debian/0000755000000000000000000000000012256057524007176 5ustar debian/compat0000644000000000000000000000000211747237257010403 0ustar 7 debian/changelog0000644000000000000000000001456112256056636011062 0ustar ruby-actionpack-3.2 (3.2.16-3) unstable; urgency=medium * Fix invalid gemspec data in patch (again) debian/patches/0001-loosen_sprockets_dependency.patch: the problem was that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a floating point number, but version numbers are supposed to be strings! So the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed as a string. Closes: #732805 * debian/patches/0004-allow_newer_versions.patch: refresh -- Antonio Terceiro Wed, 18 Dec 2013 18:01:29 -0300 ruby-actionpack-3.2 (3.2.16-2) unstable; urgency=high * Allow to depend on ruby-rack (<< 1.4) to make backports easier -- Ondřej Surý Fri, 06 Dec 2013 10:55:12 +0100 ruby-actionpack-3.2 (3.2.16-1) unstable; urgency=high * New upstream version 3.2.16 * Update debian/control to rails release 3.2.16 -- Ondřej Surý Wed, 04 Dec 2013 17:40:28 +0100 ruby-actionpack-3.2 (3.2.13-9) unstable; urgency=low * Tighten rack dependency to 1.4 only. (Closes: #711236) -- Christian Hofstaedtler Mon, 02 Dec 2013 23:17:48 +0100 ruby-actionpack-3.2 (3.2.13-8) unstable; urgency=low Team upload. [ Praveen Arimbrathodiyil ] * require minitest instead of test/unit debian/patches/port-to-minitest.patch [ Antonio Terceiro ] * Bump debian revision number * Fix test session to work with Rack 1.5 * Add proper headers to rack 1.5 patch [ Praveen Arimbrathodiyil ] * port to minitest [ Christian Hofstaedtler ] * Add alternative dependency on ruby-rack1.4 * Update Standards-Version to 3.9.5 (no changes) -- Christian Hofstaedtler Mon, 02 Dec 2013 21:31:36 +0100 ruby-actionpack-3.2 (3.2.13-7) unstable; urgency=low [ Christian Hofstaedtler ] * Bump journey, sprockets dependency to match gem metadata * Allow newer versions of various dependencies * Fix format of debian-copyright (missing-license-paragraph-in-dep5-copyright) -- Antonio Terceiro Mon, 03 Jun 2013 22:06:15 -0300 ruby-actionpack-3.2 (3.2.13-6) unstable; urgency=low * Bump Standards-Version to 3.9.4; no changes needed. * update debian/control.in to reflect changes in debian/control * Fix invalid gemspec data in patch debian/patches/0001-loosen_sprockets_dependency.patch: the problem was that when 2.2.1 is replaced by 2.2, the YAML parser thinks that 2.2 is a floating point number, but version numbers are supposed to be strings! So the fix is to put quote around the 2.2 ('2.2'), forcing it to be parsed as a string. (Closes: #710819) -- Antonio Terceiro Sun, 02 Jun 2013 17:14:18 -0300 ruby-actionpack-3.2 (3.2.13-5) unstable; urgency=low * Upload to unstable. -- Ondřej Surý Thu, 23 May 2013 11:10:30 +0200 ruby-actionpack-3.2 (3.2.13-4) experimental; urgency=low * Remove all unneeded ruby/rails build dependencies, and drop ${shlib:Depends}. -- Ondřej Surý Fri, 22 Mar 2013 14:28:35 +0100 ruby-actionpack-3.2 (3.2.13-3) experimental; urgency=low * Loosen install time dependencies to allow faster builds -- Ondřej Surý Thu, 21 Mar 2013 15:15:28 +0100 ruby-actionpack-3.2 (3.2.13-2) unstable; urgency=low * Pull fix for a speed regression from https://github.com/rails/rails/issues/9803 -- Ondřej Surý Wed, 20 Mar 2013 18:49:16 +0100 ruby-actionpack-3.2 (3.2.13-1) unstable; urgency=low * Imported Upstream version 3.2.13 * Update debian/control to rails release 3.2.13 * Update patches for 3.2.13 