Passbook gem let's you create pkpass for passbook iOS 6

Related tags

Payments passbook
Overview

Build Status

passbook

The passbook gem let's you create a pkpass for passbook in iOS 6+

Installation

Include the passbook gem in your project.

IE: In your Gemfile

gem 'passbook'

Quick Start

If you want to jump in without having to integrate this into your code you can use the command line options to get started. Start by installing the gem

gem install passbook

Then go to a directory that you want to generate your pass under and use the "pk generate command". (note: do not use spaces in your passname or else strange things will happen.)

pk generate your_pass_name

This will generate a directory called your_pass_name. Edit your pass.json file in the your_pass_directory to have a valid team identifier and passTypeIdentifier and create your certificates if you haven't yet. See this article for information on how to do this.

Assuming that you have put your certificate files etc. in your working directory.

pk build your_pass_name -w ./wwdc.pem -c ./your_pass_name.p12 -p ''

The wwdc.pem file is the exported Apple World Wide Developer Relations Certification Authority certificate file from your key manager and the your_pass_name.p12 is the exported p12 file from your pass certificate.

If you are not building your passes on a mac or just prefer to use the pass certificate and key pem file.

pk build passbook_gem_name -w ./wwdc.pem -c ./your_pass_name_certificate.pem -k your_pass_name_key.pem -p '12345'

Now you can drag the file over to a simulator or send it to your iPhone via e-mail to view your pass.

Configuration

Create initializer

    rails g passbook:config
    or with params
    rails g passbook:config [Absolute path to the wwdc cert file] [Absolute path to your cert.p12 file] [Password for your certificate]

Configure your config/initializers/passbook.rb

    Passbook.configure do |passbook|
      passbook.wwdc_cert = Rails.root.join('wwdc_cert.pem')
      passbook.p12_certificate = Rails.root.join('cert.p12')
      passbook.p12_password = 'cert password'
    end

If you are running this on a different machine from what you used to create your WWDC keys

    Passbook.configure do |passbook|
      passbook.wwdc_cert = Rails.root.join('wwdc_cert.pem')
      passbook.p12_key = Rails.root.join('key.pem')
      passbook.p12_certificate = Rails.root.join('certificate.pem')
      passbook.p12_password = 'cert password'
    end

If you are using Sinatra you can place this in the file you are executing or in a file that you do a require on. You would also not reference Rails.root when specifying your file path.

If You are doing push notifications then you will need to add some extra configuration options, namely a push notification certificate and a notification gateway certificate. Look at the Grocer gem documentation to find information on how to create this certificate. Settings you will want to use for the notification gateway are either 'gateway.push.apple.com' for production, 'gateway.sandbox.push.apple.com' for development and 'localhost' for unit tests.

    Passbook.configure do |passbook|
      .....other settings.....
      passbook.notification_gateway = 'gateway.push.apple.com'
      passbook.notification_passphrase = 'my_hard_password' (optional)
      passbook.notification_cert = 'lib/assets/my_notification_cert.pem'
    end

If you want to also support the push notification endpoints you will also need to include the Rack::PassbookRack middleware. In rails your config will look something like this.

  config.middleware.use Rack::PassbookRack

Usage

Please refer to apple iOS dev center for how to build cert and json. This article is also helpful.

    pass = Passbook::PKPass.new 'your json data'

    # Add file from disk
    pass.addFile 'file_path'

    # Add file from memory
    file[:name] = 'file name'
    file[:content] = 'whatever you want'
    pass.addFile file

    # Add multiple files
    pass.addFiles [file_path_1, file_path_2, file_path_3]

    # Add multiple files from memory
    pass.addFiles [{name: 'file1', content: 'content1'}, {name: 'file2', content: 'content2'}, {name: 'file3', content: 'content3'}]

    # Output a Tempfile

    pkpass = pass.file
    send_file pkpass.path, type: 'application/vnd.apple.pkpass', disposition: 'attachment', filename: "pass.pkpass"

    # Or a stream

    pkpass = pass.stream
    send_data pkpass.string, type: 'application/vnd.apple.pkpass', disposition: 'attachment', filename: "pass.pkpass"

If you are using Sinatra you will need to include the 'active_support' gem and will need to require 'active_support/json/encoding'. Here is an example using the streaming mechanism.

require 'sinatra'
require 'passbook'
require 'active_support/json/encoding'

Passbook.configure do |passbook|
  passbook.p12_password = '12345'
  passbook.p12_key = 'passkey.pem'
  passbook.p12_certificate = 'passcertificate.pem'
  passbook.wwdc_cert = 'WWDR.pem'
end

get '/passbook' do
  pass = # valid passbook json.  refer to the wwdc documentation.
  passbook = Passbook::PKPass.new pass
  passbook.addFiles ['logo.png', '[email protected]', 'icon.png', '[email protected]']
  response['Content-Type'] = 'application/vnd.apple.pkpass'
  attachment 'mypass.pkpass'
  passbook.stream.string
end

We will try to make this cleaner in subsequent releases.

