Browse Source

Bump rack-attack from 5.4.2 to 6.0.0 (#10599)

* Bump rack-attack from 5.4.2 to 6.0.0

Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.4.2 to 6.0.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v5.4.2...v6.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* fix payload[:request]
dependabot[bot] 4 months ago
parent
commit
ecbea2e3c6
3 changed files with 6 additions and 4 deletions
  1. 1
    1
      Gemfile
  2. 2
    2
      Gemfile.lock
  3. 3
    1
      config/initializers/rack_attack_logging.rb

+ 1
- 1
Gemfile View File

@@ -66,7 +66,7 @@ gem 'ox', '~> 2.10'
66 66
 gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
67 67
 gem 'pundit', '~> 2.0'
68 68
 gem 'premailer-rails'
69
-gem 'rack-attack', '~> 5.4'
69
+gem 'rack-attack', '~> 6.0'
70 70
 gem 'rack-cors', '~> 1.0', require: 'rack/cors'
71 71
 gem 'rails-i18n', '~> 5.1'
72 72
 gem 'rails-settings-cached', '~> 0.6'

+ 2
- 2
Gemfile.lock View File

@@ -426,7 +426,7 @@ GEM
426 426
       activesupport (>= 3.0.0)
427 427
     raabro (1.1.6)
428 428
     rack (2.0.7)
429
-    rack-attack (5.4.2)
429
+    rack-attack (6.0.0)
430 430
       rack (>= 1.0, < 3)
431 431
     rack-cors (1.0.3)
432 432
     rack-protection (2.0.5)
@@ -735,7 +735,7 @@ DEPENDENCIES
735 735
   pry-rails (~> 0.3)
736 736
   puma (~> 3.12)
737 737
   pundit (~> 2.0)
738
-  rack-attack (~> 5.4)
738
+  rack-attack (~> 6.0)
739 739
   rack-cors (~> 1.0)
740 740
   rails (~> 5.2.3)
741 741
   rails-controller-testing (~> 1.0)

+ 3
- 1
config/initializers/rack_attack_logging.rb View File

@@ -1,4 +1,6 @@
1
-ActiveSupport::Notifications.subscribe('rack.attack') do |_name, _start, _finish, _request_id, req|
1
+ActiveSupport::Notifications.subscribe(/rack_attack/) do |_name, _start, _finish, _request_id, payload|
2
+  req = payload[:request]
3
+
2 4
   next unless [:throttle, :blacklist].include? req.env['rack.attack.match_type']
3 5
   Rails.logger.info("Rate limit hit (#{req.env['rack.attack.match_type']}): #{req.ip} #{req.request_method} #{req.fullpath}")
4 6
 end

Loading…
Cancel
Save