release -- Ondřej Surý Tue, 19 Mar 2013 10:18:44 +0100 ruby-actionpack-3.2 (3.2.12-1) unstable; urgency=low * Imported Upstream version 3.2.12 * Update debian/control to rails release 3.2.12 -- Ondřej Surý Tue, 12 Feb 2013 17:39:14 +0100 ruby-actionpack-3.2 (3.2.11-1) unstable; urgency=low * Imported Upstream version 3.2.11 -- Ondřej Surý Tue, 15 Jan 2013 14:41:49 +0100 ruby-actionpack-3.2 (3.2.8-1) unstable; urgency=low * Imported Upstream version 3.2.8 * Loosen sprockets dependency to ~> 2.1 -- Ondřej Surý Fri, 12 Oct 2012 12:53:20 +0200 ruby-actionpack-3.2 (3.2.6-6) unstable; urgency=high * [CVE-2013-1855]: Fix XSS vulnerability in sanitize_css in Action Pack * [CVE-2013-1857]: Fix XSS Vulnerability in the sanitize helper of Ruby on Rails -- Ondřej Surý Tue, 19 Mar 2013 09:45:34 +0100 ruby-actionpack-3.2 (3.2.6-5) unstable; urgency=high * debian/patches/CVE-2013-0155.patch: fix Unsafe Query Generation Risk [CVE-2013-0155] (Closes: #697802) -- Antonio Terceiro Wed, 09 Jan 2013 18:25:45 -0300 ruby-actionpack-3.2 (3.2.6-4) unstable; urgency=high * Add patches for security problems (Closes: #684454): + CVE-2012-3463 - Ruby on Rails Potential XSS Vulnerability in select_tag prompt + CVE-2012-3465 - XSS Vulnerability in strip_tags + Both patches were edited from their original versions in two ways: - the leading a/ and b/ from the filenames were stripped - changes over test files were removed, since the Debian package contains no test files. -- Antonio Terceiro Fri, 10 Aug 2012 13:08:08 -0300 ruby-actionpack-3.2 (3.2.6-3) unstable; urgency=high * Add patch by Aaron Patterson for CVE-2012-3424 (Closes: #683370) -- Antonio Terceiro Sat, 04 Aug 2012 09:28:12 -0300 ruby-actionpack-3.2 (3.2.6-2) unstable; urgency=low * Bump build dependency to gem2deb >= 0.3.0~ -- Antonio Terceiro Sun, 24 Jun 2012 19:06:43 -0300 ruby-actionpack-3.2 (3.2.6-1) unstable; urgency=low * New upstream release. * debian/control: + review short description + add myself to Uploaders: -- Antonio Terceiro Sat, 16 Jun 2012 21:15:28 -0300 ruby-actionpack-3.2 (3.2.3-2) unstable; urgency=low * Add Conflict with ruby-actionpack-2.3 (Closes: #673737) * B-D ruby-activerecord-3.2 and ruby-activesupport-3.2 are already in unstable (Closes: #671986) -- Ondřej Surý Wed, 23 May 2012 13:03:07 +0200 ruby-actionpack-3.2 (3.2.3-1) unstable; urgency=low * Initial release -- Ondřej Surý Wed, 25 Apr 2012 09:14:01 +0000 debian/ruby-actionpack-3.2.docs0000644000000000000000000000001411747237257013445 0ustar README.rdoc debian/copyright0000644000000000000000000000264612153236376011141 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: activesupport Upstream-Contact: David Heinemeier Hansson Source: http://rubygems.org/gems/activesupport Files: * Copyright: Copyright 2004 David Heinemeier Hansson License: Expat Files: debian/* Copyright: Copyright 2011 Ondřej Surý License: Expat License: Expat Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. debian/control0000644000000000000000000000247112256057523010604 0ustar Source: ruby-actionpack-3.2 Section: ruby Priority: optional Maintainer: Debian Ruby Extras Maintainers Uploaders: Ondřej Surý , Antonio Terceiro , Build-Depends: debhelper (>= 7.0.50~), gem2deb (>= 0.3.0~) Standards-Version: 3.9.5 Vcs-Git: git://anonscm.debian.org/pkg-ruby-extras/ruby-actionpack-3.2.git Vcs-Browser: http://anonscm.debian.org/gitweb?p=pkg-ruby-extras/ruby-actionpack-3.2.git;a=summary Homepage: http://www.rubyonrails.org