sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-04-27 15:07:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Properly format Change Log (#299)

Browse source 
* Change date format

* Add links to version tags

* Remove changelog.swp

* Remove v prefix from version number

* Add links references to CHANGELOG

* Add Unreleased section

* Add links to PR and Issue references

* Update CHANGELOG.md
This commit is contained in:
Lucas Mansur 2018-03-15 16:13:48 -03:00 committed by Gonzalo Rodriguez
parent 666dc3d894
commit 61aba3455c
1 changed files with 64 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

108
CHANGELOG.md
View file

@ -1,92 +1,112 @@
# Changelog # Changelog
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
## [Unreleased]
## v5.1.0 - 10 Mar 2018
- Fixes edge case bug when using ruby 2.5 and redis #253 (#271) ## [5.1.0] - 2018-03-10
- Throws errors with better semantics when missing or misconfigured store caches to aid in developers debugging their configs (#274)
- Removed legacy code that was originally intended for Rails 3 apps (#264)
## v5.0.1 - 11 Aug 2016 - Fixes edge case bug when using ruby 2.5 and redis [#253](https://github.com/kickstarter/rack-attack/issues/253) ([#271](https://github.com/kickstarter/rack-attack/issues/271))
- Throws errors with better semantics when missing or misconfigured store caches to aid in developers debugging their configs ([#274](https://github.com/kickstarter/rack-attack/issues/274))
- Removed legacy code that was originally intended for Rails 3 apps ([#264](https://github.com/kickstarter/rack-attack/issues/264))
- Fixes arguments passed to deprecated internal methods. (#198) ## [5.0.1] - 2016-08-11
## v5.0.0 - 9 Aug 2016 - Fixes arguments passed to deprecated internal methods. ([#198](https://github.com/kickstarter/rack-attack/issues/198))
- Deprecate `whitelist`/`blacklist` in favor of `safelist`/`blocklist`. (#181, ## [5.0.0] - 2016-08-09
- Deprecate `whitelist`/`blacklist` in favor of `safelist`/`blocklist`. ([#181](https://github.com/kickstarter/rack-attack/issues/181),
thanks @renee-travisci). To upgrade and fix deprecations, find and replace instances of `whitelist` and `blacklist` with `safelist` and `blocklist`. If you reference `rack.attack.match_type`, note that it will have values like `:safelist`/`:blocklist`. thanks @renee-travisci). To upgrade and fix deprecations, find and replace instances of `whitelist` and `blacklist` with `safelist` and `blocklist`. If you reference `rack.attack.match_type`, note that it will have values like `:safelist`/`:blocklist`.
- Remove test coverage for unsupported ruby dependencies: ruby 2.0, activesupport 3.2/4.0, and dalli 1. - Remove test coverage for unsupported ruby dependencies: ruby 2.0, activesupport 3.2/4.0, and dalli 1.
## v4.4.1 - 17 Feb 2016 ## [4.4.1] - 2016-02-17
- Fix a bug affecting apps using Redis::Store and ActiveSupport that could generate an error - Fix a bug affecting apps using Redis::Store and ActiveSupport that could generate an error
saying dalli was a required dependency. I learned all about ActiveSupport autoloading. (#165) saying dalli was a required dependency. I learned all about ActiveSupport autoloading. ([#165](https://github.com/kickstarter/rack-attack/issues/165))
## v4.4.0 - 10 Feb 2016 ## [4.4.0] - 2016-02-10
- New: support for MemCacheStore (#153). Thanks @elhu. - New: support for MemCacheStore ([#153](https://github.com/kickstarter/rack-attack/issues/153)). Thanks @elhu.
- Some documentation and test harness improvements. - Some documentation and test harness improvements.
## v4.3.1 - 18 Dec 2015 ## [4.3.1] - 2015-12-18
- SECURITY FIX: Normalize request paths when using ActionDispatch. Thanks - SECURITY FIX: Normalize request paths when using ActionDispatch. Thanks
Andres Riancho at @includesecurity for reporting it. Andres Riancho at @includesecurity for reporting it.
- Remove support for ruby 1.9.x - Remove support for ruby 1.9.x
- Add Code of Conduct - Add Code of Conduct
- Several documentation and testing improvements - Several documentation and testing improvements
## v4.3.0 - 22 May 2015 ## [4.3.0] - 2015-05-22
- Redis proxy passes `raw: true` (thanks @stanhu) - Redis proxy passes `raw: true` (thanks @stanhu)
- Redis supports `delete` method to be consistent with Dalli (thanks @stanhu) - Redis supports `delete` method to be consistent with Dalli (thanks @stanhu)
- Support the ability to reset Fail2Ban count and ban flag (thanks @stanhu) - Support the ability to reset Fail2Ban count and ban flag (thanks @stanhu)
## v4.2.0 - 26 Oct 2014 ## [4.2.0] - 2014-10-26
- Throttle's `period` argument now takes a proc as well as a number (thanks @gsamokovarov) - Throttle's `period` argument now takes a proc as well as a number (thanks @gsamokovarov)
- Invoke the `#call` method on `blocklist_response` and `throttle_response` instead of `#[]`, as per the Rack spec. (thanks @gsamokovarov) - Invoke the `#call` method on `blocklist_response` and `throttle_response` instead of `#[]`, as per the Rack spec. (thanks @gsamokovarov)
