anystyle-parser 0.4.3 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8c7b1fcfe89790b7e0af8e285df94ccba0bb5760
4
- data.tar.gz: d5ec56032e50d273fed64c97d1fce20e2ad8ca71
3
+ metadata.gz: 98fa1a2861bc3fd5953accb104cdf3bf3d3c7a8d
4
+ data.tar.gz: 691f25e7ade807451098edde34ae8628f299286d
5
5
  SHA512:
6
- metadata.gz: 236b8315fbe8962bfe1dadf15836c91e77418f8566cb75b909954c7a814f215664fc4e4fda02ccaa48c0d9116bd89fce1f687d77efe0d6f663107b2efebace8c
7
- data.tar.gz: c530d278eea102fe8282d16fd760c21f08ab27b08ca964bd81e884f7ca520cb442531a7e0b1eedf26d99995d5c30f6f18e76dcae6f0a30f90053f31e22f00383
6
+ metadata.gz: 95dc3700ea6a51ffac3059ab14c87098072342adbd108afd8aaa5bcf980fe627da7d279c801ce38f948b45db258a44e180c08021b671368f0270c39db148f31e
7
+ data.tar.gz: 81b0e2bce8ad581bddb9215882ff67d1d1cab38498d523411b64eed0115803b5fc465621849b128619d15315d1573b56245afaff19dc4c072a0bb8ca4595b012
data/HISTORY.md CHANGED
@@ -1,3 +1,7 @@
1
+ 0.4.4 / 2014-03-10
2
+ ==================
3
+ * Mitigate potential vulnerability: open files only if string not tainted
4
+
1
5
  0.4.3 / 2014-03-09
2
6
  ==================
3
7
  * Add model reload method
data/README.md CHANGED
@@ -83,12 +83,14 @@ Anystyle-Parser are `#parse` and `#train` that both accept two arguments.
83
83
  Parser#train(input = options[:training_data], truncate = true)
84
84
 
85
85
  `#parse` parses the passed-in input (either a filename, your reference strings,
86
- or an array of your reference strings) and returns the parsed data in the
86
+ or an array of your reference strings; files are only opened if the string is
87
+ not tainted) and returns the parsed data in the
87
88
  format specified as the second argument (supported formats include: *:hash*,
88
89
  *:bibtex*, *:citeproc*, *:tags*, and *:raw*).
89
90
 
90
91
  `#train` allows you to easily train the Parser's CRF model. The first argument
91
- is either a filename or your data as a string; the format of training data
92
+ is either a filename (if the string is not tainted) or your data as a string;
93
+ the format of training data
92
94
  follows the XML-like syntax of the
93
95
  [CORA dataset](http://www.cs.umass.edu/~mccallum/data/cora-ie.tar.gz); the
94
96
  optional boolean argument lets you decide whether to train the existing
@@ -215,7 +215,7 @@ module Anystyle
215
215
  def input_to_s(input)
216
216
  case input
217
217
  when String
218
- if input.length < 128 && File.exists?(input)
218
+ if !input.tainted? && input.length < 128 && File.exists?(input)
219
219
  f = File.open(input, 'r:UTF-8')
220
220
  f.read
221
221
  else
@@ -1,5 +1,5 @@
1
1
  module Anystyle
2
2
  module Parser
3
- VERSION = '0.4.3'.freeze
3
+ VERSION = '0.4.4'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,55 +1,55 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: anystyle-parser
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.3
4
+ version: 0.4.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sylvester Keil
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-03-09 00:00:00.000000000 Z
11
+ date: 2014-03-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bibtex-ruby
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ~>
18
18
  - !ruby/object:Gem::Version
19
19
  version: '3.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ~>
25
25
  - !ruby/object:Gem::Version
26
26
  version: '3.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: wapiti
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ~>
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0.1'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ~>
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0.1'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: namae
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ~>
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0.8'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ~>
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0.8'
55
55
  description: A sophisticated parser for academic reference lists and bibliographies
@@ -96,27 +96,27 @@ licenses:
96
96
  metadata: {}
97
97
  post_install_message:
98
98
  rdoc_options:
99
- - "--line-numbers"
100
- - "--inline-source"
101
- - "--title"
102
- - "\"Anystyle Parser\""
103
- - "--main"
99
+ - --line-numbers
100
+ - --inline-source
101
+ - --title
102
+ - '"Anystyle Parser"'
103
+ - --main
104
104
  - README.md
105
105
  require_paths:
106
106
  - lib
107
107
  required_ruby_version: !ruby/object:Gem::Requirement
108
108
  requirements:
109
- - - ">="
109
+ - - '>='
110
110
  - !ruby/object:Gem::Version
111
111
  version: 1.9.3
112
112
  required_rubygems_version: !ruby/object:Gem::Requirement
113
113
  requirements:
114
- - - ">="
114
+ - - '>='
115
115
  - !ruby/object:Gem::Version
116
116
  version: '0'
117
117
  requirements: []
118
118
  rubyforge_project:
119
- rubygems_version: 2.2.2
119
+ rubygems_version: 2.0.14
120
120
  signing_key:
121
121
  specification_version: 4
122
122
  summary: Smart and fast academic bibliography parser.