Make CI pass with --enable-frozen-string-literal

.github/workflows/test.yml

@@ -24,6 +24,10 @@ jobs:
           '3.4',
           'head'
           ]
+        ruby-opt: [""]
+        include:
+          - ruby-version: '3.4'
+            ruby-opt: '--enable-frozen-string-literal --debug-frozen-string-literal'
 
     steps:
     - uses: actions/checkout@v3
@@ -34,6 +38,4 @@ jobs:
         bundler-cache: true
         cache-version: 2
     - name: Run tests
-      run: bundle exec rake --trace
-      env:
-        RUBYOPT: "--disable-frozen-string-literal" # Silence these warnings for now.
+      run: bundle exec rake --trace RUBYOPT="${{ matrix.ruby-opt }}"

Gemfile

@@ -12,7 +12,11 @@ group :development do
   gem 'pry'
   gem 'rack', '~> 2.2'
   gem 'rubysspi'
-  gem 'rubyntlm'
+  if RUBY_VERSION >= '3.2'
+    gem 'rubyntlm', github: 'https://github.com/WinRb/rubyntlm/pull/64'
+  else
+    gem 'rubyntlm'
+  end
   gem 'base64'
   gem 'rack-ntlm-test-service'
   gem 'logger'

bench/download.cgi

@@ -15,7 +15,7 @@ end
 buf_size = 1024 * 16
 STDOUT.sync = true
 File.open(File.expand_path('10M.bin', File.dirname(__FILE__))) do |file|
-  buf = ''
+  buf = ''.dup
   while !file.read(buf_size, buf).nil?
     print dump_chunk(buf)
   end

lib/hexdump.rb

@@ -11,26 +11,26 @@ def encode(str)
     result = []
     while raw = str.slice(offset, 16) and raw.length > 0
       # data field
-      data = ''
+      data = ''.dup
       for v in raw.unpack('N* a*')
-	if v.kind_of? Integer
-	  data << sprintf("%08x ", v)
-	else
-	  v.each_byte {|c| data << sprintf("%02x", c) }
-	end
+        if v.kind_of? Integer
+          data << sprintf("%08x ", v)
+        else
+          v.each_byte {|c| data << sprintf("%02x", c) }
+        end
       end
       # text field
       text = raw.tr("\000-\037\177-\377", ".")
       result << sprintf("%08x  %-36s  %s", offset, data, text)
       offset += 16
       # omit duplicate line
       if /^(#{regex_quote_n(raw)})+/n =~ str[offset .. -1]
-	result << sprintf("%08x  ...", offset)
-	offset += $&.length
-	# should print at the end
-	if offset == str.length
-	  result << sprintf("%08x  %-36s  %s", offset-16, data, text)
-	end
+        result << sprintf("%08x  ...", offset)
+        offset += $&.length
+        # should print at the end
+        if offset == str.length
+          result << sprintf("%08x  %-36s  %s", offset-16, data, text)
+        end
       end
     end
     result

lib/httpclient.rb

@@ -1240,7 +1240,7 @@ def do_get_block(req, proxy, conn, &block)
       conn.push(res)
       return res
     end
-    content = block ? nil : ''
+    content = block ? nil : ''.dup
     res = HTTP::Message.new_response(content, req.header)
     @debug_dev << "= Request\n\n" if @debug_dev
     sess = @session_manager.query(req, proxy)

lib/httpclient/http.rb

@@ -238,7 +238,7 @@ def content_type=(content_type)
       if defined?(Encoding::ASCII_8BIT)
         def set_body_encoding
           if type = self.content_type
-            OpenURI::Meta.init(o = '')
+            OpenURI::Meta.init(o = ''.dup)
             o.meta_add_field('content-type', type)
             @body_encoding = o.encoding
           end
@@ -491,7 +491,7 @@ def init_response(body = nil)
       # String.
       #
       # assert: @size is not nil
-      def dump(header = '', dev = '')
+      def dump(header = '', dev = ''.dup)
         if @body.is_a?(Parts)
           dev << header
           @body.parts.each do |part|
@@ -521,7 +521,7 @@ def dump(header = '', dev = '')
       # reason. (header is dumped to dev, too)
       # If no dev (the second argument) given, this method returns a dumped
       # String.
-      def dump_chunked(header = '', dev = '')
+      def dump_chunked(header = '', dev = ''.dup)
         dev << header
         if @body.is_a?(Parts)
           @body.parts.each do |part|
@@ -574,7 +574,7 @@ def reset_pos(io)
       end
 
       def dump_file(io, dev, sz)
-        buf = ''
+        buf = ''.dup
         rest = sz
         while rest > 0
           n = io.read([rest, @chunk_size].min, buf)
@@ -585,7 +585,7 @@ def dump_file(io, dev, sz)
       end
 
       def dump_chunks(io, dev)
-        buf = ''
+        buf = ''.dup
         while !io.read(@chunk_size, buf).nil?
           dev << dump_chunk(buf)
         end
@@ -954,7 +954,7 @@ def initialize # :nodoc:
 
