about summary refs log tree commit homepage
path: root/rainbows.gemspec
DateCommit message (Collapse)
2016-11-17support rack 2.x
This requires updating to unicorn 5.1+ to relax the rack requirement. Unlike unicorn, Rainbows! is considerably larger and cannot function without rack installed. There were no code changes required to pass the test suite; but some other optional gems needed to be updated for testing. Support for async_sinatra is no longer tested as that is tied to rack 1.x; but the remaining EventMachine-dependent parts remain tested. Thanks to Julia López Aladro for reminding us on the mailing list: https://bogomips.org/rainbows-public/CAPhSs6OAU+motd+MF=WOSek9==StLjEQJsNwAO3-aRWCZzhs=g@mail.gmail.com/
2016-01-09doc: bump olddoc to ~> 1.2 for extra NNTP URLs
I forgot to add any NNTP servers to our .olddoc.yml :x nntp://news.public-inbox.org/inbox.comp.lang.ruby.rainbows nntp://news.gmane.org/gmane.comp.lang.ruby.rainbows.general Not advertising additional HTTP-based URLs just yet. They could contain images/frames/JS/CSS and add unnecessary clutter to the footer. NNTP puts the client in control of UI.
2015-11-21bump to unicorn 5.0.1, use monotonic clock
The timeout (mis)feature in unicorn uses the monotonic clock if available. We must follow suit to avoid having our timeout functionality completely broken.
2015-10-19gemspec: use SPDX-compatible license for GPL-2.0+
Current versions of RubyGems still complains about the '+' is valid according to: http://spdx.org/licenses
2015-01-13gemspec: fix bad reference to rdoc_options
olddoc does not need or use this
2015-01-10switch docs + website to olddoc
wrongdoc was difficult to maintain because of the tidy-ffi dependency and the HTML5 changes in Darkfish could not be handled well by Tidy. olddoc is superior as it generates leaner HTML which loads faster, requires less scrolling and less processing power to render. Aesthetic comparisons are subjective of course but completely unimportant compared to speed and accessibility. The presence of images and CSS on the old (Darkfish-based) site probably set unreasonable expectations as to my ability and willingness to view such things. No more, the new website is entirely simple HTML which renders well with even the wimpiest browser (hell, olddoc even tries to generate readable raw HTML).
2014-05-12documentation updates for Rubyforge death
We're migrating to a new public-inbox[1] + mailing list rainbows-public@bogomips.org [1] http://public-inbox.org/
2014-01-17unicorn 4.8 compatibility + test version bumps
Internal reworking of unicorn 4.8.0 completely broke us(!). This commit fixes things, but it means we no longer support unicorn <= 4.7. Sorry about that.
2013-10-26license: allow all future versions of the GNU GPL
There is currently no GPLv4, so this change has no effect at the moment. In case the GPLv4 arrives and I am not alive to approve/review it, the lesser of evils is have give blanket approval of all future GPL versions (as published by the FSF). The worse evil is to be stuck with a license which cannot guarantee the Free-ness of this project in the future. This unfortunately means the FSF can theoretically come out with license terms I do not agree with, but the GPLv2 and GPLv3 will always be an option to all users.
2013-02-26bump unicorn dependency to 4.6.2+ for Ruby 2.0.0
This ensures we're compatible with the latest stable Ruby version.
2013-02-26gemspec: set licenses= attribute
Old versions of RubyGems which could not handle this attribute are likely no longer in use.
2013-02-11hijacking support for Rack 1.5.x users
This requires Rack 1.5.x and unicorn 4.6.0 for hijacking support. Older versions of Rack continue to work fine, but we must use unicorn 4.6.0 features to support this.
2011-08-20bump unicorn dependency version
We want the stricter parser the error log filtering in unicorn 4.1.0
2011-08-20update development wrongdoc dep to 1.6
Hopefully this points more folks to email us.
2011-06-28require kgio 2.5 for kgio_wait_readable(timeout)
Since kgio_wait_*able in kgio 2.5 takes an optional timeout argument, we no longer have to load the extra "io/wait" module. This saves us a small amount of some memory and also removes the extra ioctl(FIONREAD) syscall IO#wait enforces. Like IO#wait in Ruby 1.9.3dev, kgio_wait_readable may use ppoll() to wait on high-numbered file descriptors as efficiently as it waits on low-numbered descriptors.
2011-06-27bump dependencies (kgio, unicorn, raindrops)
We now rely on Unicorn 4.0.0. We'll use the latest kgio and raindrops versions anyways.
2011-06-10gemspec: add GPLv3 to commented-out licenses section
Reduces inconsistency.
2011-06-09update various RubyGem dependencies
Gotta keep using the latest and greatest.
2011-05-08require kgio 2.4.0
kgio 2.4.0 has some 1.9.3dev fixes which affect us
2011-04-21bump dependency to Unicorn 3.6.0
Might as well use the latest and greatest.
