All Versions
35
Latest Version
Avg Release Cycle
179 days
Latest Release
1939 days ago
Changelog History
Page 1
Changelog History
Page 1
-
v2.1.0 Changes
August 21, 2019- ➕ Add a dependency on http-accept for parsing Content-Type charset headers. This works around a bad memory leak introduced in MRI Ruby 2.4.0 and fixed in Ruby 2.4.2. (#615)
- 👉 Use mime/types/columnar from mime-types 2.6.1+, which is leaner in memory usage than the older storage model of mime-types. (#393)
- ➕ Add
:log
option to individual requests. This allows users to set a log on a per-request / per-resource basis instead of the kludgy global log. (#538) - 🌲 Log request duration by tracking request start and end times. Make
log_response
a method on the Response object, and ensure thesize
method works on RawResponse objects. (#126)# => 200 OK | text/html 1270 bytes, 0.08s
- Also add a new
:stream_log_percent
parameter, which is applicable only when:raw_response => true
is set. This causes progress logs to be emitted only on every N% (default 10%) of the total download size rather than on every chunk.
- ⬇️ Drop custom handling of compression and use built-in Net::HTTP support for
supported Content-Encodings like gzip and deflate. Don't set any explicit
Accept-Encoding
header, rely instead on Net::HTTP defaults. (#597)- Note: this changes behavior for compressed responses when using
:raw_response => true
. Previously the raw response would not have been uncompressed by rest-client, but now Net::HTTP will uncompress it.
- Note: this changes behavior for compressed responses when using
- The previous fix to avoid having Netrc username/password override an Authorization header was case-sensitive and incomplete. Fix this by respecting existing Authorization headers, regardless of letter case. (#550)
- 🛰 Handle ParamsArray payloads. Previously, rest-client would silently drop a ParamsArray passed as the payload. Instead, automatically use Payload::Multipart if the ParamsArray contains a file handle, or use Payload::UrlEncoded if it doesn't. (#508)
- 🛰 Gracefully handle Payload objects (Payload::Base or subclasses) that are
passed as a payload argument. Previously,
Payload.generate
would wrap a Payload object in Payload::Streamed, creating a pointlessly nested payload. Also add aclosed?
method to Payload objects, and don't error inshort_inspect
ifsize
returns nil. (#603) - ✅ Test with an image in the public domain to avoid licensing complexity. (#607)
-
v2.1.0.rc1 Changes
July 05, 2017- ➕ Add a dependency on http-accept for parsing Content-Type charset headers. This works around a bad memory leak introduced in Ruby 2.4.x (the leak is probably a bug in MRI). (#615)
- 👉 Use mime/types/columnar from mime-types 2.6.1+, which is leaner in memory usage than the older storage model of mime-types. (#393)
- ➕ Add
:log
option to individual requests. This allows users to set a log on a per-request / per-resource basis instead of the kludgy global log. (#538) - 🌲 Log request duration by tracking request start and end times. Make
log_response
a method on the Response object, and ensure thesize
method works on RawResponse objects. (#126)# => 200 OK | text/html 1270 bytes, 0.08s
- ⬇️ Drop custom handling of compression and use built-in Net::HTTP support for
supported Content-Encodings like gzip and deflate. Don't set any explicit
Accept-Encoding
header, rely instead on Net::HTTP defaults. (#597)- Note: this changes behavior for compressed responses when using
:raw_response => true
. Previously the raw response would not have been uncompressed by rest-client, but now Net::HTTP will uncompress it.