Using Different Certificates For Different Passes

Sometime you might want to be able to use different certificates for different passes. This can be done by passing in a Signer class into your PKPass initializer like so

  signer = Passbook::Signer.new {certificate: some_cert, password: some_password, key: some_key, wwdc_cert: some_wwdc_cert}
  pk_pass = Passbook::PKPass.new your_json_data, signer

  ....

Push Notifications

If you want to support passbook push notification updates you will need to configure the appropriate bits above.

In order to support push notifications you will need to have a basic understanding of the way that push notifications work and how the data is passed back and forth. See this for basic information about passes and this to understand the information that needs to be exchanged between each device and your application to support the update service.

Your pass will need to have a field called 'webServiceURL' with the base url to your site and a field called 'authenticationToken'. The json snippet should look like this. Note that your url needs to be a valid signed https endpoint for production. You can put your phone in dev mode to test updates against a insecure http endpoint (under settings => developer => passkit testing).

...
  "webserviceURL" : "https://www.honeybadgers.com/",
  "authenticationToken" : "yummycobras"
...

Passbook includes rack middleware to make the job of supporting the passbook endpoints easier. You will need to configure the middleware as outlined above and then implement a class called Passbook::PassbookNotification. Below is an annotated implementation.

module Passbook
  class PassbookNotification

    # This is called whenever a new pass is saved to a users passbook or the
    # notifications are re-enabled.  You will want to persist these values to
    # allow for updates on subsequent calls in the call chain.  You can have
    # multiple push tokens and serial numbers for a specific
    # deviceLibraryIdentifier.

    def self.register_pass(options)
      the_passes_serial_number = options['serialNumber']
      the_devices_device_library_identifier = options['deviceLibraryIdentifier']
      the_devices_push_token = options['pushToken']
      the_pass_type_identifier = options["passTypeIdentifier"]
      the_authentication_token = options['authToken']

      # this is if the pass registered successfully
      # change the code to 200 if the pass has already been registered
      # 404 if pass not found for serialNubmer and passTypeIdentifier
      # 401 if authorization failed
      # or another appropriate code if something went wrong.
      {:status => 201}
    end

    # This is called when the device receives a push notification from apple.
    # You will need to return the serial number of all passes associated with
    # that deviceLibraryIdentifier.

    def self.passes_for_device(options)
      device_library_identifier = options['deviceLibraryIdentifier']
      passes_updated_since = options['passesUpdatedSince']

      # the 'lastUpdated' uses integers values to tell passbook if the pass is
      # more recent than the current one.  If you just set it is the same value
      # every time the pass will update and you will get a warning in the log files.
      # you can use the time in milliseconds,  a counter or any other numbering scheme.
      # you then also need to return an array of serial numbers.
      {'lastUpdated' => '1', 'serialNumbers' => ['various', 'serial', 'numbers']}
    end

    # this is called when a pass is deleted or the user selects the option to disable pass updates.
    def self.unregister_pass(options)
      # a solid unique pair of identifiers to identify the pass are
      serial_number = options['serialNumber']
      device_library_identifier = options['deviceLibraryIdentifier']
      the_pass_type_identifier = options["passTypeIdentifier"]
      the_authentication_token = options['authToken']
      # return a status 200 to indicate that the pass was successfully unregistered.
      {:status => 200}
    end

    # this returns your updated pass
    def self.latest_pass(options)
      the_pass_serial_number = options['serialNumber']
      # create your PkPass the way you did when your first created the pass.
      # you will want to return
      my_pass = PkPass.new 'your pass json'
      # you will want to return the string from the stream of your PkPass object.
      {:status => 200, :latest_pass => mypass.stream.string, :last_modified => '1442120893'}
    end

    # This is called whenever there is something from the update process that is a warning
    # or error
    def self.passbook_log(log)
      # this is a VERY crude logging example.  use the logger of your choice here.
      p "#{Time.now} #{log}"
    end

  end
end

To send a push notification for a updated pass simply call Passbook::PushNotification.send_notification with the push token for the device you are updating

  Passbook::PushNotification.send_notification the_device_push_token

Apple will send out a notification to your phone (usually within 15 minutes or less), which will cause the phone that this push notification is associated with to make a call to your server to get pass serial numbers and to then get the updated pass. Each phone/pass combination has it's own push token whch will require a separate call for every phone that has push notifications enabled for a pass (this is an Apple thing). In the future we may look into offering background process support for this as part of this gem. For now, if you have a lot of passes to update you will need to do this yourself.

Tests

To launch tests :

  bundle exec rake spec

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

Changelog

0.0.4

Allow passbook gem to return a ZipOutputStream (needed when garbage collector delete tempfile before beeing able to use it) [Thx to applidget]

0.2.0

Adding support for push notification updates for passes.

