when logging. ([@Erol](https://github.com/Erol))
    - `Utils.parse_nested_query` correctly handles empty queries, using an empty instance of the params class instead of a hash. ([@jeremyevans](https://github.com/jeremyevans))
    - `Directory` correctly escapes paths in links. ([@yous](https://github.com/yous))
    - `Request#delete_cookie` and related `Utils` methods handle `:domain` and `:path` options in same call. ([@jeremyevans](https://github.com/jeremyevans))
    - `Request#delete_cookie` and related `Utils` methods do an exact match on `:domain` and `:path` options. ([@jeremyevans](https://github.com/jeremyevans))
    - `Static` no longer adds headers when a gzipped file request has a 304 response. ([@chooh](https://github.com/chooh))
    - `ContentLength` sets `Content-Length` response header even for bodies not responding to `to_ary`. ([@jeremyevans](https://github.com/jeremyevans))
    - Thin handler supports options passed directly to `Thin::Controllers::Controller`. ([@jeremyevans](https://github.com/jeremyevans))
    - WEBrick handler no longer ignores `:BindAddress` option. ([@jeremyevans](https://github.com/jeremyevans))
    - `ShowExceptions` handles invalid POST data. ([@jeremyevans](https://github.com/jeremyevans))
    - Basic authentication requires a password, even if the password is empty. ([@jeremyevans](https://github.com/jeremyevans))
    - `Lint` checks response is array with 3 elements, per SPEC. ([@jeremyevans](https://github.com/jeremyevans))
    - Support for using `:SSLEnable` option when using WEBrick handler. (Gregor Melhorn)
    - Close response body after buffering it when buffering. ([@ioquatix](https://github.com/ioquatix))
    - Only accept `;` as delimiter when parsing cookies. ([@mrageh](https://github.com/mrageh))
    - `Utils::HeaderHash#clear` clears the name mapping as well. ([@raxoft](https://github.com/raxoft))
    - Support for passing `nil` `Rack::Files.new`, which notably fixes Rails' current `ActiveStorage::FileServer` implementation. ([@ioquatix](https://github.com/ioquatix))
    [#]## Documentation
    - CHANGELOG updates. ([@aupajo](https://github.com/aupajo))
    - Added [CONTRIBUTING](CONTRIBUTING.md). ([@dblock](https://github.com/dblock))
* Wed Jan 29 2020 [email protected]
  - updated to version 2.1.2
* Mon Jan 27 2020 [email protected]
  - updated to version 2.1.1
    * Remove Rack::Chunked from Rack::Server default middleware. (#1475, @ioquatix)
    * Restore support for code relying on SessionId#to_s. (@jeremyevans)
  - non upstream changes
    * removed the modification of the permissions for test/cgi/test.gz
      during package build since it won't get installed anymore.
* Thu Dec 19 2019 [email protected]
  - updated to version 2.0.8
    * CVE-2019-16782: Possible information leak / session hijack vulnerability
* Sat Apr 06 2019 [email protected]
  - updated to version 2.0.7
    no changelog found
* Tue Nov 06 2018 [email protected]
  - update to 2.0.6:
    * CVE-2018-16471: cross-site scripting (XSS) flaw via the scheme
      method on Rack::Request (bsc#1114828)
* Mon Apr 23 2018 [email protected]
  - updated to version 2.0.5
    see installed HISTORY.md
* Mon Apr 16 2018 [email protected]
  - Only build against ruby versions 2.3.x, 2.4.x, and 2.5.x
  - Fix package build by removing the executable bit for 'test.gz' file in gem
* Thu Feb 08 2018 [email protected]
  - updated to version 2.0.4
    see installed HISTORY.md
* Tue Oct 31 2017 [email protected]
  - only build for 2.3+ from now
* Wed Jun 07 2017 [email protected]
  - re-add the rb_build_versions and rb_default_ruby_abi as otherwise
    building on older distros fails.
  - add ruby 2.4
* Thu Jun 01 2017 [email protected]
  - removed manual definition of rb_build_versions and rb_default_ruby_abi from gem2rpm.yml; recreated spec
* Tue May 23 2017 [email protected]
  - updated to version 2.0.3
    see installed HISTORY.md
* Wed Jul 06 2016 [email protected]
  - make build again by only building for 2.2 and newer
* Fri Jul 01 2016 [email protected]
  - updated to version 2.0.1
    see installed HISTORY.md
* Fri Jun 19 2015 [email protected]
  - updated to version 1.6.4
    see installed HISTORY.md
    Fri Jun 19 07:14:50 2015  Matthew Draper <[email protected]>
    * Work around a Rails incompatibility in our private API
* Wed Jun 17 2015 [email protected]
  - updated to version 1.6.2
    see installed HISTORY.md
    Fri Jun 12 11:37:41 2015  Aaron Patterson <[email protected]>
    * Prevent extremely deep parameters from being parsed. CVE-2015-3225
* Thu May 07 2015 [email protected]
  - updated to version 1.6.1
    no changelog found
* Fri Feb 06 2015 [email protected]
  - updated to version 1.6.0
* Sat Nov 01 2014 [email protected]
  - Fixed all rpmlintrc errors to prevent failing builds with
    multiple ruby versions
* Mon Sep 29 2014 [email protected]
  - added rpmlintrc to ignore the rackup shebang line in a test case
  - updated to new packaging scheme and add gem2rpm.yml
* Tue May 28 2013 [email protected]
  - new template version
* Tue Feb 12 2013 [email protected]
  - updated to version 1.5.2
    * February 7th, Thirty fifth public release 1.5.2
    * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
    * Fix CVE-2013-0262, symlink path traversal in Rack::File
    * Add various methods to Session for enhanced Rails compatibility
    * Request#trusted_proxy? now only matches whole stirngs
    * Add JSON cookie coder, to be default in Rack 1.6+ due to security concerns
    * URLMap host matching in environments that don't set the Host header fixed
    * Fix a race condition that could result in overwritten pidfiles
    * Various documentation additions
* Sun Feb 03 2013 [email protected]
  - updated to version 1.5.1
* Thu Jan 24 2013 [email protected]
  - update to version 1.5.0, remove suffix
    * Introduced hijack SPEC, for before-response and after-response hijacking
    * SessionHash is no longer a Hash subclass
    * Rack::File cache_control parameter is removed, in place of headers options
    * Rack::Auth::AbstractRequest#scheme now yields strings, not symbols
    * Rack::Utils cookie functions now format expires in RFC 2822 format
    * Rack::File now has a default mime type
    * rackup -b 'run Rack::File.new(".")', option provides command line configs
    * Rack::Deflater will no longer double encode bodies
    * Rack::Mime#match? provides convenience for Accept header matching
    * Rack::Utils#q_values provides splitting for Accept headers
    * Rack::Utils#best_q_match provides a helper for Accept headers
    * Rack::Handler.pick provides convenience for finding available servers
    * Puma added to the list of default servers (preferred over Webrick)
    * Various middleware now correctly close body when replacing it
    * Rack::Request#params is no longer persistent with only GET params
    * Rack::Request#update_param and #delete_param provide persistent operations
    * Rack::Request#trusted_proxy? now returns true for local unix sockets
    * Rack::Response no longer forces Content-Types
    * Rack::Sendfile provides local mapping configuration options
    * Rack::Utils#rfc2109 provides old netscape style time output
    * Updated HTTP status codes
    * Ruby 1.8.6 likely no longer passes tests, and is no longer fully supported
* Tue Jan 08 2013 [email protected]
  - updated to version 1.4.3
    * Add warnings when users do not provide a session secret
    * Fix parsing performance for unquoted filenames
    * Updated URI backports
    * Fix URI backport version matching, and silence constant warnings
    * Correct parameter parsing with empty values
    * Correct rackup '-I' flag, to allow multiple uses
    * Correct rackup pidfile handling
    * Report rackup line numbers correctly
    * Fix request loops caused by non-stale nonces with time limits
    * Fix reloader on Windows
    * Prevent infinite recursions from Response#to_ary
    * Various middleware better conforms to the body close specification
    * Updated language for the body close specification
    * Additional notes regarding ECMA escape compatibility issues
    * Fix the parsing of multiple ranges in range headers
    * Prevent errors from empty parameter keys
    * Added PATCH verb to Rack::Request
    * Various documentation updates
    * Fix session merge semantics (fixes rack-test)
    * Rack::Static :index can now handle multiple directories
    * All tests now utilize Rack::Lint (special thanks to Lars Gierth)
    * Rack::File cache_control parameter is now deprecated, and removed by 1.5
    * Correct Rack::Directory script name escaping
    * Rack::Static supports header rules for sophisticated configurations
    * Multipart parsing now works without a Content-Length header
    * New logos courtesy of Zachary Scott!
    * Rack::BodyProxy now explicitly defines #each, useful for C extensions
    * Cookies that are not URI escaped no longer cause exceptions
    * Security: Prevent unbounded reads in large multipart boundaries
* Tue Jul 31 2012 [email protected]
  - use new gem2rpm to provide new provisions
* Mon Apr 02 2012 [email protected]
  - Spec file cleanup:
    * Prepare for Factory submission
* Fri Mar 30 2012 [email protected]
  - handle /usr/bin/rackup via update-alternatives
* Thu Jan 26 2012 [email protected]
  - initial package of the 1.4 branch