- Note: this changes behavior for compressed responses when using
- The previous fix to avoid having Netrc username/password override an Authorization header was case-sensitive and incomplete. Fix this by respecting existing Authorization headers, regardless of letter case. (#550)
- 🛰 Handle ParamsArray payloads. Previously, rest-client would silently drop a ParamsArray passed as the payload. Instead, automatically use Payload::Multipart if the ParamsArray contains a file handle, or use Payload::UrlEncoded if it doesn't. (#508)
- 🛰 Gracefully handle Payload objects (Payload::Base or subclasses) that are
passed as a payload argument. Previously,
Payload.generate
would wrap a Payload object in Payload::Streamed, creating a pointlessly nested payload. Also add aclosed?
method to Payload objects, and don't error inshort_inspect
ifsize
returns nil. (#603) - ✅ Test with an image in the public domain to avoid licensing complexity. (#607)
-
v2.0.2 Changes
April 23, 2017- ⚠ Suppress the header override warning introduced in 2.0.1 if the value is the same. There's no conflict if the value is unchanged. (#578)
-
v2.0.1 Changes
February 19, 2017- 🛰 Warn if auto-generated headers from the payload, such as Content-Type, override headers set by the user. This is usually not what the user wants to happen, and can be surprising. (#554)
- ⬇️ Drop the old check for weak default TLS ciphers, and use the built-in Ruby defaults. Ruby versions from Oct. 2014 onward use sane defaults, so this is no longer needed. (#573)
-
v2.0.0 Changes
July 02, 2016🚀 This release is largely API compatible, but makes several breaking changes.
- ⬇️ Drop support for Ruby 1.9
- 👍 Allow mime-types as new as 3.x (requires ruby 2.0)
- Respect Content-Type charset header provided by server. Previously,
rest-client would not override the string encoding chosen by Net::HTTP. Now
responses that specify a charset will yield a body string in that encoding.
For example,
Content-Type: text/plain; charset=EUC-JP
will return a String encoded withEncoding::EUC_JP
. (#361) - 🔄 Change exceptions raised on request timeout. Instead of
RestClient::RequestTimeout
(which is still used for HTTP 408), network timeouts will now raise eitherRestClient::Exceptions::ReadTimeout
orRestClient::Exceptions::OpenTimeout
, both of which inherit fromRestClient::Exceptions::Timeout
. For backwards compatibility, this still inherits fromRestClient::RequestTimeout
so existing uses will still work. This may change in a future major release. These new timeout classes also make the original wrapped exception available as#original_exception
. - Unify request exceptions under
RestClient::RequestFailed
, which still inherits fromExceptionWithResponse
. Previously, HTTP 304, 401, and 404 inherited directly fromExceptionWithResponse
rather than fromRequestFailed
. Now all HTTP status code exceptions inherit from both. - ⏱ Rename the
:timeout
request option to:read_timeout
. When:timeout
is passed, now set both:read_timeout
and:open_timeout
. - Change default HTTP Accept header to
*/*
- 0️⃣ Use a more descriptive User-Agent header by default
- ⬇️ Drop RC4-MD5 from default cipher list
- Only prepend http:// to URIs without a scheme
- 🛠 Fix some support for using IPv6 addresses in URLs (still affected by Ruby 2.0+ bug https://bugs.ruby-lang.org/issues/9129, with the fix expected to be backported to 2.0 and 2.1)
Response
objects are now a subclass ofString
rather than aString
that mixes in the response functionality. Most of the methods remain unchanged, but this makes it much easier to understand what is happening when you look at a RestClient response object. There are a few additional changes:- Response objects now implement
.inspect
to make this distinction clearer. Response#to_i
will now behave likeString#to_i
instead of returning the HTTP response code, which was very surprising behavior.Response#body
and#to_s
will now return a trueString
object rather than self. Previously there was no easy way to get the trueString
response instead of the Frankenstein response string object with AbstractResponse mixed in.- Response objects no longer accept an extra request args hash, but instead access request args directly from the request object, which reduces confusion and duplication.
