Merge pull request #14962 from Homebrew/dependabot/bundler/Library/Homebrew/rack-3.0.6.1

build(deps): bump rack from 3.0.4.2 to 3.0.6.1 in /Library/Homebrew

Library/Homebrew/Gemfile.lock

@@ -92,7 +92,7 @@ GEM
       method_source (~> 1.0)
     public_suffix (5.0.1)
     racc (1.6.2)
-    rack (3.0.4.2)
+    rack (3.0.6.1)
     rainbow (3.1.1)
     rbi (0.0.14)
       ast

Library/Homebrew/sorbet/rbi/gems/rack@3.0.6.1.rbi

@@ -695,6 +695,18 @@ Rack::Multipart::MULTIPART_CONTENT_TYPE = T.let(T.unsafe(nil), Regexp)
 class Rack::Multipart::MultipartPartLimitError < ::Errno::EMFILE; end
 class Rack::Multipart::MultipartTotalPartLimitError < ::StandardError; end
 
+class Rack::Multipart::ParamList
+  def initialize; end
+
+  def <<(pair); end
+  def to_params_hash; end
+
+  class << self
+    def make_params; end
+    def normalize_params(params, key, value); end
+  end
+end
+
 class Rack::Multipart::Parser
   def initialize(boundary, tempfile, bufsize, query_parser); end
 
@@ -846,18 +858,20 @@ class Rack::QueryParser
   def initialize(params_class, _key_space_limit = T.unsafe(nil), param_depth_limit); end
 
   def make_params; end
+  def missing_value; end
   def new_depth_limit(param_depth_limit); end
   def normalize_params(params, name, v, _depth = T.unsafe(nil)); end
   def param_depth_limit; end
   def parse_nested_query(qs, separator = T.unsafe(nil)); end
   def parse_query(qs, separator = T.unsafe(nil), &unescaper); end
+  def split_query(qs, separator = T.unsafe(nil), &unescaper); end
 
   private
 
   def _normalize_params(params, name, v, depth); end
   def params_hash_has_key?(hash, key); end
   def params_hash_type?(obj); end
-  def unescape(s); end
+  def unescape(string, encoding = T.unsafe(nil)); end
 
   class << self
     def make_default(_key_space_limit = T.unsafe(nil), param_depth_limit); end
@@ -894,8 +908,10 @@ Rack::RACK_REQUEST_COOKIE_STRING = T.let(T.unsafe(nil), String)
 Rack::RACK_REQUEST_FORM_ERROR = T.let(T.unsafe(nil), String)
 Rack::RACK_REQUEST_FORM_HASH = T.let(T.unsafe(nil), String)
 Rack::RACK_REQUEST_FORM_INPUT = T.let(T.unsafe(nil), String)
+Rack::RACK_REQUEST_FORM_PAIRS = T.let(T.unsafe(nil), String)
 Rack::RACK_REQUEST_FORM_VARS = T.let(T.unsafe(nil), String)
 Rack::RACK_REQUEST_QUERY_HASH = T.let(T.unsafe(nil), String)
+Rack::RACK_REQUEST_QUERY_PAIRS = T.let(T.unsafe(nil), String)
 Rack::RACK_REQUEST_QUERY_STRING = T.let(T.unsafe(nil), String)
 Rack::RACK_RESPONSE_FINISHED = T.let(T.unsafe(nil), String)
 Rack::RACK_SESSION = T.let(T.unsafe(nil), String)
@@ -983,6 +999,7 @@ module Rack::Request::Helpers
   def authority; end
   def base_url; end
   def body; end
+  def body_param_list; end
   def content_charset; end
   def content_length; end
   def content_type; end
@@ -1015,6 +1032,7 @@ module Rack::Request::Helpers
   def port; end
   def post?; end
   def put?; end
+  def query_param_list; end
   def query_string; end
   def referer; end
   def referrer; end
@@ -1041,6 +1059,7 @@ module Rack::Request::Helpers
 
   def allowed_scheme(header); end
   def default_session; end
+  def expand_params(pairs, query_parser = T.unsafe(nil)); end
   def forwarded_priority; end
   def forwarded_scheme; end
   def get_http_forwarded(token); end
@@ -1051,6 +1070,7 @@ module Rack::Request::Helpers
   def reject_trusted_ip_addresses(ip_addresses); end
   def split_authority(authority); end
   def split_header(value); end
+  def split_query(query, d = T.unsafe(nil)); end
   def wrap_ipv6(host); end
   def x_forwarded_proto_priority; end
 end

