Skip to content

Commit d7221b0

Browse files
chadlwilsonchadlwilson
authored
Merge pull request #297 from chadlwilson/1.2.x-fix-rails71-csrf
[backport 1.2.x] Fix Rails 7.1 CSRF token support
2 parents 7e82c73 + 1a8c066 commit d7221b0

File tree

181 files changed

+182
-3400
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

181 files changed

+182
-3400
lines changed

.github/workflows/maven.yml

Lines changed: 6 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -2,14 +2,14 @@ name: Java CI
22

33
on:
44
push:
5-
branches: [ "master", "*release*", "*stable*" ]
5+
branches: [ "master", "*-stable" ]
66
pull_request:
7-
branches: [ "master", "*release*", "*stable*" ]
7+
branches: [ "master", "*-stable" ]
88

99
env:
1010
# Default versions for canonical release build
1111
DEFAULT_JAVA_VERSION: '8'
12-
DEFAULT_JRUBY_VERSION: '9.4.12.1' # Should match pom.xml <jruby.version> property (AND a version inside the test matrix)
12+
DEFAULT_JRUBY_VERSION: '9.4.13.0' # Should match pom.xml <jruby.version> property (AND a version inside the test matrix)
1313

1414
jobs:
1515
build:
@@ -18,15 +18,8 @@ jobs:
1818

1919
strategy:
2020
matrix:
21-
jruby_version: [ '9.3.15.0', '9.4.12.1' ] # , '10.0.0.1'
21+
jruby_version: [ '9.3.15.0', '9.4.13.0' ]
2222
java_version: [ '8', '11', '17', '21' ]
23-
exclude:
24-
- jruby_version: '10.0.0.1'
25-
java_version: '8' # JRuby 10 requires Java 21
26-
- jruby_version: '10.0.0.1'
27-
java_version: '11' # JRuby 10 requires Java 21
28-
- jruby_version: '10.0.0.1'
29-
java_version: '17' # JRuby 10 requires Java 21
3023
fail-fast: false
3124

3225
steps:
@@ -54,7 +47,7 @@ jobs:
5447

5548
strategy:
5649
matrix:
57-
jruby_version: [ '9.3.15.0', '9.4.12.1' ] # , '10.0.0.1'
50+
jruby_version: [ '9.3.15.0', '9.4.13.0' ]
5851
java_version: [ '8', '11', '17', '21' ]
5952
appraisal: [ 'rails50', 'rails52', 'rails60', 'rails61', 'rails70', 'rails71', 'rails72' ]
6053
exclude:
@@ -64,12 +57,6 @@ jobs:
6457
appraisal: 'rails71' # Requires Ruby 2.7 compatibility, which JRuby 9.3 does not support
6558
- jruby_version: '9.3.15.0'
6659
appraisal: 'rails72' # Requires Ruby 3.1 compatibility, which JRuby 9.3 does not support
67-
- jruby_version: '10.0.0.1'
68-
java_version: '8' # JRuby 10 requires Java 21
69-
- jruby_version: '10.0.0.1'
70-
java_version: '11' # JRuby 10 requires Java 21
71-
- jruby_version: '10.0.0.1'
72-
java_version: '17' # JRuby 10 requires Java 21
7360
fail-fast: false
7461

7562
env:
@@ -87,7 +74,7 @@ jobs:
8774
cache: maven
8875

8976
- name: Setup JRuby
90-
uses: ruby/setup-ruby@13e7a03dc3ac6c3798f4570bfead2aed4d96abfb # v1.244.0
77+
uses: ruby/setup-ruby@a4effe49ee8ee5b8b5091268c473a4628afb5651 # v1.245.0
9178
with:
9279
ruby-version: jruby-${{ matrix.jruby_version }}
9380
bundler-cache: 'false' # Need to install later so we can vary from Gemfile.lock as required for JRuby version compatibility