- Response objects now implement
- 🖐 Handle multiple HTTP response headers with the same name (except for Set-Cookie, which is special) by joining the values with a comma space, compliant with RFC 7230
- 👍 Rewrite cookie support to be much smarter and to use cookie jars consistently
for requests, responses, and redirection in order to resolve long-standing
complaints about the previously broken behavior: (#498)
- The
:cookies
option may now be a Hash of Strings, an Array of HTTP::Cookie objects, or a full HTTP::CookieJar. - Add
RestClient::Request#cookie_jar
and reimplementRequest#cookies
to be a wrapper around the cookie jar. - Still support passing the
:cookies
option in the headers hash, but now raise ArgumentError if that option is also passed toRequest#initialize
. - Warn if both
:cookies
and aCookie
header are supplied. - Use the
Request#cookie_jar
as the basis forResponse#cookie_jar
, creating a copy of the jar and adding any newly received cookies. - When following redirection, also use this same strategy so that cookies from the original request are carried through in a standards-compliant way by the cookie jar.
- The
- Don't set basic auth header if explicit
Authorization
header is specified - ➕ Add
:proxy
option to requests, which can be used for thread-safe per-request proxy configuration, overridingRestClient.proxy
- 👍 Allow overriding
ENV['http_proxy']
to disable proxies by settingRestClient.proxy
to a falsey value. Previously there was no way in Ruby 2.x to turn off a proxy specified in the environment without changingENV
. - ➕ Add actual support for streaming request payloads. Previously rest-client
would call
.to_s
even on RestClient::Payload::Streamed objects. Instead, treat any object that responds to.read
as a streaming payload and pass it through to.body_stream=
on the Net:HTTP object. This massively reduces the memory required for large file uploads. - 🔄 Changes to redirection behavior: (#381, #484)
- Remove
RestClient::MaxRedirectsReached
in favor of the normalExceptionWithResponse
subclasses. This makes the response accessible on the exception object as.response
, making it possible for callers to tell what has actually happened when the redirect limit is reached. - When following HTTP redirection, store a list of each previous response on
the response object as
.history
. This makes it possible to access the original response headers and body before the redirection was followed. - Follow redirection consistently, regardless of whether the HTTP method was passed as a symbol or string. Under the hood rest-client now normalizes the HTTP request method to a lowercase string.
- Remove
- Add
:before_execution_proc
option toRestClient::Request
. This makes it possible to add procs likeRestClient.add_before_execution_proc
to a single request without global state. - ✅ Run tests on Travis's beta OS X support.
- 👉 Make
Request#transmit
a private method, along with a few others. - 🔨 Refactor URI parsing to happen earlier, in Request initialization.
- 👌 Improve consistency and functionality of complex URL parameter handling:
- When adding URL params, handle URLs that already contain params.
- Add new convention for handling URL params containing deeply nested arrays and hashes, unify handling of null/empty values, and use the same code for GET and POST params. (#437)
- Add the RestClient::ParamsArray class, a simple array-like container that can be used to pass multiple keys with same name or keys where the ordering is significant.
- ➕ Add a few more exception classes for obscure HTTP status codes.
- Multipart: use a much more robust multipart boundary with greater entropy.
- 🛰 Make
RestClient::Payload::Base#inspect
stop pretending to be a String. - Add
Request#redacted_uri
andRequest#redacted_url
to display the URI with any password redacted.
-
v2.0.0.rc4
June 19, 2016 -
v2.0.0.rc3
June 06, 2016 -
v2.0.0.rc2
September 13, 2015 -
v2.0.0.rc1 Changes
June 10, 2015🚀 Changes in the release candidate that did not persist through the final 2.0.0 🚀 release:
- ⏱ RestClient::Exceptions::Timeout was originally going to be a direct subclass of RestClient::Exception in the release candidate. This exception tree was made a subclass of RestClient::RequestTimeout prior to the final release.
-
v1.8.0 Changes
March 24, 2015- 🔒 Security: implement standards compliant cookie handling by adding a dependency on http-cookie. This breaks compatibility, but was necessary to address a session fixation / cookie disclosure vulnerability. (#369 / CVE-2015-1820)
Previously, any Set-Cookie headers found in an HTTP 30x response would be sent to the redirection target, regardless of domain. Responses now expose a cookie jar and respect standards compliant domain / path flags in Set-Cookie headers.