0.4.0

Adding support for using multiple signatures per gem configuration and introducing command line helpers. More in this blog post.

0.4.1

Update rubyzip dependency to >= 1.0.0

License

passbook is released under the MIT license:

Comments
  • Is there a step missing to make this work on a device?

    Is there a step missing to make this work on a device?

    Hi.

    I can see the passbook on a Mac when visiting the URL, but when I try to send it to my phone or view the exact same URL on the phone it ays "Safari cannot download this file"?

    Am I missing a configuration? I have all the assets and information (which properly display on a browser)

    screen shot 2014-02-15 at 13 41 34

    Thanks!

    opened by raulriera 7
  • The pass

    The pass "pass.pkpass" could not be opened

    I keep getting this error: The pass "pass.pkpass" could not be opened. Below's my code. I've re-done the cert process like 3 times. Not sure where it's failing because the package seems intact.

    def show
       pass = Pass.find(params[:id])
       pass_path = ENV['passes_folder_path'] + "/passes/#{pass.id}"
       pass_json = File.read(pass_path + "/pass.json")
       pkpass = Passbook::PKPass.new pass_json
       files = []
       Dir.foreach(pass_path) do |file|
         next if file == '.' or file == '..' or file == '.DS_Store'
         files << file
       end
       pkpass.addFiles files
       send_data(pkpass, type: 'application/vnd.apple.pkpass', disposition: 'attachment', filename: 'pass.pkpass', status: 201, location: [:api, pass])
     end
    
    opened by dariye 6
  • Signature error unter iOS 7

    Signature error unter iOS 7

    I'm seeing this error when I try to download and open a pkpass under iOS 7

    Invalid data error reading pass pass.com.domain.discount/2500000.
    The passTypeIdentifier or teamIdentifier provided may not match your certificate, or the certificate trust chain could not be verified.
    Error adding pass The pass cannot be read because it isn’t valid.
    

    However ,the passTypeIdentifier and teamIdentifier seem to be correct since everything works fine under iOS 6 and even Safari from Mavericks.

    As far as I can tell, the only difference in the signing process with iOS 7 is that the signature needs to contain a signing date.

    opened by MSchmidt 6
  • No method error on Heroku.

    No method error on Heroku.

    Hi,

    I made a simple Sinatra app that uses this Gem. It runs fine on localhost, but when I deploy to Heroku I get the error NoMethodError - undefined method 'write_buffer' for Zip::ZipOutputStream:Class: which is being raised by the line /app/vendor/bundle/ruby/2.0.0/gems/passbook-0.2.1/lib/passbook/pkpass.rb:122:in outputZip.

    Any idea what the cause of this could be?

    I posted on StackOverflow with the same problem, more detailed description here

    opened by george-carlin 5
  • Safari cannot download this file

    Safari cannot download this file

    Hi,

    I make my pass. It's work fine, and I can download it from my web browser. And the content of the pass is OK, manifest, signature, json... . But on IOS 6 Beta 3, Safari say Download Failed. Nothing in the console ...

    Any idea ?

    My json :

    '{ "passTypeIdentifier": "pass.xxxx.yyyy", "formatVersion": 1, "organizationName": "Flight Express", "serialNumber": "123456", "teamIdentifier": "SAB5MVXXXX", "backgroundColor": "rgb(107,156,196)", "logoText": "Flight info", "description": "Demo pass", "boardingPass": { "primaryFields": [ { "key" : "origin", "label" : "San Francisco", "value" : "SFO" }, { "key" : "destination", "label" : "London", "value" : "LHR" } ], "secondaryFields": [ { "key": "gate", "label": "Gate", "value": "F12" }, { "key": "date", "label": "Departure date", "value": "07/11/2012 10:22" }

        ],
        "backFields": [
            {
                "key": "passenger-name",
                "label": "Passenger",
                "value": "John Appleseed"
            }
        ],
        "transitType" : "PKTransitTypeAir"
    },
    "barcode": {
        "format": "PKBarcodeFormatQR",
        "message": "Flight-GateF12-ID6643679AH7B",
        "messageEncoding": "iso-8859-1"
    }
    

    }'

    I use ruby 1.9.3 and rails 3.2.6

    opened by kaluznyo 5
  • [WIP] Use Zipruby instead of Rubyzip

    [WIP] Use Zipruby instead of Rubyzip

    Hi There,

    I'm working on using adding passbook integration, and my requirements require me use zipruby as opposed to rubyzip. Since zipruby is faster due it being implemented in C, I thought I would offer it up on a PR.

    I'm looking for feedback to see if I can make this better, and to see if you would be interested in having this.

    Thanks!

    opened by tarebyte 4
  • Allow instance overrides for cert and password

    Allow instance overrides for cert and password

    I needed to be able to create passes for multiple certs, which meant that having a module level attribute for the cert and password would not work. What I've done, is allowed the cert and password to be set on the PKPass itself. If they exist, they're used. Otherwise it falls back to the existing functionality.

