release: 3.7.3

gems: update rubocop to version 1.41.0
gems: update solargraph to version 0.48.0
2025-08-08 08:33:56 +02:00 · 2022-12-29 22:26:24 +01:00 · 2022-12-21 14:30:51 +01:00 · 2022-12-20 12:28:56 +01:00 · 2022-12-14 14:35:18 +01:00 · 2022-12-09 22:25:23 +01:00
8 changed files with 66 additions and 16 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,41 @@
 # Changelog

+## 3.7.3 (December 29th, 2022)
+
+OTHER:
+
+- update base of Docker image to Alpine 3.17.0 (from 3.16.2 before)
+
+## 3.7.2 (November 10th, 2022)
+
+OTHER:
+
+- re-release 3.7.1 to rebuild Docker image with security vulnerabilities fixes
+
+## 3.7.1 (September 20th, 2022)
+
+IMPROVEMENTS:
+
+- fix [TypeError](https://github.com/cmur2/dyndnsd/issues/205) when user has no hosts configured
+
+## 3.7.0 (September 16th, 2022)
+
+IMPROVEMENTS:
+
+- Update to Rack 3
+
+## 3.6.2 (August 11th, 2022)
+
+OTHER:
+
+- update base of Docker image to Alpine 3.16.2 (from 3.16.1 before)
+
+## 3.6.1 (July 21st, 2022)
+
+OTHER:
+
+- update base of Docker image to Alpine 3.16.1 (from 3.16.0 before)
+
 ## 3.6.0 (June 2nd, 2022)

 IMPROVEMENTS:
--- a/4
+++ b/4
@@ -22,10 +22,10 @@ namespace :solargraph do
 end

 # renovate: datasource=github-tags depName=hadolint/hadolint
-hadolint_version = 'v2.10.0'
+hadolint_version = 'v2.12.0'

 # renovate: datasource=github-tags depName=aquasecurity/trivy
-trivy_version = 'v0.28.1'
+trivy_version = 'v0.35.0'

 namespace :docker do
  ci_image = 'cmur2/dyndnsd:ci'
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.16.0
+FROM alpine:3.17.0

 EXPOSE 5353 8080

--- a/docker/ci/Dockerfile
+++ b/docker/ci/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.16.0
+FROM alpine:3.17.0

 EXPOSE 5353 8080

--- a/dyndnsd.gemspec
+++ b/dyndnsd.gemspec
@@ -30,10 +30,11 @@ Gem::Specification.new do |s|
  s.add_runtime_dependency 'async', '~> 1.30.0'
  s.add_runtime_dependency 'async-dns', '~> 1.3.0'
  s.add_runtime_dependency 'metriks'
-  s.add_runtime_dependency 'opentelemetry-exporter-jaeger', '~> 0.20.0'
-  s.add_runtime_dependency 'opentelemetry-instrumentation-rack', '~> 0.20.0'
-  s.add_runtime_dependency 'opentelemetry-sdk', '~> 1.0.0.rc2'
-  s.add_runtime_dependency 'rack', '~> 2.0'
+  s.add_runtime_dependency 'opentelemetry-exporter-jaeger', '~> 0.22.0'
+  s.add_runtime_dependency 'opentelemetry-instrumentation-rack', '~> 0.22.0'
+  s.add_runtime_dependency 'opentelemetry-sdk', '~> 1.2.0'
+  s.add_runtime_dependency 'rack', '~> 3.0'
+  s.add_runtime_dependency 'rackup'
  s.add_runtime_dependency 'webrick', '>= 1.6.1'

  s.add_development_dependency 'bundler'
@@ -41,8 +42,8 @@ Gem::Specification.new do |s|
  s.add_development_dependency 'rack-test'
  s.add_development_dependency 'rake'
  s.add_development_dependency 'rspec'
-  s.add_development_dependency 'rubocop', '~> 1.30.0'
+  s.add_development_dependency 'rubocop', '~> 1.41.0'
  s.add_development_dependency 'rubocop-rake', '~> 0.6.0'
-  s.add_development_dependency 'rubocop-rspec', '~> 2.11.1'
-  s.add_development_dependency 'solargraph', '~> 0.45.0'
+  s.add_development_dependency 'rubocop-rspec', '~> 2.16.0'
+  s.add_development_dependency 'solargraph', '~> 0.48.0'
 end
--- a/lib/dyndnsd.rb
+++ b/lib/dyndnsd.rb
@@ -7,6 +7,7 @@ require 'ipaddr'
 require 'json'
 require 'yaml'
 require 'rack'
+require 'rackup'
 require 'metriks'
 require 'opentelemetry/instrumentation/rack'
 require 'opentelemetry/sdk'
@@ -214,10 +215,11 @@ module Dyndnsd
      invalid_hostnames = hostnames.select { |h| !Helper.fqdn_valid?(h, @domain) }
      return [422, {'X-DynDNS-Response' => 'hostname_malformed'}, []] if invalid_hostnames.any?