     # Dumps message (header and body) to given dev.
     # dev needs to respond to <<.
-    def dump(dev = '')
+    def dump(dev = ''.dup)
       str = @http_header.dump + CRLF
       if @http_header.chunked
         dev = @http_body.dump_chunked(str, dev)

lib/httpclient/session.rb

@@ -950,7 +950,7 @@ def read_body_rest
     end
 
     def empty_bin_str
-      str = ''
+      str = ''.dup
       str.force_encoding('BINARY') if str.respond_to?(:force_encoding)
       str
     end

lib/httpclient/util.rb

@@ -64,7 +64,7 @@ class AddressableURI < Addressable::URI
         # Overwrites the original definition just for one line...
         def authority
           self.host && @authority ||= (begin
-            authority = ""
+            authority = "".dup
             if self.userinfo != nil
               authority << "#{self.userinfo}@"
             end

test/test_auth.rb

@@ -180,7 +180,7 @@ def test_BASIC_auth_force
       c.www_auth.basic_auth.instance_eval { @scheme = "BASIC" }
       #
       c.force_basic_auth = true
-      c.debug_dev = str = ''
+      c.debug_dev = str = ''.dup
       c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
       assert_equal('basic_auth OK', c.get_content("http://localhost:#{serverport}/basic_auth"))
       assert_equal('Authorization: Basic YWRtaW46YWRtaW4='.upcase, str.split(/\r?\n/)[5].upcase)
@@ -253,7 +253,7 @@ def test_basic_auth_reuses_credentials
     c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
     assert_equal('basic_auth OK', c.get_content("http://localhost:#{serverport}/basic_auth/"))
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content("http://localhost:#{serverport}/basic_auth/sub/dir/")
     assert_match(/Authorization: Basic YWRtaW46YWRtaW4=/, str)
   end
@@ -269,7 +269,7 @@ def test_digest_auth_reuses_credentials
     c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
     assert_equal('digest_auth OK', c.get_content("http://localhost:#{serverport}/digest_auth/"))
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content("http://localhost:#{serverport}/digest_auth/sub/dir/")
     assert_match(/Authorization: Digest/, str)
   end
@@ -315,7 +315,7 @@ def test_perfer_digest
     c.set_auth('http://example.com/', 'admin', 'admin')
     c.test_loopback_http_response << "HTTP/1.0 401 Unauthorized\nWWW-Authenticate: Basic realm=\"foo\"\nWWW-Authenticate: Digest realm=\"foo\", nonce=\"nonce\", stale=false\nContent-Length: 2\n\nNG"
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://example.com/')
     assert_match(/^Authorization: Digest/, str)
   end
@@ -331,7 +331,7 @@ def test_proxy_auth
     c.set_proxy_auth('admin', 'admin')
     c.test_loopback_http_response << "HTTP/1.0 407 Unauthorized\nProxy-Authenticate: Basic realm=\"foo\"\nContent-Length: 2\n\nNG"
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://example.com/')
     assert_match(/Proxy-Authorization: Basic YWRtaW46YWRtaW4=/, str)
   end
@@ -341,7 +341,7 @@ def test_proxy_auth_force
     c.set_proxy_auth('admin', 'admin')
     c.force_basic_auth = true
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://example.com/')
     assert_match(/Proxy-Authorization: Basic YWRtaW46YWRtaW4=/, str)
   end
@@ -353,7 +353,7 @@ def test_proxy_auth_reuses_credentials
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
     c.get_content('http://www1.example.com/')
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://www2.example.com/')
     assert_match(/Proxy-Authorization: Basic YWRtaW46YWRtaW4=/, str)
   end
@@ -367,7 +367,7 @@ def test_digest_proxy_auth_loop
     ha1 = md5.hexdigest("admin:foo:admin")
     ha2 = md5.hexdigest("GET:/")
     response = md5.hexdigest("#{ha1}:nonce:#{ha2}")
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://example.com/')
     assert_match(/Proxy-Authorization: Digest/, str)
     assert_match(%r"response=\"#{response}\"", str)
@@ -398,7 +398,7 @@ def test_prefer_digest_to_basic_proxy_auth