    I did not do this for the scenario where the p12_key file is owned, because it didn't seem like a likely scenario. Easy enough to add though if anyone feels there'd be some value.

    -- Sorry about the branch name... not sure what happened there.

    opened by jeffdeville 4
  • Can't open .pkpass file

    Can't open .pkpass file

    We've been using this gem for a few years, but suddenly we're unable to open generated .pkpass files and all we've done is generated a new Pass Type certificate from Apple. Has anyone else had any issues lately?

    opened by dylanbromby 3
  • uninitialized constant Rack::PassbookRack (NameError)

    uninitialized constant Rack::PassbookRack (NameError)

    Added config.middleware.use Rack::PassbookRack to application.rb and have gem 'passbook' in my gemfile. I have added all of my certs to the config file, and when I start the server I get the error message below.

    /rails/test_project/config/application.rb:63:inclass:Application': uninitialized constant Rack::PassbookRack (NameError) from /rails/test_project/config/application.rb:13:in <module:TestProject>' from /rails/test_project/config/application.rb:12:in<top (required)>' from /Users/jbadger/.rvm/gems/ruby-1.9.3-p362/gems/railties-3.2.12/lib/rails/commands.rb:53:in require' from /Users/jbadger/.rvm/gems/ruby-1.9.3-p362/gems/railties-3.2.12/lib/rails/commands.rb:53:inblock in <top (required)>' from /Users/jbadger/.rvm/gems/ruby-1.9.3-p362/gems/railties-3.2.12/lib/rails/commands.rb:50:in tap' from /Users/jbadger/.rvm/gems/ruby-1.9.3-p362/gems/railties-3.2.12/lib/rails/commands.rb:50:in<top (required)>' from script/rails:6:in require' from script/rails:6:in

    '`

    opened by jbadger 3
  • sinatra with passbook has error....

    sinatra with passbook has error....

    in my rails web... in Gemfile

    gem 'passbook', :git => 'git://github.com/frozon/passbook.git'

    and works well!

    but sinatra... ( I'm beginner in sinatra app dev)

    require 'passbook' require 'active_support/json/encoding'

    has error...

    no such file to load -- passbook

    How can I do fix it??? plz... help me...

    opened by rubyon 3
  • stream vs temp

    stream vs temp

    Pardon the newb question, but could you detail differences between your tempfile implementaiton vs stream and any impacts to the user experience?

    Thanks

    S

    opened by sfielder 3
  • Bump nokogiri from 1.6.5 to 1.13.9

    Bump nokogiri from 1.6.5 to 1.13.9

    Bumps nokogiri from 1.6.5 to 1.13.9.

    Release notes

    Sourced from nokogiri's releases.

    1.13.9 / 2022-10-18

    Security

    Dependencies

    • [CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.
    • [CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.
    • [CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

    Fixed

    • [CRuby] Nokogiri::XML::Namespace objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2658] (Thanks, @​eightbitraptor and @​peterzhu2118!)
    • [CRuby] Document#remove_namespaces! now defers freeing the underlying xmlNs struct until the Document is GCed. Previously, maintaining a reference to a Namespace object that was removed in this way could lead to a segfault. [#2658]

    sha256 checksums:

    9b69829561d30c4461ea803baeaf3460e8b145cff7a26ce397119577a4083a02  nokogiri-1.13.9-aarch64-linux.gem
    e76ebb4b7b2e02c72b2d1541289f8b0679fb5984867cf199d89b8ef485764956  nokogiri-1.13.9-arm64-darwin.gem
    15bae7d08bddeaa898d8e3f558723300137c26a2dc2632a1f89c8574c4467165  nokogiri-1.13.9-java.gem
    f6a1dbc7229184357f3129503530af73cc59ceba4932c700a458a561edbe04b9  nokogiri-1.13.9-x64-mingw-ucrt.gem
    36d935d799baa4dc488024f71881ff0bc8b172cecdfc54781169c40ec02cbdb3  nokogiri-1.13.9-x64-mingw32.gem
    ebaf82aa9a11b8fafb67873d19ee48efb565040f04c898cdce8ca0cd53ff1a12  nokogiri-1.13.9-x86-linux.gem
    11789a2a11b28bc028ee111f23311461104d8c4468d5b901ab7536b282504154  nokogiri-1.13.9-x86-mingw32.gem
    01830e1646803ff91c0fe94bc768ff40082c6de8cfa563dafd01b3f7d5f9d795  nokogiri-1.13.9-x86_64-darwin.gem
    8e93b8adec22958013799c8690d81c2cdf8a90b6f6e8150ab22e11895844d781  nokogiri-1.13.9-x86_64-linux.gem
    96f37c1baf0234d3ae54c2c89aef7220d4a8a1b03d2675ff7723565b0a095531  nokogiri-1.13.9.gem
    

    1.13.8 / 2022-07-23

    Deprecated

    • XML::Reader#attribute_nodes is deprecated due to incompatibility between libxml2's xmlReader memory semantics and Ruby's garbage collector. Although this method continues to exist for backwards compatibility, it is unsafe to call and may segfault. This method will be removed in a future version of Nokogiri, and callers should use #attribute_hash instead. [#2598]

    Improvements

    • XML::Reader#attribute_hash is a new method to safely retrieve the attributes of a node from XML::Reader. [#2598, #2599]

    Fixed

    ... (truncated)

    Changelog

    Sourced from nokogiri's changelog.