Library/Homebrew/vendor/bundle/bundler/setup.rb

@@ -83,7 +83,7 @@ $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version
 $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/patchelf-1.4.0/lib")
 $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/plist-3.7.0/lib")
 $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/pry-0.14.2/lib")
-$:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/rack-3.0.4.2/lib")
+$:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/rack-3.0.6.1/lib")
 $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/unparser-0.6.4/lib")
 $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/gems/rbi-0.0.14/lib")
 $:.unshift File.expand_path("#{__dir__}/../#{RUBY_ENGINE}/#{Gem.ruby_api_version}/extensions/universal-darwin-21/#{Gem.extension_api_version}/rdiscount-2.2.7")

Library/Homebrew/vendor/bundle/ruby/2.6.0/gems/rack-3.0.6.1/lib/rack.rb

@@ -41,6 +41,7 @@ module Rack
   autoload :MethodOverride, "rack/method_override"
   autoload :Mime, "rack/mime"
   autoload :NullLogger, "rack/null_logger"
+  autoload :QueryParser, "rack/query_parser"
   autoload :Recursive, "rack/recursive"
   autoload :Reloader, "rack/reloader"
   autoload :RewindableInput, "rack/rewindable_input"

Library/Homebrew/vendor/bundle/ruby/2.6.0/gems/rack-3.0.6.1/lib/rack/constants.rb

@@ -54,11 +54,13 @@ module Rack
   RACK_RESPONSE_FINISHED              = 'rack.response_finished'
   RACK_REQUEST_FORM_INPUT             = 'rack.request.form_input'
   RACK_REQUEST_FORM_HASH              = 'rack.request.form_hash'
+  RACK_REQUEST_FORM_PAIRS             = 'rack.request.form_pairs'
   RACK_REQUEST_FORM_VARS              = 'rack.request.form_vars'
   RACK_REQUEST_FORM_ERROR             = 'rack.request.form_error'
   RACK_REQUEST_COOKIE_HASH            = 'rack.request.cookie_hash'
   RACK_REQUEST_COOKIE_STRING          = 'rack.request.cookie_string'
   RACK_REQUEST_QUERY_HASH             = 'rack.request.query_hash'
+  RACK_REQUEST_QUERY_PAIRS            = 'rack.request.query_pairs'
   RACK_REQUEST_QUERY_STRING           = 'rack.request.query_string'
   RACK_METHODOVERRIDE_ORIGINAL_METHOD = 'rack.methodoverride.original_method'
 end

Library/Homebrew/vendor/bundle/ruby/2.6.0/gems/rack-3.0.6.1/lib/rack/multipart.rb

@@ -13,6 +13,31 @@ module Rack
   module Multipart
     MULTIPART_BOUNDARY = "AaB03x"
 
+    # Accumulator for multipart form data, conforming to the QueryParser API.
+    # In future, the Parser could return the pair list directly, but that would
+    # change its API.
+    class ParamList # :nodoc:
+      def self.make_params
+        new
+      end
+
+      def self.normalize_params(params, key, value)
+        params << [key, value]
+      end
+
+      def initialize
+        @pairs = []
+      end
+
+      def <<(pair)
+        @pairs << pair
+      end
+
+      def to_params_hash
+        @pairs
+      end
+    end
+
     class << self
       def parse_multipart(env, params = Rack::Utils.default_query_parser)
         io = env[RACK_INPUT]

Library/Homebrew/vendor/bundle/ruby/2.6.0/gems/rack-3.0.6.1/lib/rack/query_parser.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'uri'
+
 module Rack
   class QueryParser
     DEFAULT_SEP = /[&] */n
@@ -37,19 +39,42 @@ module Rack
       @param_depth_limit = param_depth_limit
     end
 
-    # Stolen from Mongrel, with some small modifications:
+    # Originally stolen from Mongrel, now with some modifications:
     # Parses a query string by breaking it up at the '&'.  You can also use this
     # to parse cookies by changing the characters used in the second parameter
     # (which defaults to '&').
-    def parse_query(qs, separator = nil, &unescaper)
+    #
+    # Returns an array of 2-element arrays, where the first element is the
+    # key and the second element is the value.
+    def split_query(qs, separator = nil, &unescaper)
+      pairs = []
+
+      if qs && !qs.empty?
         unescaper ||= method(:unescape)
 
