# Generated from actionpack-1.13.5.gem by gem2rpm -*- rpm-spec -*-
%global gemname actionpack
%global gemdir %(ruby -rubygems -e 'puts Gem::dir' 2>/dev/null)
%global geminstdir %{gemdir}/gems/%{gemname}-%{version}
%global rubyabi 1.8
Summary: Web-flow and rendering framework putting the VC in MVC
Name: rubygem-%{gemname}
Epoch: 1
Version: 3.0.10
Release: 10%{?dist}
Group: Development/Languages
License: MIT
URL: http://www.rubyonrails.org
Source0: http://rubygems.org/downloads/actionpack-%{version}.gem
# The actionpack gem doesn't ship with the upstream Rakefile
Source1: http://github.com/rails/rails/raw/v%{version}/%{gemname}/Rakefile
# Also the actionpack gem doesn't ship with the test suite.
# You may check it out like so
# git clone http://github.com/rails/rails.git
# cd rails/actionpack/
# git checkout v3.0.10
# tar czvf actionpack-3.0.10-tests.tgz test/
Source2: actionpack-%{version}-tests.tgz
Patch0: rubygem-actionpack-enable-test.patch
# Remove a task which breaks the Rakefile due to the gemspec
# not being present in the gem
Patch1: actionpack-rakefile-fix.patch
# Removes code which breaks the test suite due to a
# dependency on a file in the greater rails proj
Patch2: actionpack-tests-fix.patch
Patch3: actionpack-downgrade-dependencies.patch
# Fixes RHBZ #755006
Patch4: actionpack-CVE-2011-4319-XSS-flaw.patch
# Fixes tests failing with Ruby-1.8.7.p357
Patch5: actionpack-%{version}-fix-tests-failing-with-ruby-1.8.7.p357.patch
# Fixes CVE-2012-1098
# https://bugzilla.redhat.com/show_bug.cgi?id=799275
Patch6: actionpack-CVE-2012-1098-safe-buffer-slice.patch
# Fixes CVE-2012-1099
# https://bugzilla.redhat.com/show_bug.cgi?id=799276
Patch7: actionpack-CVE-2012-1099-select-options-XSS.patch
# Fixes CVE-2012-2660
# https://bugzilla.redhat.com/show_bug.cgi?id=827353
Patch8: actionpack-3.0.13-CVE-2012-2660-strip-nil-from-parameters-hash.patch
# Fixes CVE-2012-2694
# https://bugzilla.redhat.com/show_bug.cgi?id=831581
Patch9: atcionpack-3.0.15-CVE-2012-2694-array-parameters-should-not-contain-nil-values.patch
# Fixes CVE-2012-3424
# https://bugzilla.redhat.com/show_bug.cgi?id=843711
Patch10: actionpack-3.0.16-Do-not-convert-digest-auth-strings-to-symbols.-CVE-2.patch
# CVE-2012-3463
# https://bugzilla.redhat.com/show_bug.cgi?id=847196
Patch11: actionpack-3.0.17-CVE-2012-3463-escape-select_tag-prompt-values.patch
# CVE-2012-3464
# https://bugzilla.redhat.com/show_bug.cgi?id=847199
Patch12: actionpack-3.0.17-CVE-2012-3464-html_escape-should-escape-single-quotes.patch
Patch13: actionpack-3.0.17-CVE-2012-3464-Fix-tests-about-single-quote-escaping.patch
# CVE-2012-3465
# https://bugzilla.redhat.com/show_bug.cgi?id=847200
Patch14: actionpack-3.0.17-CVE-2012-3465-Do-not-mark-strip_tags-result-as-html_safe.patch
# CVE-2013-0155
# https://bugzilla.redhat.com/show_bug.cgi?id=892866
Patch15: rubygem-actionpack-3.0.19-CVE-2013-0155-null_array_param.patch
Requires: ruby(rubygems)
Requires: rubygem(activesupport) = %{version}
Requires: rubygem(activemodel) = %{version}
Requires: rubygem(builder) = 2.1.2
Requires: rubygem(i18n) >= 0.5.0
Requires: rubygem(rack) >= 1.0.0
Requires: rubygem(rack-test)
Requires: rubygem(rack-mount)
Requires: rubygem(tzinfo) >= 0.3.23
Requires: rubygem(erubis) >= 2.6.5
Requires: rubygem(erubis) < 2.7.0
Requires: ruby(abi) = %{rubyabi}
BuildRequires: rubygems
BuildRequires: rubygem(rake)
BuildRequires: rubygem(mocha) >= 0.9.7
BuildRequires: rubygem(activesupport) = %{version}
BuildRequires: rubygem(activemodel) = %{version}
BuildRequires: rubygem(activerecord) = %{version}
BuildRequires: rubygem(sqlite3)
BuildRequires: rubygem(builder) = 2.1.2
BuildRequires: rubygem(i18n) >= 0.5.0
BuildRequires: rubygem(rack) >= 1.0.0
BuildRequires: rubygem(rack-test)
BuildRequires: rubygem(rack-mount)
BuildRequires: rubygem(tzinfo) >= 0.3.23
BuildRequires: rubygem(erubis) >= 2.6.5
BuildRequires: rubygem(erubis) < 2.7.0
BuildArch: noarch
Provides: rubygem(%{gemname}) = %{version}
%description
Eases web-request routing, handling, and response as a half-way front,
half-way page controller. Implemented with specific emphasis on enabling easy
unit/integration testing that doesn't require a browser.