    1.13.9 / 2022-10-18

    Security

    Dependencies

    • [CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.
    • [CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.
    • [CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

    Fixed

    • [CRuby] Nokogiri::XML::Namespace objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2658] (Thanks, @​eightbitraptor and @​peterzhu2118!)
    • [CRuby] Document#remove_namespaces! now defers freeing the underlying xmlNs struct until the Document is GCed. Previously, maintaining a reference to a Namespace object that was removed in this way could lead to a segfault. [#2658]

    1.13.8 / 2022-07-23

    Deprecated

    • XML::Reader#attribute_nodes is deprecated due to incompatibility between libxml2's xmlReader memory semantics and Ruby's garbage collector. Although this method continues to exist for backwards compatibility, it is unsafe to call and may segfault. This method will be removed in a future version of Nokogiri, and callers should use #attribute_hash instead. [#2598]

    Improvements

    • XML::Reader#attribute_hash is a new method to safely retrieve the attributes of a node from XML::Reader. [#2598, #2599]

    Fixed

    • [CRuby] Calling XML::Reader#attributes is now safe to call. In Nokogiri <= 1.13.7 this method may segfault. [#2598, #2599]

    1.13.7 / 2022-07-12

    Fixed

    XML::Node objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2578] (Thanks, @​eightbitraptor!)

    1.13.6 / 2022-05-08

    Security

    • [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for more information.

    ... (truncated)

    Commits
    • 897759c version bump to v1.13.9
    • aeb1ac3 doc: update CHANGELOG
    • c663e49 Merge pull request #2671 from sparklemotion/flavorjones-update-zlib-1.2.13_v1...
    • 212e07d ext: hack to cross-compile zlib v1.2.13 on darwin
    • 76dbc8c dep: update zlib to v1.2.13
    • 24e3a9c doc: update CHANGELOG
    • 4db3b4d Merge pull request #2668 from sparklemotion/flavorjones-namespace-scopes-comp...
    • 73d73d6 fix: Document#remove_namespaces! use-after-free bug
    • 5f58b34 fix: namespace nodes behave properly when compacted
    • b08a858 test: repro namespace_scopes compaction issue
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump addressable from 2.3.6 to 2.8.1

    Bump addressable from 2.3.6 to 2.8.1

    Bumps addressable from 2.3.6 to 2.8.1.

    Changelog

    Sourced from addressable's changelog.

    Addressable 2.8.1

    • refactor Addressable::URI.normalize_path to address linter offenses (#430)
    • remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438)
    • update gemspec to reflect supported Ruby versions (#466, #464, #463)
    • compatibility w/ public_suffix 5.x (#466, #465, #460)
    • fixes "invalid byte sequence in UTF-8" exception when unencoding URLs containing non UTF-8 characters (#459)
    • Ractor compatibility (#449)
    • use the whole string instead of a single line for template match (#431)
    • force UTF-8 encoding only if needed (#341)

    #460: sporkmonger/addressable#460 #463: sporkmonger/addressable#463 #464: sporkmonger/addressable#464 #465: sporkmonger/addressable#465 #466: sporkmonger/addressable#466

    Addressable 2.8.0

    • fixes ReDoS vulnerability in Addressable::Template#match
    • no longer replaces + with spaces in queries for non-http(s) schemes
    • fixed encoding ipv6 literals
    • the :compacted flag for normalized_query now dedupes parameters
    • fix broken escape_component alias
    • dropping support for Ruby 2.0 and 2.1
    • adding Ruby 3.0 compatibility for development tasks
    • drop support for rack-mount and remove Addressable::Template#generate
    • performance improvements
    • switch CI/CD to GitHub Actions

    Addressable 2.7.0

    • added :compacted flag to normalized_query
    • heuristic_parse handles mailto: more intuitively
    • dropped explicit support for JRuby 9.0.5.0
    • compatibility w/ public_suffix 4.x
    • performance improvements

    Addressable 2.6.0

    • added tld= method to allow assignment to the public suffix
    • most heuristic_parse patterns are now case-insensitive
    • heuristic_parse handles more file:// URI variations
    • fixes bug in heuristic_parse when uri starts with digit
    • fixes bug in request_uri= with query strings
    • fixes template issues with nil and ? operator
    • frozen_string_literal pragmas added
    • minor performance improvements in regexps
    • fixes to eliminate warnings