+      # we can trust this information since user was authorized by middleware
      user = env['REMOTE_USER']

      # check for hostnames that the user does not own
-      forbidden_hostnames = hostnames - @users[user]['hosts']
+      forbidden_hostnames = hostnames - @users[user].fetch('hosts', [])
      return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?

      if params['offline'] == 'YES'
@@ -259,10 +261,10 @@ module Dyndnsd
    # @return [void]
    private_class_method def self.setup_traps
      Signal.trap('INT') do
-        Rack::Handler::WEBrick.shutdown
+        Rackup::Handler::WEBrick.shutdown
      end
      Signal.trap('TERM') do
-        Rack::Handler::WEBrick.shutdown
+        Rackup::Handler::WEBrick.shutdown
      end
    end

@@ -350,7 +352,7 @@ module Dyndnsd

      app = OpenTelemetry::Instrumentation::Rack::Middlewares::TracerMiddleware.new(app)

-      Rack::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
+      Rackup::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
    end
  end
 end
--- a/lib/dyndnsd/version.rb
+++ b/lib/dyndnsd/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true

 module Dyndnsd
-  VERSION = '3.6.0'
+  VERSION = '3.7.3'
 end
--- a/spec/dyndnsd/daemon_spec.rb
+++ b/spec/dyndnsd/daemon_spec.rb
@@ -15,6 +15,9 @@ describe Dyndnsd::Daemon do
        'test' => {
          'password' => 'secret',
          'hosts' => ['foo.example.org', 'bar.example.org']
+        },
+        'test2' => {
+          'password' => 'ihavenohosts'
        }
      }
    }
@@ -99,6 +102,14 @@ describe Dyndnsd::Daemon do
    expect(last_response.body).to eq('notfqdn')
  end

