[pkgsrc/trunk]: pkgsrc/www/ruby-mechanize Update ruby-mechanize to 2.4.

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/ruby-mechanize Update ruby-mechanize to 2.4.
From: taca <taca%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 12:19:39 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/4dc293552c0c
branches:  trunk
changeset: 603172:4dc293552c0c
user:      taca <taca%pkgsrc.org@localhost>
date:      Sun Apr 29 16:11:17 2012 +0000

description:
Update ruby-mechanize to 2.4.

=== 2.4

* Security fix:

  Mechanize#auth and Mechanize#basic_auth allowed disclosure of passwords to
  malicious servers and have been removed.

  In prior versions of mechanize only one set of HTTP authentication
  credentials were allowed for all connections.  If a mechanize instance
  connected to more than one server then a malicious server detecting
  mechanize could ask for HTTP Basic authentication.  This would expose the
  username and password intended only for one server.

  Mechanize#auth and Mechanize#basic_auth now warn when used.

  To fix the warning switch to Mechanize#add_auth which requires at the URI
  the credentials are intended for, the username and the password.
  Optionally an HTTP authentication realm or NTLM domain may be provided.

* Minor enhancement
  * Improved exception messages for 401 Unauthorized responses.  Mechanize now
    tells you if you were missing credentials, had an incorrect password, etc.

diffstat:

 www/ruby-mechanize/Makefile |  12 ++++++------
 www/ruby-mechanize/PLIST    |   4 +++-
 www/ruby-mechanize/distinfo |   8 ++++----
 3 files changed, 13 insertions(+), 11 deletions(-)

diffs (67 lines):

diff -r 1f1d9f775e97 -r 4dc293552c0c www/ruby-mechanize/Makefile
--- a/www/ruby-mechanize/Makefile       Sun Apr 29 16:09:34 2012 +0000
+++ b/www/ruby-mechanize/Makefile       Sun Apr 29 16:11:17 2012 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.7 2012/03/01 01:24:48 minskim Exp $
+# $NetBSD: Makefile,v 1.8 2012/04/29 16:11:17 taca Exp $
 
-DISTNAME=      mechanize-2.3
+DISTNAME=      mechanize-2.4
 CATEGORIES=    www
 
 MAINTAINER=    minskim%NetBSD.org@localhost
@@ -10,12 +10,12 @@
 
 PKG_DESTDIR_SUPPORT=   user-destdir
 
-DEPENDS+=      ${RUBY_PKGPREFIX}-domain_name>=0.5.1:../../net/ruby-domain_name
-DEPENDS+=      ${RUBY_PKGPREFIX}-mime-types>=1.17:../../mail/ruby-mime-types
+DEPENDS+=      ${RUBY_PKGPREFIX}-domain_name>=0.5<1:../../net/ruby-domain_name
+DEPENDS+=      ${RUBY_PKGPREFIX}-mime-types>=1.17<2:../../mail/ruby-mime-types
 DEPENDS+=      ${RUBY_PKGPREFIX}-net-http-digest_auth>=1.1<2:../../www/ruby-net-http-digest_auth
-DEPENDS+=      ${RUBY_PKGPREFIX}-net-http-persistent>=2.5:../../www/ruby-net-http-persistent
+DEPENDS+=      ${RUBY_PKGPREFIX}-net-http-persistent>=2.5<3:../../www/ruby-net-http-persistent
 DEPENDS+=      ${RUBY_PKGPREFIX}-nokogiri>=1.4<2:../../textproc/ruby-nokogiri
-DEPENDS+=      ${RUBY_PKGPREFIX}-ntlm-http>=0.1.1:../../www/ruby-ntlm-http
+DEPENDS+=      ${RUBY_PKGPREFIX}-ntlm-http>=0.1<1:../../www/ruby-ntlm-http
 DEPENDS+=      ${RUBY_PKGPREFIX}-webrobots>=0.0<1:../../www/ruby-webrobots
 
 .include "../../lang/ruby/gem.mk"
diff -r 1f1d9f775e97 -r 4dc293552c0c www/ruby-mechanize/PLIST
--- a/www/ruby-mechanize/PLIST  Sun Apr 29 16:09:34 2012 +0000
+++ b/www/ruby-mechanize/PLIST  Sun Apr 29 16:11:17 2012 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.7 2012/03/01 01:24:48 minskim Exp $
+@comment $NetBSD: PLIST,v 1.8 2012/04/29 16:11:17 taca Exp $
 ${GEM_HOME}/cache/${GEM_NAME}.gem
 ${GEM_LIBDIR}/.autotest
 ${GEM_LIBDIR}/.gemtest
@@ -49,6 +49,7 @@
 ${GEM_LIBDIR}/lib/mechanize/http/agent.rb
 ${GEM_LIBDIR}/lib/mechanize/http/auth_challenge.rb
 ${GEM_LIBDIR}/lib/mechanize/http/auth_realm.rb
+${GEM_LIBDIR}/lib/mechanize/http/auth_store.rb
 ${GEM_LIBDIR}/lib/mechanize/http/content_disposition_parser.rb
 ${GEM_LIBDIR}/lib/mechanize/http/www_authenticate_parser.rb
 ${GEM_LIBDIR}/lib/mechanize/image.rb
@@ -148,6 +149,7 @@
 ${GEM_LIBDIR}/test/test_mechanize_http_agent.rb
 ${GEM_LIBDIR}/test/test_mechanize_http_auth_challenge.rb
 ${GEM_LIBDIR}/test/test_mechanize_http_auth_realm.rb
+${GEM_LIBDIR}/test/test_mechanize_http_auth_store.rb
 ${GEM_LIBDIR}/test/test_mechanize_http_content_disposition_parser.rb
 ${GEM_LIBDIR}/test/test_mechanize_http_www_authenticate_parser.rb
 ${GEM_LIBDIR}/test/test_mechanize_image.rb
diff -r 1f1d9f775e97 -r 4dc293552c0c www/ruby-mechanize/distinfo
--- a/www/ruby-mechanize/distinfo       Sun Apr 29 16:09:34 2012 +0000
+++ b/www/ruby-mechanize/distinfo       Sun Apr 29 16:11:17 2012 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.6 2012/03/01 01:24:48 minskim Exp $
+$NetBSD: distinfo,v 1.7 2012/04/29 16:11:17 taca Exp $
 
-SHA1 (mechanize-2.3.gem) = 316c852afcc832ed7b3be6893ec5ca11870c4c0a
-RMD160 (mechanize-2.3.gem) = 46d6e26c7e925605a9c9a60617f70ffc922a8770
-Size (mechanize-2.3.gem) = 121856 bytes
+SHA1 (mechanize-2.4.gem) = f98030962922b13af1d8a61086ed25efbb335b3b
+RMD160 (mechanize-2.4.gem) = 71a1d805e8cf0c5052f96533f57dcf629e0df72d
+Size (mechanize-2.4.gem) = 124928 bytes

Prev by Date: [pkgsrc/trunk]: pkgsrc/emulators Fix build with gtk2>=2.20.
Next by Date: [pkgsrc/trunk]: pkgsrc/net/yaz Update to 4.0.9:
Previous by Thread: [pkgsrc/trunk]: pkgsrc/emulators Fix build with gtk2>=2.20.
Next by Thread: [pkgsrc/trunk]: pkgsrc/net/yaz Update to 4.0.9:
Indexes:

Home | Main Index | Thread Index | Old Index