    Addressable 2.5.2

    • better support for frozen string literals
    • fixed bug w/ uppercase characters in scheme
    • IDNA errors w/ emoji URLs

    ... (truncated)

    Commits
    • 8657465 Update version, gemspec, and CHANGELOG for 2.8.1 (#474)
    • 4fc5bb6 CI: remove Ubuntu 18.04 job (#473)
    • 860fede Force UTF-8 encoding only if needed (#341)
    • 99810af Merge pull request #431 from ojab/ct-_do_not_parse_multiline_strings
    • 7ce0f48 Merge branch 'main' into ct-_do_not_parse_multiline_strings
    • 7ecf751 Merge pull request #449 from okeeblow/freeze_concatenated_strings
    • 41f12dd Merge branch 'main' into freeze_concatenated_strings
    • 068f673 Merge pull request #459 from jarthod/iso-encoding-problem
    • b4c9882 Merge branch 'main' into iso-encoding-problem
    • 08d27e8 Merge pull request #471 from sporkmonger/sporkmonger-enable-codeql
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump git from 1.2.8 to 1.11.0

    Bump git from 1.2.8 to 1.11.0

    Bumps git from 1.2.8 to 1.11.0.

    Release notes

    Sourced from git's releases.

    Release v1.11.0

    Full Changelog

    • 292087e Supress unneeded test output (#570)
    • 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
    • 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
    • c04d16e remove from maintainer (#567)
    • 291ca09 Address command line injection in Git::Lib#fetch
    • 521b8e7 Release v1.10.2 (#561)

    Release v1.10.2

    Full Changelog

    • 57f941c Release v1.10.2
    • c987a74 Add create-release, setup, and console dev scripts (#560)
    • 12e3d03 Store tempfile objects to prevent deletion during tests (#555)

    Release v1.10.1

    Full Changelog

    • c7b12af Release v1.10.1
    • ea28118 Properly escape double quotes in shell commands on Windows (#552)
    • db060fc Properly unescape diff paths (#504)
    • ea47044 Add Ruby 3.0 to CI build (#547)
    • cb01d2b Create a Docker image to run the changelog (#546)

    v.1.10.0

    Full Changelog

    • 8acec7d Release v1.10.0 (#545)
    • 8feb4ff Refactor directory initialization (#544)
    • 3884314 Add -ff option to git clean (#529)
    • 984ff7f #533 Add --depth options for fetch call (#534)
    • 6cba37e Add support for git init --initial-branch=main argument (#539)
    • ff98c42 Add support for the git merge --no-commit argument (#538)
    • 1023f85 Require pathname module (#536)

    v1.9.1

    Full Changelog

    • 58100b0 Release v1.9.1 (#527)
    • 45aeac9 Fix the gpg_sign commit option (#525)

    v1.9.0

    Full Changelog

    • 07a1167 Release v1.9.0 (#524)
    • 8fe479b Fix worktree test when git dir includes symlinks (#522)
    • 0cef8ac feat: add --gpg-sign option on commits (#518)
    • 765df7c Adds file option to config_set to allow adding to specific git-config files (#458)

    ... (truncated)

    Changelog

    Sourced from git's changelog.

    v1.11.0

    • 292087e Supress unneeded test output (#570)
    • 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
    • 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
    • c04d16e remove from maintainer (#567)
    • 291ca09 Address command line injection in Git::Lib#fetch
    • 521b8e7 Release v1.10.2 (#561)

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0

    v1.10.2

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2

    1.10.1

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1

    1.10.0

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0

    1.9.1

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1

    1.9.0

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0

    1.8.1

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1

    1.8.0

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.8.0

    1.7.0

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.7.0

    1.6.0

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.6.0

    1.6.0.pre1

    See https://github.com/ruby-git/ruby-git/releases/tag/v1.6.0.pre1

    ... (truncated)

    Commits
    • 546bc03 Release v1.11.0
    • 292087e Supress unneeded test output (#570)
    • 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
    • 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
    • c04d16e remove from maintainer (#567)
    • 291ca09 Address command line injection in Git::Lib#fetch
    • 521b8e7 Release v1.10.2 (#561)
    • c987a74 Add create-release, setup, and console dev scripts (#560)
    • 12e3d03 Store tempfile objects to prevent deletion during tests (#555)
    • 735b083 Release v1.10.1 (#553)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump rdoc from 4.2.0 to 6.3.2

    Bump rdoc from 4.2.0 to 6.3.2

    Bumps rdoc from 4.2.0 to 6.3.2.

    Changelog

    Sourced from rdoc's changelog.

    === 5.1.0 / 2017-02-24

    • Bug fixes

      • Fix an issue that rdoc fails when running on Windows with RUBYOPT=-U. PR #430 by Toshihiko Ichida
    • Minor enhancements

      • Parse ruby 2.1 def. PR #436 by Akira Matsuda.
      • Suppress warnings in eval. PR #440 by Nobuyoshi Nakada.