Gemfile.lock

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,13 +6,13 @@ GEM
66
rake
77
thor (>= 0.14.0)
88
diff-lcs (1.6.2)
9-
rack (2.2.16)
9+
rack (2.2.17)
1010
rake (13.3.0)
1111
rspec (3.13.1)
1212
rspec-core (~> 3.13.0)
1313
rspec-expectations (~> 3.13.0)
1414
rspec-mocks (~> 3.13.0)
15-
rspec-core (3.13.4)
15+
rspec-core (3.13.5)
1616
rspec-support (~> 3.13.0)
1717
rspec-expectations (3.13.5)
1818
diff-lcs (>= 1.2.0, < 2.0)

History.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,11 @@
11
## 1.2.4 (UNRELEASED)
22

3-
- update (bundled) rack to 2.2.16
3+
- update (bundled) rack to 2.2.17
4+
- Fix Rails 7.1 CSRF protection when working with `JavaServletStore` sessions
45

56
## 1.2.3
67

7-
- avoid warnings due usage of `File.exists?`
8+
- avoid warnings due to usage of `File.exists?`
89
- Fix Rails 7.1 compatibility by ensuring active_support is required before railtie
910
- Workaround logger require issues with concurrent-ruby 1.3.5 and older Rails versions
1011
- Workaround NameError frozen string literal issues with JRuby 9.3 and Rails 5.2/6.0

Rakefile

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,6 @@ module JRubyJars
143143
end
144144
require jruby_rack_jar_path if defined?(JRUBY_VERSION)
145145
end
146-
require 'jruby/rack/version' # @deprecated to be removed in 1.2
147146
}
148147
end
149148
end

gemfiles/rails50.gemfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
source "https://rubygems.org"
44

5-
gem "rake", "~> 13.2", group: :test, require: nil
5+
gem "rake", "~> 13.3", group: :test, require: nil
66
gem "rspec", group: :test
77
gem "rails", "~> 5.0.0"
88

gemfiles/rails50.gemfile.lock

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ GEM
6565
method_source (1.1.0)
6666
mini_mime (1.1.5)
6767
minitest (5.25.5)
68-
net-imap (0.5.8)
68+
net-imap (0.5.9)
6969
date
7070
net-protocol
7171
net-pop (0.1.2)
@@ -78,7 +78,7 @@ GEM
7878
nokogiri (1.18.8-java)
7979
racc (~> 1.4)
8080
racc (1.8.1-java)
81-
rack (2.2.15)
81+
rack (2.2.17)
8282
rack-test (0.6.3)
8383
rack (>= 1.0)
8484
rails (5.0.7.2)
@@ -93,7 +93,7 @@ GEM
9393
bundler (>= 1.3.0)
9494
railties (= 5.0.7.2)
9595
sprockets-rails (>= 2.0.0)
96-
rails-dom-testing (2.2.0)
96+
rails-dom-testing (2.3.0)
9797
activesupport (>= 5.0.0)
9898
minitest
9999
nokogiri (>= 1.6)
@@ -106,20 +106,20 @@ GEM
106106
method_source
107107
rake (>= 0.8.7)
108108
thor (>= 0.18.1, < 2.0)
109-
rake (13.2.1)
110-
rspec (3.13.0)
109+
rake (13.3.0)
110+
rspec (3.13.1)
111111
rspec-core (~> 3.13.0)
112112
rspec-expectations (~> 3.13.0)
113113
rspec-mocks (~> 3.13.0)
114-
rspec-core (3.13.3)
114+
rspec-core (3.13.5)
115115
rspec-support (~> 3.13.0)
116-
rspec-expectations (3.13.4)
116+
rspec-expectations (3.13.5)
117117
diff-lcs (>= 1.2.0, < 2.0)
118118
rspec-support (~> 3.13.0)
119-
rspec-mocks (3.13.4)
119+
rspec-mocks (3.13.5)
120120
diff-lcs (>= 1.2.0, < 2.0)
121121
rspec-support (~> 3.13.0)
122-
rspec-support (3.13.3)
122+
rspec-support (3.13.4)
123123
sprockets (4.2.2)
124124
concurrent-ruby (~> 1.0)
125125
logger
@@ -147,8 +147,8 @@ DEPENDENCIES
147147
appraisal
148148
rack (~> 2.2)
149149
rails (~> 5.0.0)
150-
rake (~> 13.2)
150+
rake (~> 13.3)
151151
rspec
152152