XS-Ruby-Versions: all Package: ruby-actionpack-3.2 Architecture: all XB-Ruby-Versions: ${ruby:Versions} Depends: ${misc:Depends}, ruby | ruby-interpreter, ruby-activesupport-3.2 (>= 3.2.16), ruby-activemodel-3.2 (>= 3.2.16), ruby-activerecord-3.2 (>= 3.2.16), ruby-rack-cache (>= 1.2~), ruby-rack (<< 1.5) | ruby-rack1.4, ruby-rack-test (>= 0.6.1~), ruby-journey (>= 1.0.4~), ruby-sprockets (>= 2.2~), ruby-builder (>= 3.0.0), ruby-erubis (>= 2.7.0~), ruby-tzinfo (>= 0.3.29~) Conflicts: ruby-actionpack-2.3 Description: web-flow and rendering framework putting the VC in MVC (part of Rails) Action Pack is a framework for web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server. debian/rules0000755000000000000000000000133311747237257010265 0ustar #!/usr/bin/make -f #export DH_VERBOSE=1 # # Uncomment to ignore all test failures (but the tests will run anyway) #export DH_RUBY_IGNORE_TESTS=all # # Uncomment to ignore some test failures (but the tests will run anyway). # Valid values: #export DH_RUBY_IGNORE_TESTS=ruby1.8 ruby1.9.1 require-rubygems # # If you need to specify the .gemspec (eg there is more than one) #export DH_RUBY_GEMSPEC=gem.gemspec RAILS_VERSION=$(shell sed -n "s/^ version: //p" metadata.yml) %: dh $@ --buildsystem=ruby --with ruby override_dh_testdir: debian/control dh_testdir debian/control: debian/control.in metadata.yml sed -e "s/@RAILS_VERSION@/$(RAILS_VERSION)/" >$@ <$< override_dh_installchangelogs: dh_installchangelogs CHANGELOG.md debian/source/0000755000000000000000000000000011747237257010505 5ustar debian/source/format0000644000000000000000000000001411747237257011713 0ustar 3.0 (quilt) debian/watch0000644000000000000000000000015111747237257010233 0ustar version=3 http://pkg-ruby-extras.alioth.debian.org/cgi-bin/gemwatch/actionpack .*/actionpack-(.*).tar.gz debian/patches/0000755000000000000000000000000012254407170010617 5ustar debian/patches/0004-allow_newer_versions.patch0000644000000000000000000000257612254407170016501 0ustar --- a/metadata.yml +++ b/metadata.yml @@ -56,14 +56,14 @@ dependencies: name: builder requirement: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: 3.0.0 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: 3.0.0 - !ruby/object:Gem::Dependency @@ -112,14 +112,14 @@ dependencies: name: sprockets requirement: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: '2.2' type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: '2.2' - !ruby/object:Gem::Dependency @@ -140,14 +140,14 @@ dependencies: name: tzinfo requirement: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: 0.3.29 type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: 0.3.29 description: Web apps on Rails. Simple, battle-tested conventions for building and debian/patches/0003-allow_newer_rack_versions.patch0000644000000000000000000000077712254406022017474 0ustar --- ruby-actionpack-3.2.orig/metadata.yml +++ ruby-actionpack-3.2/metadata.yml @@ -70,14 +70,14 @@ dependencies: name: rack requirement: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: 1.4.5 type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - - "~>" + - - ">=" - !ruby/object:Gem::Version version: 1.4.5 - !ruby/object:Gem::Dependency debian/patches/series0000644000000000000000000000022212254406022012023 0ustar 0001-loosen_sprockets_dependency.patch 0003-allow_newer_rack_versions.patch 0004-allow_newer_versions.patch rack-1.5.patch port-to-minitest.patch debian/patches/rack-1.5.patch0000644000000000000000000000170612254406022013060 