    === 5.0.0 / 2016-11-05

    • Major enhancements

      • Cleanup deprecated code targeted Ruby 1.8
    • Bug fixes

      • Ensure badge data is included in result of JsonIndex template.
      • Ensure items in the nil section are displayed in HTML output. Issue #399 by Daniel Svensson.
      • Parse rb_intern_const correctly in C. PR #381 by Sho Hashimoto.
      • Fix broken assets caused by #335 when serving ri. PR #360 by Alex Wood.
      • Don't try to parse svg files. Issue #350 by Sigurd Svela.
    • Minor enhancements

      • Improve class name expansion/resolution in ri. PR #400 by NARUSE, Yui
      • Improve performance of document generation. PR #397 by Yusuke Endoh.

    === 4.3.0 / 2016-11-04

    • Minor enhancements
      • Removed json dependency for Ruby 2.4.0
      • End to support Ruby 1.8.x

    === 4.2.2 / 2016-02-09

    • Bug fixes
      • Include lib/rdoc/generator/pot/* in built gem

    === 4.2.1 / 2015-12-22

    Commits
    • 3653bbc Bump version to 6.3.2
    • ee48295 Update rdoc.gemspec by adding lib/rdoc/markup/table.rb
    • 9307f93 Version 6.3.1
    • a7f5d6a Use File.open to fix the OS Command Injection vulnerability in CVE-2021-31799
    • 06112d5 Merge pull request #806 from kamipo/patch-1
    • bf7e134 Fix typo Genrate -> Generate
    • 9a3c1f1 Don't need to install bundler manually
    • 39f9802 Use stable version of actions/checkout
    • 2fdfbfe Merge pull request #803 from olleolleolle/patch-1
    • f7145b8 CI: Use jruby-9.2.17.0
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump rack from 1.5.2 to 2.2.3

    Bump rack from 1.5.2 to 2.2.3

    Bumps rack from 1.5.2 to 2.2.3.

    Changelog

    Sourced from rack's changelog.

    Changelog

    All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference Keep A Changelog.

    [3.0.0] - Unreleased

    Changed

    • BREAKING CHANGE: Require status to be an Integer. (#1662, @olleolleolle)
    • Relax validations around Rack::Request#host and Rack::Request#hostname. (#1606, @pvande)
    • Removed antiquated handlers: FCGI, LSWS, SCGI, Thin. (#1658, @ioquatix)
    • Removed options from Rack::Builder.parse_file and Rack::Builder.load_file. (#1663, @ioquatix)

    Fixed

    • Fix using Rack::Session::Cookie with coder: Rack::Session::Cookie::Base64::{JSON,Zip}. (#1666, @jeremyevans)
    • Avoid NoMethodError when accessing Rack::Session::Cookie without requiring delegate first. (#1610, @onigra)
    • Handle cookies with values that end in '=' (#1645, @lukaso)

    [2.2.2] - 2020-02-11

    Fixed

    • Fix incorrect Rack::Request#host value. (#1591, @ioquatix)
    • Revert Rack::Handler::Thin implementation. (#1583, @jeremyevans)
    • Double assignment is still needed to prevent an "unused variable" warning. (#1589, @kamipo)
    • Fix to handle same_site option for session pool. (#1587, @kamipo)

    [2.2.1] - 2020-02-09

    Fixed

    • Rework Rack::Request#ip to handle empty forwarded_for. (#1577, @ioquatix)

    [2.2.0] - 2020-02-08

    SPEC Changes

    • rack.session request environment entry must respond to to_hash and return unfrozen Hash. (@jeremyevans)
    • Request environment cannot be frozen. (@jeremyevans)
    • CGI values in the request environment with non-ASCII characters must use ASCII-8BIT encoding. (@jeremyevans)
    • Improve SPEC/lint relating to SERVER_NAME, SERVER_PORT and HTTP_HOST. (#1561, @ioquatix)

    Added

    • rackup supports multiple -r options and will require all arguments. (@jeremyevans)
    • Server supports an array of paths to require for the :require option. (@khotta)
    • Files supports multipart range requests. (@fatkodima)
    • Multipart::UploadedFile supports an IO-like object instead of using the filesystem, using :filename and :io options. (@jeremyevans)
    • Multipart::UploadedFile supports keyword arguments :path, :content_type, and :binary in addition to positional arguments. (@jeremyevans)
    Commits
    • 1741c58 bump version
    • 5ccca47 When parsing cookies, only decode the values
    • a5e80f0 Bump version.
    • b0de37d Remove trailing whitespace.
    • 1a784e5 Prepare CHANGELOG for next patch release.
    • a0d57d4 Fix to handle same_site option for session pool
    • a9b223b Ensure full match. Fixes #1590.
    • f4c5645 Double assignment is still needed to prevent an "unused variable" warning
    • 5c121dd Revert "Update Thin handler to better handle more options"
    • 961d976 Prepare point release.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Owner
Thomas
Thomas
Ruby Gem for Rails - Easy iTunes In-App Purchase Receipt validation, including auto-renewable subscriptions

