%{?scl:%scl_package rubygem-%{gem_name}}
%{!?scl:%global pkg_name %{name}}

# Generated from sprockets-2.4.5.gem by gem2rpm -*- rpm-spec -*-
%global gem_name sprockets

# Fallback to rh-nodejs4 rh-nodejs4-scldevel is probably not available in
# the buildroot.
%{?scl:%{!?scl_nodejs:%global scl_nodejs rh-nodejs4}}
%{?scl:%{!?scl_prefix_nodejs:%global scl_prefix_nodejs %{scl_nodejs}-}}

Name: %{?scl_prefix}rubygem-%{gem_name}
Version: 3.7.1
Release: 2%{?dist}
Summary: Rack-based asset packaging system
Group: Development/Languages
License: MIT
URL: https://github.com/rails/sprockets
Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem
# to get tests:
# git clone https://github.com/rails/sprockets.git && cd sprockets/
# git checkout v3.7.1 && tar czf sprockets-3.7.1-tests.tgz test/
Source1: sprockets-%{version}-tests.tgz

# Fix CVE-2018-3760: Path traversal in sprockets/server.rb:forbidden_request?()
# https://bugzilla.redhat.com/show_bug.cgi?id=1595901
# https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441
Patch0: rubygem-sprockets-3.7.2-CVE-2018-3760-Fix-Path-traversal-in-sprockets-server.patch
Patch1: rubygem-sprockets-3.7.2-CVE-2018-3760-Fix-Path-traversal-in-sprockets-server-tests.patch

Requires: %{?scl_prefix_ruby}ruby(release)
Requires: %{?scl_prefix_ruby}ruby(rubygems)
Requires: %{?scl_prefix}rubygem(concurrent-ruby)
Requires: %{?scl_prefix}rubygem(rack) > 1
Requires: %{?scl_prefix}rubygem(rack) < 3
BuildRequires: %{?scl_prefix_ruby}ruby(release)
BuildRequires: %{?scl_prefix_ruby}rubygems-devel
BuildRequires: %{?scl_prefix_ruby}ruby >= 1.9.3
BuildRequires: %{?scl_prefix}rubygem(concurrent-ruby)
BuildRequires: %{?scl_prefix}rubygem(coffee-script)
BuildRequires: %{?scl_prefix}rubygem(ejs)
BuildRequires: %{?scl_prefix}rubygem(execjs)
BuildRequires: %{?scl_prefix_ruby}rubygem(minitest)
BuildRequires: %{?scl_prefix}rubygem(nokogiri)
BuildRequires: %{?scl_prefix}rubygem(rack-test)
BuildRequires: %{?scl_prefix_ruby}rubygem(rake)
BuildRequires: %{?scl_prefix}rubygem(sass)
BuildRequires: %{?scl_prefix}rubygem(uglifier)
BuildArch: noarch
Provides: %{?scl_prefix}rubygem(%{gem_name}) = %{version}

# Explicitly require runtime subpackage, as long as older scl-utils do not generate it
%{?scl:Requires: %{?scl_prefix}runtime}

BuildRequires: %{?scl_prefix_nodejs}nodejs

%description
Sprockets is a Rack-based asset packaging system that concatenates and serves
JavaScript, CoffeeScript, CSS, LESS, Sass, and SCSS.

%package doc
Summary: Documentation for %{pkg_name}
Group: Documentation
Requires: %{?scl_prefix}%{pkg_name} = %{version}-%{release}
BuildArch: noarch

%description doc
Documentation for %{pkg_name}.