## v4.1.1 - 11 Sept 2014 ## [4.1.1] - 2014-09-11
- Fix a race condition in throttles that could allow more requests than intended. - Fix a race condition in throttles that could allow more requests than intended.
## v4.1.0 - 22 May 2014 ## [4.1.0] - 2014-05-22
- Tracks take an optional limit and period to only notify once a threshold - Tracks take an optional limit and period to only notify once a threshold
is reached (similar to throttles). Thanks @chiliburger! is reached (similar to throttles). Thanks @chiliburger!
- Default throttled & blocklist responses have Content-Type: text/plain - Default throttled & blocklist responses have Content-Type: text/plain
- Rack::Attack.clear! resets tracks - Rack::Attack.clear! resets tracks
## v4.0.1 - 14 May 2014 ## [4.0.1] - 2014-05-14
* Add throttle discriminator to rack env (thanks @blahed) - Add throttle discriminator to rack env (thanks @blahed)
## v4.0.0 - 28 April 2014 ## [4.0.0] - 2014-04-28
* Implement proxy for Dalli with better Memcachier support. (thanks @hakanensari) - Implement proxy for Dalli with better Memcachier support. (thanks @hakanensari)
* Rack::Attack.new returns an instance to ease testing. (thanks @stevehodgkiss) - Rack::Attack.new returns an instance to ease testing. (thanks @stevehodgkiss)
[Changing a module to a class is not backwards compatible, hence v4.0.0.] [Changing a module to a class is not backwards compatible, hence v4.0.0.]
* Use Rack::Attack::Request subclass of Rack::Request for easier extending (thanks @tristandunn) - Use Rack::Attack::Request subclass of Rack::Request for easier extending (thanks @tristandunn)
* Test more dalli versions. - Test more dalli versions.
## v3.0.0 - 15 March 2014 ## [3.0.0] - 2014-03-15
* Change default blocklisted response to 403 Forbidden (thanks @carpodaster). - Change default blocklisted response to 403 Forbidden (thanks @carpodaster).
* Fail gracefully when Redis store is not available; rescue exeption and don't - Fail gracefully when Redis store is not available; rescue exeption and don't
throttle request. (thanks @wkimeria) throttle request. (thanks @wkimeria)
* TravisCI runs integration tests. - TravisCI runs integration tests.
## v2.3.0 - 11 October 2013 ## [2.3.0] - 2013-10-11
* Allow throttle `limit` argument to be a proc. (thanks @lunks) - Allow throttle `limit` argument to be a proc. (thanks @lunks)
* Add Allow2Ban, complement of Fail2Ban. (thanks @jormon) - Add Allow2Ban, complement of Fail2Ban. (thanks @jormon)
* Improved TravisCI testing - Improved TravisCI testing
## v2.2.1 - 13 August 2013 ## [2.2.1] - 2013-08-13
* Add license to gemspec - Add license to gemspec
* Support ruby version 1.9.2 - Support ruby version 1.9.2
* Change default blocklisted response code from 503 to 401; throttled response - Change default blocklisted response code from 503 to 401; throttled response
from 503 to 429. from 503 to 429.
## v2.2.0 - 20 June 2013 ## [2.2.0] - 2013-06-20
* Fail2Ban filtering. See README for details. Thx @madlep! - Fail2Ban filtering. See README for details. Thx @madlep!
* Introduce StoreProxy to more cleanly abstract cache stores. Thx @madlep. - Introduce StoreProxy to more cleanly abstract cache stores. Thx @madlep.
## v2.1.1 - 16 May 2013 ## 2.1.1 - 2013-05-16
* Start keeping changelog - Start keeping changelog
* Fix `Redis::CommandError` when using ActiveSupport numeric extensions (e.g. `1.second`) - Fix `Redis::CommandError` when using ActiveSupport numeric extensions (e.g. `1.second`)
* Remove unused variable - Remove unused variable
* Extract mandatory options to constants - Extract mandatory options to constants
[Unreleased]: https://github.com/kickstarter/rack-attack/compare/v5.1.0...HEAD/
[5.1.0]: https://github.com/kickstarter/rack-attack/compare/v5.0.1...v5.1.0/
[5.0.1]: https://github.com/kickstarter/rack-attack/compare/v5.0.0...v5.0.1/
[5.0.0]: https://github.com/kickstarter/rack-attack/compare/v4.4.1...v5.0.0/
[4.4.1]: https://github.com/kickstarter/rack-attack/compare/v4.4.0...v4.4.1/
[4.4.0]: https://github.com/kickstarter/rack-attack/compare/v4.3.1...v4.4.0/
[4.3.1]: https://github.com/kickstarter/rack-attack/compare/v4.3.0...v4.3.1/
[4.3.0]: https://github.com/kickstarter/rack-attack/compare/v4.2.0...v4.3.0/
[4.2.0]: https://github.com/kickstarter/rack-attack/compare/v4.1.1...v4.2.0/
[4.1.1]: https://github.com/kickstarter/rack-attack/compare/v4.1.0...v4.1.1/
[4.1.0]: https://github.com/kickstarter/rack-attack/compare/v4.0.1...v4.1.0/
[4.0.1]: https://github.com/kickstarter/rack-attack/compare/v4.0.0...v4.0.1/
[4.0.0]: https://github.com/kickstarter/rack-attack/compare/v3.0.0...v4.0.0/
[3.0.0]: https://github.com/kickstarter/rack-attack/compare/v2.3.0...v3.0.0/
[2.3.0]: https://github.com/kickstarter/rack-attack/compare/v2.2.1...v2.3.0/
[2.2.1]: https://github.com/kickstarter/rack-attack/compare/v2.2.0...v2.2.1/
[2.2.0]: https://github.com/kickstarter/rack-attack/compare/v2.1.1...v2.2.0/