Monza is a ruby gem that makes In-App Purchase receipt and Auto-Renewable subscription validation easy. You should always validate receipts on the ser

Gabriel 159 Jan 7, 2023
Ios-card-transition - iOS CocoaPod to create beautiful card transitions

CSCardTransition CSCardTransition is a small library allowing you to create wond

Creastel 12 Oct 31, 2022
CreditCardForm is iOS framework that allows developers to create the UI which replicates an actual Credit Card.

CreditCardForm CreditCardForm is iOS framework that allows developers to create the UI which replicates an actual Credit Card. Fixed typo use CreditCa

Orazz 1.4k Dec 15, 2022
A Swift script to create a list of links to release notes for package updates.

spi-release-notes release-notes is a Swift script that creates a list of links to release notes for package updates. Running release-notes performs a

Swift Package Index 14 Jul 20, 2022
Card Decks is a small utility application for your iPhone, iPod touch and iPad which brings you simple, configurable, colored, multi-line text cards that are grouped into card decks

Card Decks is a small utility application for your iPhone, iPod touch and iPad which brings you simple, configurable, colored, multi-line text cards that are grouped into card decks.

Arne Harren 40 Nov 24, 2022
Easy to use iOS library with components for input of Credit Card data.

AnimatedCardInput This library allows you to drop into your project two easily customisable, animated components that will make input of Credit Card i

Netguru 39 Oct 16, 2022
A Payment Card UI & Validator for iOS

Description Caishen provides an easy-to-use text field to ask users for payment card information and to validate the input. It serves a similar purpos

Prolific Interactive 766 Dec 28, 2022
Easily integrate Credit Card payments module in iOS App. Swift 4.0

MFCard Buy me a coffee MFCard is an awesome looking Credit Card input & validation control. Written in Swift 3. YOoo, Now MFCard is on Swift 5. Swift

MobileFirst 362 Nov 29, 2022
A credit card reader and parser for iOS Using Native Vision/VisionKit

card-reader-ios A credit card reader and parser for iOS Using Native Vision/VisionKit May-14-2021.00-43-17.mp4 Instructions Hold camera up to a card a

Khalid Asad 104 Dec 15, 2022
In-app purchases and subscriptions made easy. Support for iOS, iPadOS, watchOS, and Mac.

In-app purchases and subscriptions made easy. Support for iOS, iPadOS, watchOS, and Mac.

RevenueCat 1.6k Jan 6, 2023
Lightweight In App Purchases Swift framework for iOS 8.0+, tvOS 9.0+ and macOS 10.10+ ⛺

SwiftyStoreKit is a lightweight In App Purchases framework for iOS, tvOS, watchOS, macOS, and Mac Catalyst. Features Super easy-to-use block-based API

Andrea Bizzotto 6.1k Jan 7, 2023
Make and accept payments in your iOS app via Venmo

Venmo iOS SDK The Venmo iOS SDK lets you make and accept payments in your app using Venmo. Installation If you're using CocoaPods: If you don't have a

Venmo 170 Dec 26, 2022
In App Purchase Manager framework for iOS

InAppFramework In App Purchase Manager framework for iOS Disclaimer I know it's been too long since the last update, quite a few things happened in my

Sándor Gyulai 40 May 23, 2020
Accept credit cards and PayPal in your iOS app

Important: PayPal Mobile SDKs are Deprecated. The APIs powering them will remain operational long enough for merchants to migrate, but the SDKs themse

PayPal 973 Dec 18, 2022
A lightweight iOS library for In-App Purchases

#RMStore A lightweight iOS library for In-App Purchases. RMStore adds blocks and notifications to StoreKit, plus receipt verification, content downloa

Robot Media 2.4k Dec 19, 2022
A modern In-App Purchases management framework for iOS.

MerchantKit A modern In-App Purchases management framework for iOS developers. MerchantKit dramatically simplifies the work indie developers have to d

Benjamin Mayo 1.1k Dec 17, 2022
Easy, drop-in tip jar for iOS apps.

Installation TipJarViewController is available through CocoaPods. To install it, simply add the following line to your Podfile: pod 'TipJarViewControl

Lionheart Software 79 Apr 27, 2022
Demonstrates how to integrate Stripe Subscriptions on iOS

Stripe Subscriptions with iOS This example app demonstrates how to integrate Stripe subscriptions with the prebuilt payment UI Requirements Create an

Conjure 0 Nov 26, 2021
Integrate Ios framework with anther framework

Puppy Paradise This project is a sample usage of my AOModalStatusView framework. When running, this application will show pictures of puppies and prov

null 0 Dec 10, 2021