153153
BUNDLED WITH
154-
2.3.27
154+
2.6.3

gemfiles/rails52.gemfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
source "https://rubygems.org"
44

5-
gem "rake", "~> 13.2", group: :test, require: nil
5+
gem "rake", "~> 13.3", group: :test, require: nil
66
gem "rspec", group: :test
77
gem "rails", "~> 5.2.0"
88

gemfiles/rails52.gemfile.lock

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ GEM
4747
rake
4848
thor (>= 0.14.0)
4949
arel (9.0.0)
50-
base64 (0.2.0)
50+
base64 (0.3.0)
5151
builder (3.3.0)
5252
concurrent-ruby (1.3.5)
5353
crass (1.0.6)
@@ -71,7 +71,7 @@ GEM
7171
method_source (1.1.0)
7272
mini_mime (1.1.5)
7373
minitest (5.25.5)
74-
net-imap (0.5.8)
74+
net-imap (0.5.9)
7575
date
7676
net-protocol
7777
net-pop (0.1.2)
@@ -84,7 +84,7 @@ GEM
8484
nokogiri (1.18.8-java)
8585
racc (~> 1.4)
8686
racc (1.8.1-java)
87-
rack (2.2.15)
87+
rack (2.2.17)
8888
rack-test (2.2.0)
8989
rack (>= 1.3)
9090
rails (5.2.8.1)
@@ -100,7 +100,7 @@ GEM
100100
bundler (>= 1.3.0)
101101
railties (= 5.2.8.1)
102102
sprockets-rails (>= 2.0.0)
103-
rails-dom-testing (2.2.0)
103+
rails-dom-testing (2.3.0)
104104
activesupport (>= 5.0.0)
105105
minitest
106106
nokogiri (>= 1.6)
@@ -113,20 +113,20 @@ GEM
113113
method_source
114114
rake (>= 0.8.7)
115115
thor (>= 0.19.0, < 2.0)
116-
rake (13.2.1)
117-
rspec (3.13.0)
116+
rake (13.3.0)
117+
rspec (3.13.1)
118118
rspec-core (~> 3.13.0)
119119
rspec-expectations (~> 3.13.0)
120120
rspec-mocks (~> 3.13.0)
121-
rspec-core (3.13.3)
121+
rspec-core (3.13.5)
122122
rspec-support (~> 3.13.0)
123-
rspec-expectations (3.13.4)
123+
rspec-expectations (3.13.5)
124124
diff-lcs (>= 1.2.0, < 2.0)
125125
rspec-support (~> 3.13.0)
126-
rspec-mocks (3.13.4)
126+
rspec-mocks (3.13.5)
127127
diff-lcs (>= 1.2.0, < 2.0)
128128
rspec-support (~> 3.13.0)
129-
rspec-support (3.13.3)
129+
rspec-support (3.13.4)
130130
sprockets (4.2.2)
131131
concurrent-ruby (~> 1.0)
132132
logger
@@ -140,7 +140,7 @@ GEM
140140
timeout (0.4.3)
141141
tzinfo (1.2.11)
142142
thread_safe (~> 0.1)
143-
websocket-driver (0.7.7-java)
143+
websocket-driver (0.8.0-java)
144144
base64
145145
websocket-extensions (>= 0.1.0)
146146
websocket-extensions (0.1.5)
@@ -155,8 +155,8 @@ DEPENDENCIES
155155
appraisal
156156
rack (~> 2.2)
157157
rails (~> 5.2.0)
158-
rake (~> 13.2)
158+
rake (~> 13.3)
159159
rspec
160160