Files

/usr/lib64/ruby/gems/3.4.0/build_info
/usr/lib64/ruby/gems/3.4.0/cache/rack-3.1.8.gem
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/CHANGELOG.md
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/CONTRIBUTING.md
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/MIT-LICENSE
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/README.md
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/SPEC.rdoc
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/auth
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/auth/abstract
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/auth/abstract/handler.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/auth/abstract/request.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/auth/basic.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/bad_request.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/body_proxy.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/builder.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/cascade.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/common_logger.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/conditional_get.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/config.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/constants.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/content_length.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/content_type.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/deflater.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/directory.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/etag.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/events.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/files.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/head.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/headers.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/lint.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/lock.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/logger.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/media_type.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/method_override.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/mime.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/mock.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/mock_request.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/mock_response.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/multipart
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/multipart.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/multipart/generator.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/multipart/parser.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/multipart/uploaded_file.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/null_logger.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/query_parser.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/recursive.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/reloader.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/request.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/response.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/rewindable_input.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/runtime.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/sendfile.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/show_exceptions.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/show_status.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/static.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/tempfile_reaper.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/urlmap.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/utils.rb
/usr/lib64/ruby/gems/3.4.0/gems/rack-3.1.8/lib/rack/version.rb
/usr/lib64/ruby/gems/3.4.0/specifications/rack-3.1.8.gemspec
/usr/share/doc/packages/ruby3.4-rubygem-rack
/usr/share/doc/packages/ruby3.4-rubygem-rack/CHANGELOG.md
/usr/share/doc/packages/ruby3.4-rubygem-rack/MIT-LICENSE
/usr/share/doc/packages/ruby3.4-rubygem-rack/README.md

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Feb 22 00:24:36 2025