2011-03-15bump Unicorn dependency to 3.5.0
Latest and greatest :D
2011-02-07gemspec: remove unnecessary statements
No need for these
2011-02-04bump required Unicorn dependency for Kgio
We want to use the singleton methods in Kgio to reduce conditionals.
2011-02-04bump wrongdoc development dependency
1.5 is nicer than older versions
2011-01-05Bump unicorn dependency to 3.3.0
This means we can remove Time.now.httpdate in the next commit
2011-01-04*gemspec: fix build, we have no unit tests
2010-12-29Packaging cleanups, reinstate generated files for the tarball
2010-12-29Rainbows! 2.1.0 - Cool.io, bugfixes and more!
Cool.io (new version of Rev) support is explicitly added (it always worked before). ":Coolio" may be used in place of ":Rev" anywhere in your Rainbows! config file. There is a new "keepalive_requests" config directive to limit the number of requests a single connection may make (default: 100, same as nginx). This may be useful for better load-balancing characteristics. The old "Rev" prefixes remain supported as long as Cool.io remains compatible with Rev (likely forever). Bug fixes: * Rainbows::ThreadTimeout middleware with multiple clients * large, pipelined upload errors with Revactor+Coolio(Rev) * high CPU usage for maintaining idle keepalive on *Fiber* * needless ThreadPool wakeups * request env prematurely cleared keepalive requests, breaking some middlewares such as Clogger. * "close" not called on body if wrapper and sendfile used together Various code cleanups, and our RDoc website is JavaScript-free. See the ChangeLog or git for all changes.
2010-12-27initial cool.io support
Cool.io is the new name for Rev. We'll continue to support Rev until Cool.io breaks backwards compatibility. Rev may not be supported if Cool.io is.
2010-12-26bump Unicorn dependency
Unicorn 3.2.1 gives us an improved HttpParser#next? that preserves state until the next HttpParser#parse call.
2010-12-24doc: switch documentation generation to wrongdoc
It is a common base so we can share documentation tasks more easily with Unicorn and it ensures our RDoc no longer has JavaScript in it!
2010-12-09bump Unicorn dependency to 3.1.0
We'll be taking advantage of configurable client_buffer_body_size soon.
2010-11-19upgrade to Kgio 2.x and Unicorn 3.x
Kgio 2.0.0 has a superior API and less likely to conflict or blow up with other applications. Unicorn 3.x requires Kgio 2.x, too.
2010-10-27use Unicorn 2.0.0 final
Unicorn 2.0.0 has CPU wakeup reductions.
2010-10-26gemspec: bump development dependency of Isolate
Might as well go with the latest and greatest, it has saner defaults at least.
2010-10-21unicorn 2.x updates + kgio
We get basic internal API changes from Unicorn, code simplifications coming next.
2010-09-28start using kgio library
It removes the burden of byte slicing and setting file descriptor flags. In some cases, we can remove unnecessary peeraddr calls, too.
2010-08-28bump Unicorn dependency to 1.1.3
Unicorn 1.1.3 fixes potential race conditions during SIGUSR1 log reopening.
2010-07-11bump Unicorn dependency to 1.1.1
This avoids costant resolution problems on client EOF during input processing.
2010-07-10doc: make RDoc skip private methods
2010-07-08dev: bump isolate dependency to 2.1.0
2010-07-08bump unicorn dependencies
2010-06-18avoid needless HeaderHash#to_hash calls
HeaderHash objects can only be used as headers without violating Rack::Lint in Rack 1.1.0 or later.
2010-06-10bin/rainbows: sync up with latest Unicorn
This will allow us to be working_directory-aware as far as config.ru goes.
2010-06-08gemspec: bump unicorn dependency to 0.990.0
2010-06-03depend on Isolate ~> 2.0.2 for development
It's useful given all the Gems we support but don't have hard installation dependencies on.
2010-05-26gemspec: bump Unicorn dependency
no major internal changes until 2.0.0+
2010-05-04gemspec: bump Unicorn dependency
We expect no API changes in Unicorn for a while
2010-04-27gemspec: update comments for gem dependencies
2010-04-19Rainbows! 0.91.1 - use a less-broken parser from Unicorn v0.91.1
This release fixes a denial-of-service vector for deployments exposed directly to untrusted clients. The HTTP parser in Unicorn <= 0.97.0 would trip an assertion (killing the associated worker process) on invalid Content-Length headers instead of raising an exception. Since Rainbows! and Zbatery supports multiple clients per worker process, all clients connected to the worker process that hit the assertion would be aborted. Deployments behind nginx are _not_ affected by this bug, as nginx will reject clients that send invalid Content-Length headers. The status of deployments behind other HTTP-aware proxies is unknown. Deployments behind a non-HTTP-aware proxy (or no proxy at all) are certainly affected by this DoS. Users are strongly encouraged to upgrade as soon as possible, there are no other changes besides this bug fix from Rainbows! 0.91.0 nor Unicorn 0.97.0 This bug affects all previously released versions of Rainbows! and Zbatery.