%prep
%setup -q -c -T
mkdir -p .%{gemdir}
gem install --local --install-dir .%{gemdir} \
-V \
--force --rdoc %{SOURCE0}
# forcely modify gemspec for rack dependency
sed -i -e '/rack/s|~>|>=|' \
./%{gemdir}/specifications/*gemspec
# move the Rakefile in place
cp %{SOURCE1} .%{geminstdir}
# move the tests into place
tar xzvf %{SOURCE2} -C .%{geminstdir}
pushd .%{geminstdir}
%patch0 -p0
%patch1 -p0
%patch2 -p0
%patch4 -p2
%patch5 -p2
%patch6 -p2
%patch7 -p2
%patch8 -p2
%patch9 -p2
%patch10 -p2
%patch11 -p2
%patch12 -p2
%patch13 -p2
%patch14 -p2
%patch15 -p2
# create missing symlink
pushd test/fixtures/layout_tests/layouts/
ln -sf ../../symlink_parent/ symlinked
popd
popd
pushd .%{gemdir}
%patch3 -p0
popd
# Remove backup files
# No! these are needed for rake test
# find ./%{geminstdir} -type f -name "*~" -delete
# Delete zero-length files
# No! these are also needed for rake test
# find ./%{geminstdir} -type f -size 0c -exec rm -rvf {} \;
# Fix anything executable that does not have a shebang
for file in `find ./%{geminstdir} -type f -perm /a+x`; do
[ -z "`head -n 1 $file | grep \"^#!/\"`" ] && chmod -v 644 $file
done
# Find files with a shebang that do not have executable permissions
for file in `find ./%{geminstdir} -type f ! -perm /a+x -name "*.rb"`; do
[ ! -z "`head -n 1 $file | grep \"^#!/\"`" ] && chmod -v 755 $file
done
%build
%install
mkdir -p %{buildroot}%{gemdir}
cp -a .%{gemdir}/* %{buildroot}%{gemdir}
%clean
rm -rf %{buildroot}
%check
# Don't pollute /tmp, it won't be cleaned up after build
rm -rf ./tmpdir
mkdir ./tmpdir
export TMPDIR=$(pwd)/tmpdir
pushd .%{geminstdir}
# dependency loop
# depends on actionmailer, while actionmailer has BR(check): actionpack
mv test/controller/assert_select_test.rb \
test/controller/assert_select_test.rb.skip
# Now as far as I checked rake test succeeds.
rake test --trace
%files
%defattr(-, root, root, -)
%dir %{geminstdir}
%doc %{geminstdir}/CHANGELOG
%{geminstdir}/lib
%doc %{geminstdir}/MIT-LICENSE
%{geminstdir}/Rakefile
%doc %{geminstdir}/README.rdoc
%doc %{geminstdir}/test/
%doc %{gemdir}/doc/%{gemname}-%{version}
%{gemdir}/cache/%{gemname}-%{version}.gem
%{gemdir}/specifications/%{gemname}-%{version}.gemspec
%changelog
* Thu Jan 10 2013 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-6
- Fix for CVE-2013-0155.
* Mon Aug 13 2012 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-9
- Fixes for CVE-2012-3463, CVE-2012-3464 and CVE-2012-3465.
* Tue Jul 31 2012 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-8
- Fix for CVE-2012-3424.
* Mon Jun 18 2012 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-7
- Fix for CVE-2012-2694.
* Mon Jun 04 2012 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-6
- Fix for CVE-2012-2660.