+        qs.split(separator ? (COMMON_SEP[separator] || /[#{separator}] */n) : DEFAULT_SEP).each do |p|
+          next if p.empty?
+          pair = p.split('=', 2).map!(&unescaper)
+          pair << nil if pair.length == 1
+          pairs << pair
+        end
+      end
+
+      pairs
+    rescue ArgumentError => e
+      raise InvalidParameterError, e.message, e.backtrace
+    end
+
+    # Parses a query string by breaking it up at the '&'.  You can also use this
+    # to parse cookies by changing the characters used in the second parameter
+    # (which defaults to '&').
+    #
+    # Returns a hash where each value is a string (when a key only appears once)
+    # or an array of strings (when a key appears more than once).
+    def parse_query(qs, separator = nil, &unescaper)
       params = make_params
 
-      (qs || '').split(separator ? (COMMON_SEP[separator] || /[#{separator}] */n) : DEFAULT_SEP).each do |p|
-        next if p.empty?
-        k, v = p.split('=', 2).map!(&unescaper)
-
+      split_query(qs, separator, &unescaper).each do |k, v|
         if cur = params[k]
           if cur.class == Array
             params[k] << v
@@ -61,7 +86,7 @@ module Rack
         end
       end
 
-      return params.to_h
+      params.to_h
     end
 
     # parse_nested_query expands a query string into structural types. Supported
@@ -72,17 +97,11 @@ module Rack
     def parse_nested_query(qs, separator = nil)
       params = make_params
 
-      unless qs.nil? || qs.empty?
-        (qs || '').split(separator ? (COMMON_SEP[separator] || /[#{separator}] */n) : DEFAULT_SEP).each do |p|
-          k, v = p.split('=', 2).map! { |s| unescape(s) }
-
+      split_query(qs, separator).each do |k, v|
         _normalize_params(params, k, v, 0)
       end
-      end
 
-      return params.to_h
-    rescue ArgumentError => e
-      raise InvalidParameterError, e.message, e.backtrace
+      params.to_h
     end
 
     # normalize_params recursively expands parameters into structural types. If
@@ -94,6 +113,14 @@ module Rack
       _normalize_params(params, name, v, 0)
     end
 
+    # This value is used by default when a parameter is missing (nil). This
+    # usually happens when a parameter is specified without an `=value` part.
+    # The default value is an empty string, but this can be overridden by
+    # subclasses.
+    def missing_value
+      String.new
+    end
+
     private def _normalize_params(params, name, v, depth)
       raise ParamsTooDeepError if depth >= param_depth_limit
 
@@ -128,7 +155,7 @@ module Rack
 
       return if k.empty?
 
-      v ||= String.new
+      v ||= missing_value
 
       if after == ''
         if k == '[]' && depth != 0
@@ -190,8 +217,8 @@ module Rack
       true
     end
 
-    def unescape(s)
-      Utils.unescape(s)
+    def unescape(string, encoding = Encoding::UTF_8)
+      URI.decode_www_form_component(string, encoding)
     end
 
     class Params

Library/Homebrew/vendor/bundle/ruby/2.6.0/gems/rack-3.0.6.1/lib/rack/request.rb

@@ -483,11 +483,22 @@ module Rack
       # Returns the data received in the query string.
       def GET
         if get_header(RACK_REQUEST_QUERY_STRING) == query_string
-          get_header(RACK_REQUEST_QUERY_HASH)
+          if query_hash = get_header(RACK_REQUEST_QUERY_HASH)
+            return query_hash
+          end
+        end
+
+        set_header(RACK_REQUEST_QUERY_HASH, expand_params(query_param_list))
+      end
+
+      def query_param_list
+        if get_header(RACK_REQUEST_QUERY_STRING) == query_string
+          get_header(RACK_REQUEST_QUERY_PAIRS)
         else
-          query_hash = parse_query(query_string, '&')
-          set_header(RACK_REQUEST_QUERY_STRING, query_string)
-          set_header(RACK_REQUEST_QUERY_HASH, query_hash)
+          query_pairs = split_query(query_string, '&')
+          set_header RACK_REQUEST_QUERY_STRING, query_string
+          set_header RACK_REQUEST_QUERY_HASH, nil
+          set_header(RACK_REQUEST_QUERY_PAIRS, query_pairs)
         end
       end
 
