anystyle-parser 0.4.3 → 0.4.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/HISTORY.md +4 -0
  3. data/README.md +4 -2
  4. data/lib/anystyle/parser/parser.rb +1 -1
  5. data/lib/anystyle/parser/version.rb +1 -1
  6. metadata +16 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8c7b1fcfe89790b7e0af8e285df94ccba0bb5760
4
- data.tar.gz: d5ec56032e50d273fed64c97d1fce20e2ad8ca71
3
+ metadata.gz: 98fa1a2861bc3fd5953accb104cdf3bf3d3c7a8d
4
+ data.tar.gz: 691f25e7ade807451098edde34ae8628f299286d
5
5
  SHA512:
6
- metadata.gz: 236b8315fbe8962bfe1dadf15836c91e77418f8566cb75b909954c7a814f215664fc4e4fda02ccaa48c0d9116bd89fce1f687d77efe0d6f663107b2efebace8c
7
- data.tar.gz: c530d278eea102fe8282d16fd760c21f08ab27b08ca964bd81e884f7ca520cb442531a7e0b1eedf26d99995d5c30f6f18e76dcae6f0a30f90053f31e22f00383
6
+ metadata.gz: 95dc3700ea6a51ffac3059ab14c87098072342adbd108afd8aaa5bcf980fe627da7d279c801ce38f948b45db258a44e180c08021b671368f0270c39db148f31e
7
+ data.tar.gz: 81b0e2bce8ad581bddb9215882ff67d1d1cab38498d523411b64eed0115803b5fc465621849b128619d15315d1573b56245afaff19dc4c072a0bb8ca4595b012
data/HISTORY.md CHANGED
@@ -1,3 +1,7 @@
1
+ 0.4.4 / 2014-03-10
2
+ ==================
3
+ * Mitigate potential vulnerability: open files only if string not tainted
4
+
1
5
  0.4.3 / 2014-03-09
2
6
  ==================
3
7
  * Add model reload method
data/README.md CHANGED
@@ -83,12 +83,14 @@ Anystyle-Parser are `#parse` and `#train` that both accept two arguments.
83
83
  Parser#train(input = options[:training_data], truncate = true)
84
84
 
85
85
  `#parse` parses the passed-in input (either a filename, your reference strings,
86
- or an array of your reference strings) and returns the parsed data in the
86
+ or an array of your reference strings; files are only opened if the string is
87
+ not tainted) and returns the parsed data in the
87
88
  format specified as the second argument (supported formats include: *:hash*,
88
89
  *:bibtex*, *:citeproc*, *:tags*, and *:raw*).
89
90
 
90
91
  `#train` allows you to easily train the Parser's CRF model. The first argument
91
- is either a filename or your data as a string; the format of training data
92
+ is either a filename (if the string is not tainted) or your data as a string;
93
+ the format of training data
92
94
  follows the XML-like syntax of the
93
95
  [CORA dataset](http://www.cs.umass.edu/~mccallum/data/cora-ie.tar.gz); the
94
96
  optional boolean argument lets you decide whether to train the existing
data/lib/anystyle/parser/parser.rb CHANGED
@@ -215,7 +215,7 @@ module Anystyle
215
215
  def input_to_s(input)
216
216
  case input
217
217
  when String
218
- if input.length < 128 && File.exists?(input)
218
+ if !input.tainted? && input.length < 128 && File.exists?(input)
219
219
  f = File.open(input, 'r:UTF-8')
220
220
  f.read
221
221
  else
data/lib/anystyle/parser/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Anystyle
2
2
  module Parser
3
- VERSION = '0.4.3'.freeze
3
+ VERSION = '0.4.4'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,55 +1,55 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: anystyle-parser
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.3
4
+ version: 0.4.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sylvester Keil
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-03-09 00:00:00.000000000 Z
11
+ date: 2014-03-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bibtex-ruby
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ~>
18
18
  - !ruby/object:Gem::Version
19
19
  version: '3.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ~>
25
25
  - !ruby/object:Gem::Version
26
26
  version: '3.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: wapiti
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ~>
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0.1'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ~>
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0.1'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: namae
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ~>
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0.8'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ~>
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0.8'
55
55
  description: A sophisticated parser for academic reference lists and bibliographies
@@ -96,27 +96,27 @@ licenses:
96
96
  metadata: {}
97
97
  post_install_message:
98
98
  rdoc_options:
99
- - "--line-numbers"
100
- - "--inline-source"
101
- - "--title"
102
- - "\"Anystyle Parser\""
103
- - "--main"
99
+ - --line-numbers
100
+ - --inline-source
101
+ - --title
102
+ - '"Anystyle Parser"'
103
+ - --main
104
104
  - README.md
105
105
  require_paths:
106
106
  - lib
107
107
  required_ruby_version: !ruby/object:Gem::Requirement
108
108
  requirements:
109
- - - ">="
109
+ - - '>='
110
110
  - !ruby/object:Gem::Version
111
111
  version: 1.9.3
112
112
  required_rubygems_version: !ruby/object:Gem::Requirement
113
113
  requirements:
114
- - - ">="
114
+ - - '>='
115
115
  - !ruby/object:Gem::Version
116
116
  version: '0'
117
117
  requirements: []
118
118
  rubyforge_project:
119
- rubygems_version: 2.2.2
119
+ rubygems_version: 2.0.14
120
120
  signing_key:
121
121
  specification_version: 4
122
122
  summary: Smart and fast academic bibliography parser.