0ustar Description: fix test session code to work with Rack 1.5 Author: Carlos Antonio da Silva + Santiago Pastorino Reviewed-By: Antonio Terceiro Comment: This patch is based on the upstream commit by Carlos Antonio da Silva that migrated Rails 4.0 to Rack 1.5: https://github.com/rails/rails/commit/7d624e0e8cfa3adffd8f475e3588d83f3b367c24 --- ruby-actionpack-3.2.orig/lib/action_controller/test_case.rb +++ ruby-actionpack-3.2/lib/action_controller/test_case.rb @@ -240,13 +240,24 @@ module ActionController def initialize(session = {}) super(nil, nil) - replace(session.stringify_keys) + @id = SecureRandom.hex(16) + @data = stringify_keys(session) @loaded = true end def exists? true end + + def destroy + clear + end + + private + + def load! + @id + end end # Superclass for ActionController functional tests. Functional tests allow you to debian/patches/port-to-minitest.patch0000644000000000000000000000102512155710206015071 0ustar Description: use minitest instead of test/unit Author: Praveen Arimbrathodiyil Source: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709431#20 Last-update: 2013-06-05 --- a/lib/action_dispatch/testing/integration.rb +++ b/lib/action_dispatch/testing/integration.rb @@ -4,7 +4,7 @@ require 'active_support/core_ext/object/inclusion' require 'active_support/core_ext/object/try' require 'rack/test' -require 'test/unit/assertions' +require 'minitest' module ActionDispatch module Integration #:nodoc: debian/patches/0001-loosen_sprockets_dependency.patch0000644000000000000000000000102712254406273020013 0ustar --- ruby-actionpack-3.2.orig/metadata.yml +++ ruby-actionpack-3.2/metadata.yml @@ -114,14 +114,14 @@ dependencies: requirements: - - "~>" - !ruby/object:Gem::Version - version: 2.2.1 + version: '2.2' type: :runtime prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - "~>" - !ruby/object:Gem::Version - version: 2.2.1 + version: '2.2' - !ruby/object:Gem::Dependency name: erubis requirement: !ruby/object:Gem::Requirement debian/control.in0000644000000000000000000000252412254406022011176 0ustar Source: ruby-actionpack-3.2 Section: ruby Priority: optional Maintainer: Debian Ruby Extras Maintainers Uploaders: Ondřej Surý , Antonio Terceiro , Build-Depends: debhelper (>= 7.0.50~), gem2deb (>= 0.3.0~) Standards-Version: 3.9.5 Vcs-Git: git://anonscm.debian.org/pkg-ruby-extras/ruby-actionpack-3.2.git Vcs-Browser: http://anonscm.debian.org/gitweb?p=pkg-ruby-extras/ruby-actionpack-3.2.git;a=summary Homepage: http://www.rubyonrails.org XS-Ruby-Versions: all Package: ruby-actionpack-3.2 Architecture: all XB-Ruby-Versions: ${ruby:Versions} Depends: ${misc:Depends}, ruby | ruby-interpreter, ruby-activesupport-3.2 (>= @RAILS_VERSION@), ruby-activemodel-3.2 (>= @RAILS_VERSION@), ruby-activerecord-3.2 (>= @RAILS_VERSION@), ruby-rack-cache (>= 1.2~), ruby-rack (<< 1.5) | ruby-rack1.4, ruby-rack-test (>= 0.6.1~), ruby-journey (>= 1.0.4~), ruby-sprockets (>= 2.2~), ruby-builder (>= 3.0.0), ruby-erubis (>= 2.7.0~), ruby-tzinfo (>= 0.3.29~) Conflicts: ruby-actionpack-2.3 Description: web-flow and rendering framework putting the VC in MVC (part of Rails) Action Pack is a framework for web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server. debian/gbp.conf0000644000000000000000000000023412151737407010613 0ustar [DEFAULT] pristine-tar = True sign-tags = True # there are separate branches for stable and experimental upstream-branch = upstream debian-branch = master