Support for Ruby 3.0 and above. Drop ruby 2.6 and 2.7 support.
At startup, OCRAN no longer automatically removes directories that were previously deployed but couldn't be deleted. This change has been made to enhance security by preventing processes other than the startup process from manipulating temporary files created by them.
The ability for the stub to launch any script during the unpacking of application files has been removed. This feature was not in use.
The exit code from the Ruby application is now returned when the stub is terminated.
The packed data no longer contains redundant directory information.
Fixed errors in the --debug option.
Upgraded LZMA decoder to version 22.01
The directory generation for file extraction has been changed to use unique directory names created with high-resolution timestamps. Additionally, a retry limit for directory creation has been introduced, reducing the risk of infinite loops due to name collisions.
Implemented variable-length buffer handling for path strings in stub, eliminating the risk of buffer overruns dependent on MAX_PATH.
In order to reduce security risks during the cleanup process before application termination, we have implemented a safe current directory change from the system directory and the root of the C drive to the user's temporary directory and the directory of the app executable.
The 'stub' executable has been enhanced for security, ensuring it prevents directory traversal attacks by verifying that path elements do not contain relative notations like '.' or '..'.
Removed OcranBuilder and split functionality into StubBuilder and InnoSetupBuilder to introduce delayed loading and improve resource efficiency.
InnoSetup installer now operates independently of stub, launching through its own batch file.
Moved LibraryDetector to a separate file for modularity and implemented delayed loading with standardized Fiddle usage.
Update Bundler from 2.4.13 to 2.5.10.
Fixed issue where the gem.build_complete file was not included in the package due to an incorrect change.
Changed error output from standard output to standard error (stderr).
ocransa (Ocran-stand-alone) has been discontinued.
The implementation of bin/ocran.rb has been refactored and split into multiple files. These files have been relocated to the lib directory.
Support for Ruby 3.0 and above. Drop ruby 2.6 and 2.7 support.
At startup, OCRAN no longer automatically removes directories that were previously deployed but couldn't be deleted. This change has been made to enhance security by preventing processes other than the startup process from manipulating temporary files created by them.
The ability for the stub to launch any script during the unpacking of application files has been removed. This feature was not in use.
The exit code from the Ruby application is now returned when the stub is terminated.
The packed data no longer contains redundant directory information.
Fixed errors in the --debug option.
Upgraded LZMA decoder to version 22.01
The directory generation for file extraction has been changed to use unique directory names created with high-resolution timestamps. Additionally, a retry limit for directory creation has been introduced, reducing the risk of infinite loops due to name collisions.
Implemented variable-length buffer handling for path strings in stub, eliminating the risk of buffer overruns dependent on MAX_PATH.
In order to reduce security risks during the cleanup process before application termination, we have implemented a safe current directory change from the system directory and the root of the C drive to the user's temporary directory and the directory of the app executable.
The 'stub' executable has been enhanced for security, ensuring it prevents directory traversal attacks by verifying that path elements do not contain relative notations like '.' or '..'.
Removed OcranBuilder and split functionality into StubBuilder and InnoSetupBuilder to introduce delayed loading and improve resource efficiency.
InnoSetup installer now operates independently of stub, launching through its own batch file.
Moved LibraryDetector to a separate file for modularity and implemented delayed loading with standardized Fiddle usage.
Update Bundler from 2.4.13 to 2.5.10.
Fixed issue where the gem.build_complete file was not included in the package due to an incorrect change.
Changed error output from standard output to standard error (stderr).
ocransa (Ocran-stand-alone) has been discontinued.
The implementation of bin/ocran.rb has been refactored and split into multiple files. These files have been relocated to the lib directory.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps ocran from 1.3.15 to 1.3.16.
Release notes
Sourced from ocran's releases.
Changelog
Sourced from ocran's changelog.
Commits
201f51aVERSION 1.3.166d7710fRefactor with_env methodcfb6d22Make DefaultArgs definition atomic and freeze its valuesda4a354Replace custom test directory creation with Dir.mktmpdir492498eRemove unused variable@testnum7921db1Remove commented-out code1175467update changelog5daa1bdImplement bin/ocran.rb as a command and remove library guard conditions55960ccAutoload VERSION to resolve library loading issues on different Windows drivesb885e07Move Ocran module definition from bin/ocran.rb to lib/ocran.rbDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show