+  it 'rejects request if user does not own any hostnames' do
+    authorize 'test2', 'ihavenohosts'
+
+    get '/nic/update?hostname=doesnotexisthost.example.org'
+    expect(last_response).to be_ok
+    expect(last_response.body).to eq('nohost')
+  end
+
  it 'rejects request if user does not own one hostname' do
    authorize 'test', 'secret'
Author	SHA1	Message	Date
cn	65f8dbb21b	release: 3.7.3	2022-12-29 22:26:24 +01:00
depfu[bot]	6b6f6cf3a4	gems: update rubocop to version 1.41.0	2022-12-21 14:30:51 +01:00
depfu[bot]	9af4f03013	gems: update solargraph to version 0.48.0	2022-12-20 12:28:56 +01:00
depfu[bot]	b77c3b0996	gems: update rubocop-rspec to version 2.16.0	2022-12-14 14:35:18 +01:00
depfu[bot]	600cbeb453	gems: update rubocop to version 1.40.0	2022-12-09 22:25:23 +01:00
renovate[bot]	b2d369cc4c	project: update aquasecurity/trivy to v0.35.0	2022-12-01 09:24:27 +01:00
renovate[bot]	31e73c7c4a	docker: update alpine Docker tag to v3.17.0	2022-11-24 09:47:17 +01:00
depfu[bot]	52874542a7	gems: update opentelemetry-instrumentation-rack to version 0.22.0	2022-11-17 22:57:42 +01:00
renovate[bot]	1daf68376d	docker: update alpine Docker tag to v3.16.3	2022-11-17 09:08:46 +01:00
depfu[bot]	b5f5fa9105	gems: update rubocop to version 1.39.0	2022-11-15 10:20:14 +01:00
Christian Nicolai	ea1d4baa04	release: 3.7.2	2022-11-10 09:25:44 +01:00
renovate[bot]	944d3fbc5d	project: update hadolint/hadolint to v2.12.0	2022-11-10 09:19:01 +01:00
depfu[bot]	78721c5b15	gems: update rubocop-rspec to version 2.15.0	2022-11-04 23:39:37 +01:00
renovate[bot]	fce992b842	project: update aquasecurity/trivy to v0.34.0	2022-11-03 09:06:33 +01:00
depfu[bot]	a2a51d63ac	gems: update rubocop to version 1.38.0	2022-11-02 10:58:46 +01:00
renovate[bot]	b19213d099	project: update aquasecurity/trivy to v0.33.0	2022-10-27 11:36:41 +02:00
depfu[bot]	ede79802d3	gems: update rubocop-rspec to version 2.14.1	2022-10-25 11:53:34 +02:00
depfu[bot]	d4483b02a2	gems: update rubocop to version 1.37.0	2022-10-21 12:49:15 +02:00
renovate[bot]	1fbad10a24	project: update aquasecurity/trivy to v0.32.1	2022-09-29 08:38:24 +02:00
depfu[bot]	da28c76a68	gems: update solargraph to version 0.47.0	2022-09-26 21:23:25 +02:00
renovate[bot]	e5c66824ab	project: update aquasecurity/trivy to v0.32.0	2022-09-22 09:40:17 +02:00
cn	3d787a46ea	release: 3.7.1	2022-09-20 19:35:55 +02:00
cn	3a5b1bcb27	gem: allow config to contain users without any hosts	2022-09-20 19:31:46 +02:00
Christian Nicolai	d066b3ecee	gems: update opentelemetry	2022-09-16 07:12:10 +02:00
Christian Nicolai	71b0fda5ee	release: 3.7.0	2022-09-16 06:43:59 +02:00
cn	b1e948a2dc	docs: mention Rack 3 update in changelog	2022-09-15 21:41:44 +02:00
depfu[bot]	e22035919b	gems: update rack to version 3.0.0	2022-09-15 21:36:55 +02:00
depfu[bot]	1ffd1de964	gems: update rubocop-rspec to version 2.13.1	2022-09-13 21:03:37 +02:00
depfu[bot]	39c7dc7837	gems: update rubocop to version 1.36.0	2022-09-02 12:35:48 +02:00
renovate[bot]	7528e8084e	project: update aquasecurity/trivy to v0.31.3	2022-09-01 09:44:35 +02:00
depfu[bot]	343a56a6ba	gems: update solargraph to version 0.46.0	2022-08-23 15:10:08 +02:00
renovate[bot]	6111edc067	project: update aquasecurity/trivy to v0.31.2	2022-08-18 08:29:37 +02:00
depfu[bot]	0e0d9dfc86	gems: update rubocop to version 1.35.0	2022-08-13 19:24:50 +02:00
cn	fadaf4840c	release: 3.6.2	2022-08-11 19:13:03 +02:00
renovate[bot]	9281e6958b	docker: update alpine Docker tag to v3.16.2	2022-08-11 09:32:38 +02:00
depfu[bot]	ec1e836a89	gems: update rubocop to version 1.34.1	2022-08-10 16:35:01 +02:00
depfu[bot]	d80268c1b8	gems: update rubocop to version 1.33.0	2022-08-05 14:09:39 +02:00
renovate[bot]	d04e039b2a	project: update aquasecurity/trivy to v0.30.4	2022-07-28 09:05:18 +02:00
depfu[bot]	c14618c503	gems: update rubocop to version 1.32.0	2022-07-22 15:49:52 +02:00
Christian Nicolai	0e700e8b7b	release: 3.6.1	2022-07-21 07:20:42 +02:00
depfu[bot]	d256c86420	gems: update opentelemetry-exporter-jaeger to version 0.21.0	2022-07-21 07:13:58 +02:00
renovate[bot]	a589148d9e	docker: update alpine to v3.16.1	2022-07-21 07:13:05 +02:00
renovate[bot]	232b3f32a2	project: update aquasecurity/trivy to v0.30.1	2022-07-21 07:12:52 +02:00
depfu[bot]	3c83eb4347	gems: update rubocop-rspec to version 2.12.0	2022-07-03 14:28:37 +02:00
depfu[bot]	800618f434	gems: update rubocop to version 1.31.0	2022-06-28 11:02:48 +02:00
renovate[bot]	1e61a12b48	project: update aquasecurity/trivy to v0.29.2	2022-06-23 08:12:04 +02:00