     ha1 = md5.hexdigest("admin:foo:admin")
     ha2 = md5.hexdigest("GET:/")
     response = md5.hexdigest("#{ha1}:nonce:#{ha2}")
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://example.com/')
     assert_match(/Proxy-Authorization: Digest/, str)
     assert_match(%r"response=\"#{response}\"", str)
@@ -415,7 +415,7 @@ def test_digest_proxy_auth_reuses_credentials
     ha2 = md5.hexdigest("GET:/")
     response = md5.hexdigest("#{ha1}:nonce:#{ha2}")
     c.get_content('http://www1.example.com/')
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://www2.example.com/')
     assert_match(/Proxy-Authorization: Digest/, str)
     assert_match(%r"response=\"#{response}\"", str)
@@ -437,19 +437,19 @@ def test_oauth
     c.www_auth.oauth.set_config('http://photos.example.net/', config)
     c.www_auth.oauth.challenge('http://photos.example.net/')
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://photos.example.net/photos', [[:file, 'vacation.jpg'], [:size, 'original']])
     assert(str.index(%q(GET /photos?file=vacation.jpg&size=original)))
     assert(str.index(%q(Authorization: OAuth realm="http://photos.example.net/", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_nonce="kllo9940pd9333jh", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1191242096", oauth_token="nnch734d00sl2jdk", oauth_version="1.0")))
     #
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get_content('http://photos.example.net/photos?file=vacation.jpg&size=original')
     assert(str.index(%q(GET /photos?file=vacation.jpg&size=original)))
     assert(str.index(%q(Authorization: OAuth realm="http://photos.example.net/", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_nonce="kllo9940pd9333jh", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1191242096", oauth_token="nnch734d00sl2jdk", oauth_version="1.0")))
     #
     c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.post_content('http://photos.example.net/photos', [[:file, 'vacation.jpg'], [:size, 'original']])
     assert(str.index(%q(POST /photos)))
     assert(str.index(%q(Authorization: OAuth realm="http://photos.example.net/", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_nonce="kllo9940pd9333jh", oauth_signature="wPkvxykrw%2BBTdCcGqKr%2B3I%2BPsiM%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1191242096", oauth_token="nnch734d00sl2jdk", oauth_version="1.0")))
@@ -479,7 +479,7 @@ def test_negotiate_and_basic
     c.test_loopback_http_response << %Q(HTTP/1.1 401 Unauthorized\r\nWWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABAAAAAAAAAAAAAAA=\r\nConnection: Keep-Alive\r\nContent-Length: 0\r\n\r\n)
     c.test_loopback_http_response << %Q(HTTP/1.0 200 OK\r\nConnection: Keep-Alive\r\nContent-Length: 1\r\n\r\na)
     c.test_loopback_http_response << %Q(HTTP/1.0 200 OK\r\nConnection: Keep-Alive\r\nContent-Length: 1\r\n\r\nb)
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.set_auth('http://www.example.org/', 'admin', 'admin')
     # Do NTLM negotiation
     c.get('http://www.example.org/foo')
@@ -488,7 +488,7 @@ def test_negotiate_and_basic
     assert_match(%r(Authorization: NTLM), str)
     assert_not_match(%r(Authorization: Basic), str)
     # ditto for other resource that is protected with NTLM
-    c.debug_dev = str = ''
+    c.debug_dev = str = ''.dup
     c.get('http://www.example.org/foo/subdir')
     assert_not_match(%r(Authorization: NTLM), str)
     assert_not_match(%r(Authorization: Basic), str)

test/test_hexdump.rb

@@ -5,8 +5,7 @@
 
 class TestHexDump < Test::Unit::TestCase
   def test_encode
-    str = "\032l\277\370\2429\216\236\351[{\{\262\350\274\376"
-    str.force_encoding('BINARY') if str.respond_to?(:force_encoding)
+    str = "\032l\277\370\2429\216\236\351[{\{\262\350\274\376".b
     assert_equal(["00000000  1a6cbff8 a2398e9e e95b7b7b b2e8bcfe   .l...9...[{{...."], HexDump.encode(str))
   end
 end if defined?(RUBY_ENGINE) && RUBY_ENGINE != "rbx" && RUBY_VERSION >= "1.9.0"