* Fri Mar 16 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 1:3.0.10-5
- Fix the wrongly named patches.
* Fri Mar 16 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 1:3.0.10-4
- The CVE patches names now contain the CVE id.
* Tue Mar 06 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 1:3.0.10-3
- Fix for CVE-2012-1098.
- Fix for CVE-2012-1099.
* Tue Jan 17 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 1:3.0.10-2
- Security fix for XSS flaw, RHBZ #755006 (CVE-2011-4319)
- Patch for tests failing with Ruby-1.8.7.p357.
* Mon Aug 22 2011 Vít Ondruch <vondruch@redhat.com> - 1:3.0.10-1
- Update to ActionPack 3.0.10
* Mon Jul 04 2011 Vít Ondruch <vondruch@redhat.com> - 1:3.0.9-1
- Update to ActionPack 3.0.9
* Thu Jun 16 2011 Mo Morsi <mmorsi@redhat.com> - 1:3.0.5-3
- Include fix for CVE-2011-2197
* Fri Jun 03 2011 Vít Ondruch <vondruch@redhat.com> - 1:3.0.5-2
- Removed regin and multimap dependencies. They were added into rack-mount
where they actually belongs.
* Fri Mar 25 2011 Vít Ondruch <vondruch@redhat.com> - 1:3.0.5-1
- Updated to ActionPack 3.0.5
* Wed Feb 16 2011 Vít Ondruch <vondruch@redhat.com> - 1:3.0.3-4
- Relaxed erubis dependency
- Fixed build compatibility with RubyGems 1.5
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:3.0.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Feb 07 2011 Mohammed Morsi <mmorsi@redhat.com> - 1:3.0.3-2
- changelog fixes
* Mon Jan 10 2011 Mohammed Morsi <mmorsi@redhat.com> - 1:3.0.3-1
- Update to rails 3
* Thu Aug 12 2010 Mohammed Morsi <mmorsi@redhat.com> - 1:2.3.8-2
- Bumped actionpack rack dependency to version 1.1.0
* Mon Aug 09 2010 Mohammed Morsi <mmorsi@redhat.com> - 1:2.3.8-1
- Update to 2.3.8
* Mon May 17 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1:2.3.5-2
- Set TMPDIR environment at %%check to make it sure all files created
during rpmbuild are cleaned up
* Thu Jan 28 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1:2.3.5-1
- Update to 2.3.5
* Fri Jan 8 2010 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 1:2.3.4-4
- Workaround patch to fix for rack 1.1.0 dependency (bug 552972)
* Thu Dec 10 2009 David Lutterkort <lutter@redhat.com> - 1:2.3.4-3
- Patch for CVE-2009-4214 (bz 542786)
* Wed Oct 7 2009 David Lutterkort <lutter@redhat.com> - 1:2.3.4-2
- Bump Epoch to ensure upgrade path from F-11
* Sun Sep 20 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 2.3.4-1
- Update to 2.3.4 (bug 520843, CVE-2009-3009)
- Fix tests
* Sun Aug 2 2009 Mamoru Tasaka <mtasaka@ioa.s.u-tokyo.ac.jp> - 2.3.3-1
- 2.3.3
- Enable test (some tests fail, please someone investigate!!)
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Mon Mar 16 2009 Jeroen van Meeuwen <j.van.meeuwen@ogd.nl> - 2.3.2-1
- New upstream version
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Tue Dec 23 2008 David Lutterkort <lutter@redhat.com> - 2.2.2-1
- New version
* Tue Sep 16 2008 David Lutterkort <dlutter@redhat.com> - 2.1.1-1
- New version (fixes CVE-2008-4094)
* Thu Jul 31 2008 Michael Stahnke <stahnma@fedoraproject.org> - 2.1.0-1
- New Upstream
* Tue Apr 8 2008 David Lutterkort <dlutter@redhat.com> - 2.0.2-2
- Fix dependency
* Mon Apr 07 2008 David Lutterkort <dlutter@redhat.com> - 2.0.2-1
- New version
* Mon Dec 10 2007 David Lutterkort <dlutter@redhat.com> - 2.0.1-1
- New version
* Thu Nov 29 2007 David Lutterkort <dlutter@redhat.com> - 1.13.6-1
- New version
* Tue Nov 14 2007 David Lutterkort <dlutter@redhat.com> - 1.13.5-2
- Fix buildroot; mark docs in geminstdir cleanly
* Tue Oct 30 2007 David Lutterkort <dlutter@redhat.com> - 1.13.5-1
- Initial package