161161
BUNDLED WITH
162-
2.3.27
162+
2.6.3

gemfiles/rails60.gemfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
source "https://rubygems.org"
44

5-
gem "rake", "~> 13.2", group: :test, require: nil
5+
gem "rake", "~> 13.3", group: :test, require: nil
66
gem "rspec", group: :test
77
gem "rails", "~> 6.0.0"
88

gemfiles/rails60.gemfile.lock

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ GEM
6060
bundler
6161
rake
6262
thor (>= 0.14.0)
63-
base64 (0.2.0)
63+
base64 (0.3.0)
6464
builder (3.3.0)
6565
concurrent-ruby (1.3.5)
6666
crass (1.0.6)
@@ -84,7 +84,7 @@ GEM
8484
method_source (1.1.0)
8585
mini_mime (1.1.5)
8686
minitest (5.25.5)
87-
net-imap (0.5.8)
87+
net-imap (0.5.9)
8888
date
8989
net-protocol
9090
net-pop (0.1.2)
@@ -97,7 +97,7 @@ GEM
9797
nokogiri (1.18.8-java)
9898
racc (~> 1.4)
9999
racc (1.8.1-java)
100-
rack (2.2.15)
100+
rack (2.2.17)
101101
rack-test (2.2.0)
102102
rack (>= 1.3)
103103
rails (6.0.6.1)
@@ -115,7 +115,7 @@ GEM
115115
bundler (>= 1.3.0)
116116
railties (= 6.0.6.1)
117117
sprockets-rails (>= 2.0.0)
118-
rails-dom-testing (2.2.0)
118+
rails-dom-testing (2.3.0)
119119
activesupport (>= 5.0.0)
120120
minitest
121121
nokogiri (>= 1.6)
@@ -128,20 +128,20 @@ GEM
128128
method_source
129129
rake (>= 0.8.7)
130130
thor (>= 0.20.3, < 2.0)
131-
rake (13.2.1)
132-
rspec (3.13.0)
131+
rake (13.3.0)
132+
rspec (3.13.1)
133133
rspec-core (~> 3.13.0)
134134
rspec-expectations (~> 3.13.0)
135135
rspec-mocks (~> 3.13.0)
136-
rspec-core (3.13.3)
136+
rspec-core (3.13.5)
137137
rspec-support (~> 3.13.0)
138-
rspec-expectations (3.13.4)
138+
rspec-expectations (3.13.5)
139139
diff-lcs (>= 1.2.0, < 2.0)
140140
rspec-support (~> 3.13.0)
141-
rspec-mocks (3.13.4)
141+
rspec-mocks (3.13.5)
142142
diff-lcs (>= 1.2.0, < 2.0)
143143
rspec-support (~> 3.13.0)
144-
rspec-support (3.13.3)
144+
rspec-support (3.13.4)
145145
sprockets (4.2.2)
146146
concurrent-ruby (~> 1.0)
147147
logger
@@ -155,11 +155,11 @@ GEM
155155
timeout (0.4.3)
156156
tzinfo (1.2.11)
157157
thread_safe (~> 0.1)
158-
websocket-driver (0.7.7-java)
158+
websocket-driver (0.8.0-java)
159159
base64
160160
websocket-extensions (>= 0.1.0)
161161
websocket-extensions (0.1.5)
162-
zeitwerk (2.7.2)
162+
zeitwerk (2.6.18)
163163

164164
PLATFORMS
165165
universal-java-1.8
@@ -171,8 +171,8 @@ DEPENDENCIES
171171
appraisal
172172
rack (~> 2.2)
173173
rails (~> 6.0.0)
174-
rake (~> 13.2)
174+
rake (~> 13.3)
175175
rspec
176176

177177
BUNDLED WITH
178-
2.3.27
178+
2.6.3

0 commit comments

Comments
 (0)