%prep
%setup -n %{pkg_name}-%{version} -q -c -T
%{?scl:scl enable %{scl} - << \EOF}
%gem_install -n %{SOURCE0}
%{?scl:EOF}

pushd .%{gem_instdir}
%patch0 -p1
popd

%build

%install
mkdir -p %{buildroot}%{gem_dir}
cp -a .%{gem_dir}/* \
        %{buildroot}%{gem_dir}/


mkdir -p %{buildroot}%{_bindir}
cp -a .%{_bindir}/* \
        %{buildroot}%{_bindir}/

find %{buildroot}%{gem_instdir}/bin -type f | xargs chmod a+x

# Run the test suite

%check
pushd .%{gem_instdir}
tar xzf %{SOURCE1}

cat %{PATCH1} | patch -p1 -F 0

# We don't enable rubygem(closure-compiler).
# https://bugzilla.redhat.com/show_bug.cgi?id=1353473
mv test/test_closure_compressor.rb{,.disabled}
mv lib/sprockets/autoload/closure.rb{,.disabled}
sed -i '/:Closure/ s/^/#/' lib/sprockets/autoload.rb

# We don't have rubygem(eco) yet.
mv test/test_eco_processor.rb{,.disabled}
mv lib/sprockets/autoload/eco.rb{,.disabled}
sed -i '/:Eco/ s/^/#/' lib/sprockets/autoload.rb
sed -i '/test "eco templates" do/,/^  end/ s/^/#/' test/test_environment.rb

# We don't have rubygem(yui-compressor) yet.
# https://bugzilla.redhat.com/show_bug.cgi?id=725768
mv test/test_yui_compressor.rb{,.disabled}
mv lib/sprockets/autoload/yui.rb{,.disabled}
sed -i '/:YUI/ s/^/#/' lib/sprockets/autoload.rb

# Required by TestPathUtils#test_find_upwards test.
touch Gemfile

%{?scl:scl enable %{scl} %{scl_nodejs} - << \EOF}
RUBYOPT=-Ilib:test ruby -e 'Dir.glob "./test/**/test_*.rb", &method(:require)'
%{?scl:EOF}
popd

%files
# There is no %%license macro on RHEL6.
# https://bugzilla.redhat.com/show_bug.cgi?id=1386246
%{!?_licensedir:%global license %%doc}

%dir %{gem_instdir}
%{_bindir}/sprockets
%license %{gem_instdir}/LICENSE
%{gem_instdir}/bin
%{gem_libdir}
%exclude %{gem_cache}
%{gem_spec}

%files doc
%doc %{gem_docdir}
%doc %{gem_instdir}/CHANGELOG.md
%doc %{gem_instdir}/README.md

%changelog
* Tue Jul 03 2018 Pavel Valena <pvalena@redhat.com> - 3.7.1-2
- Fix: Path traversal in sprockets server
Resolves: rhbz#1595903
Resolves: CVE-2018-3760

* Fri Jan 13 2017 Jun Aruga <jaruga@redhat.com> - 3.7.1-1
- Update to Sprockets 3.7.1.
- Update scl_prefix_nodejs declaration to build with no-SCL environment.

* Wed Feb 17 2016 Pavel Valena <pvalena@redhat.com> - 3.2.0-4
- Update to 3.2.0

* Tue Jan 27 2015 Josef Stribny <jstribny@redhat.com> - 2.12.3-3
- Revert back to multi_json as it is now part of SCL

* Mon Jan 26 2015 Josef Stribny <jstribny@redhat.com> - 2.12.3-2
- Fix: properly delete any multi_json mention in gemspec

* Mon Jan 26 2015 Josef Stribny <jstribny@redhat.com> - 2.12.3-1
- Update to 2.12.3

* Mon Feb 17 2014 Josef Stribny <jstribny@redhat.com> - 2.8.2-3
- Depend on scldevel(v8) virtual provide

* Tue Nov 26 2013 Josef Stribny <jstribny@redhat.com> - 2.8.2-2
- Use v8 scl macro

* Wed Oct 16 2013 Josef Stribny <jstribny@redhat.com> - 2.8.2-1
- Upgrade to version 2.8.2
- Added rubygem-uglifier build dependency

* Wed Jun 12 2013 Josef Stribny <jstribny@redhat.com> - 2.4.5-3
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0

* Thu Jul 26 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 2.4.5-2
- Imported from Fedora again.

* Wed Jul 18 2012 Bohuslav Kabrda <bkabrda@redhat.com> - 2.4.5-1
- Initial package