@@ -496,32 +507,53 @@ module Rack
       # This method support both application/x-www-form-urlencoded and
       # multipart/form-data.
       def POST
+        if get_header(RACK_REQUEST_FORM_INPUT).equal?(get_header(RACK_INPUT))
+          if form_hash = get_header(RACK_REQUEST_FORM_HASH)
+            return form_hash
+          end
+        end
+
+        set_header(RACK_REQUEST_FORM_HASH, expand_params(body_param_list))
+      end
+
+      def body_param_list
         if error = get_header(RACK_REQUEST_FORM_ERROR)
           raise error.class, error.message, cause: error.cause
         end
 
         begin
-          if get_header(RACK_INPUT).nil?
-            raise "Missing rack.input"
-          elsif get_header(RACK_REQUEST_FORM_INPUT) == get_header(RACK_INPUT)
-            get_header(RACK_REQUEST_FORM_HASH)
+          rack_input = get_header(RACK_INPUT)
+
+          form_pairs = nil
+
+          # If the form data has already been memoized from the same
+          # input:
+          if get_header(RACK_REQUEST_FORM_INPUT).equal?(rack_input)
+            if form_pairs = get_header(RACK_REQUEST_FORM_PAIRS)
+              return form_pairs
+            end
+          end
+
+          if rack_input.nil?
+            form_pairs = []
           elsif form_data? || parseable_data?
-            unless set_header(RACK_REQUEST_FORM_HASH, parse_multipart)
-              form_vars = get_header(RACK_INPUT).read
+            unless form_pairs = Rack::Multipart.extract_multipart(self, Rack::Multipart::ParamList)
+              form_vars = rack_input.read
 
               # Fix for Safari Ajax postings that always append \0
               # form_vars.sub!(/\0\z/, '') # performance replacement:
               form_vars.slice!(-1) if form_vars.end_with?("\0")
 
               set_header RACK_REQUEST_FORM_VARS, form_vars
-              set_header RACK_REQUEST_FORM_HASH, parse_query(form_vars, '&')
+              form_pairs = split_query(form_vars, '&')
             end
-            set_header RACK_REQUEST_FORM_INPUT, get_header(RACK_INPUT)
-            get_header RACK_REQUEST_FORM_HASH
           else
-            set_header RACK_REQUEST_FORM_INPUT, get_header(RACK_INPUT)
-            set_header(RACK_REQUEST_FORM_HASH, {})
+            form_pairs = []
           end
+
+          set_header RACK_REQUEST_FORM_INPUT, rack_input
+          set_header RACK_REQUEST_FORM_HASH, nil
+          set_header(RACK_REQUEST_FORM_PAIRS, form_pairs)
         rescue => error
           set_header(RACK_REQUEST_FORM_ERROR, error)
           raise
@@ -634,8 +666,8 @@ module Rack
       end
 
       def parse_http_accept_header(header)
-        header.to_s.split(/\s*,\s*/).map do |part|
-          attribute, parameters = part.split(/\s*;\s*/, 2)
+        header.to_s.split(",").each(&:strip!).map do |part|
+          attribute, parameters = part.split(";", 2).each(&:strip!)
           quality = 1.0
           if parameters and /\Aq=([\d.]+)/ =~ parameters
             quality = $1.to_f
@@ -661,6 +693,28 @@ module Rack
         Rack::Multipart.extract_multipart(self, query_parser)
       end
 
+      def split_query(query, d = '&')
+        query_parser = query_parser()
+        unless query_parser.respond_to?(:split_query)
+          query_parser = Utils.default_query_parser
+          unless query_parser.respond_to?(:split_query)
+            query_parser = QueryParser.make_default(0)
+          end
+        end
+
+        query_parser.split_query(query, d)
+      end
+
+      def expand_params(pairs, query_parser = query_parser())
+        params = query_parser.make_params
+
+        pairs.each do |key, value|
+          query_parser.normalize_params(params, key, value)
+        end
+
+        params.to_params_hash
+      end
+
       def split_header(value)
         value ? value.strip.split(/[,\s]+/) : []
       end

Library/Homebrew/vendor/bundle/ruby/2.6.0/gems/rack-3.0.6.1/lib/rack/version.rb

@@ -25,7 +25,7 @@ module Rack
     VERSION
   end
 
-  RELEASE = "3.0.4.2"
+  RELEASE = "3.0.6.1"
 
   # Return the Rack release as a dotted string.
   def self.release