asciidoctor-include-ext 0.2.0 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE +1 -1
  3. data/README.adoc +4 -1
  4. data/asciidoctor-include-ext.gemspec +12 -14
  5. data/lib/asciidoctor/include_ext/include_processor.rb +24 -12
  6. data/lib/asciidoctor/include_ext/logging.rb +21 -0
  7. data/lib/asciidoctor/include_ext/tag_lines_selector.rb +2 -1
  8. data/lib/asciidoctor/include_ext/version.rb +1 -1
  9. metadata +16 -24
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 426f9fc65b85c68d988632d3b123f9e21ed8f539bed5cb8dfb389b9bf9bcc066
4
- data.tar.gz: bb40b284130e5c1bc0f6774471da10e0405b1240dbbec51ff05d9be568cd8c70
3
+ metadata.gz: e351222783e131005427ad519891508168603495508299c6d71c2fb55d71a19e
4
+ data.tar.gz: 209424da5377db4f71f273f32413f69d083faec1ee9da79cf127d7ed55a57c62
5
5
  SHA512:
6
- metadata.gz: 5418ef883794df0cf2df411516592c58a058e5a7a8b13bf1d9130aba246a62630752748b1056413d82c48d2196454dbf25c75fabda3001132d02d99feb9ce5d6
7
- data.tar.gz: 1aa743cb0820f82f3d670ae44649ce4e20f385a68a08110fb213ac63aa9b0cd21d1d8f4835c315be728463a85e2d2f9b969eaf17cef558969424b2b4f403107c
6
+ metadata.gz: b93df9f785ad62e1b36a8a68207f06f57578f6ee54af248596c17aa0be38c58e15175ca1cbc02bbe1a73338306959d9a99b06181948fb5743461510cfa02fb4f
7
+ data.tar.gz: 6ec6deec461722db7a314fb21726af6d08572690e1785865d83a0b3668df43781e9015b87966556b9b2982f434d7eda597eaedd7dcbe56af241e09e1017b8a4b
data/LICENSE CHANGED
@@ -1,6 +1,6 @@
1
1
  The MIT License
2
2
 
3
- Copyright 2017 Jakub Jirutka <jakub@jirutka.cz>.
3
+ Copyright 2017-present Jakub Jirutka <jakub@jirutka.cz>.
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
data/README.adoc CHANGED
@@ -7,7 +7,7 @@
7
7
  :codacy-id: 45320444129044688ef6553821b083f1
8
8
 
9
9
  ifdef::env-github[]
10
- image:https://travis-ci.org/{gh-name}.svg?branch={gh-branch}[Build Status, link="https://travis-ci.org/{gh-name}"]
10
+ image:https://github.com/{gh-name}/workflows/CI/badge.svg[CI Status, link=https://github.com/{gh-name}/actions?query=workflow%3A%22CI%22]
11
11
  image:https://api.codacy.com/project/badge/Coverage/{codacy-id}["Test Coverage", link="https://www.codacy.com/app/{gh-name}"]
12
12
  image:https://api.codacy.com/project/badge/Grade/{codacy-id}["Codacy Code quality", link="https://www.codacy.com/app/{gh-name}"]
13
13
  image:https://img.shields.io/gem/v/{gem-name}.svg?style=flat[Gem Version, link="https://rubygems.org/gems/{gem-name}"]
@@ -49,6 +49,9 @@ or to install the latest development version:
49
49
  gem install {gem-name} --pre
50
50
 
51
51
 
52
+ WARNING: Versions *prior 0.4.0* are vulnerable for Command Injection (see https://github.com/{gh-name}/commit/c7ea001a597c7033575342c51483dab7b87ae155[c7ea001] for more information). If you use an older version, update to 0.4.0 immediately!
53
+
54
+
52
55
  == Usage
53
56
 
54
57
  Just `require '{gem-name}'`.
data/asciidoctor-include-ext.gemspec CHANGED
@@ -1,4 +1,4 @@
1
- require File.expand_path('../lib/asciidoctor/include_ext/version', __FILE__)
1
+ require File.expand_path('lib/asciidoctor/include_ext/version', __dir__)
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = 'asciidoctor-include-ext'
@@ -9,24 +9,22 @@ Gem::Specification.new do |s|
9
9
  s.license = 'MIT'
10
10
 
11
11
  s.summary = "Asciidoctor's standard include::[] processor reimplemented as an extension"
12
- s.description = <<EOF
13
- This is a reimplementation of the Asciidoctor's built-in (pre)processor for the
14
- include::[] directive in extensible and more clean way. It provides the same
15
- features, but you can easily adjust it or extend for your needs. For example,
16
- you can change how it loads included files or add another ways how to select
17
- portions of the document to include.
18
- EOF
12
+ s.description = <<~EOF
13
+ This is a reimplementation of the Asciidoctor's built-in (pre)processor for the
14
+ include::[] directive in extensible and more clean way. It provides the same
15
+ features, but you can easily adjust it or extend for your needs. For example,
16
+ you can change how it loads included files or add another ways how to select
17
+ portions of the document to include.
18
+ EOF
19
19
 
20
20
  s.files = Dir['lib/**/*', '*.gemspec', 'LICENSE*', 'README*']
21
- s.has_rdoc = 'yard'
22
21
 
23
- s.required_ruby_version = '>= 2.1'
22
+ s.required_ruby_version = '>= 2.3'
24
23
 
25
- s.add_runtime_dependency 'asciidoctor', '~> 1.5.6'
24
+ s.add_runtime_dependency 'asciidoctor', '>= 1.5.6', '< 3.0.0'
26
25
 
27
- s.add_development_dependency 'corefines', '~> 1.11'
28
- s.add_development_dependency 'kramdown', '~> 1.16'
29
- s.add_development_dependency 'rake', '~> 12.0'
26
+ s.add_development_dependency 'kramdown', '~> 2.0'
27
+ s.add_development_dependency 'rake', '~> 13.0'
30
28
  s.add_development_dependency 'rspec', '~> 3.7'
31
29
  s.add_development_dependency 'rubocop', '~> 0.51.0'
32
30
  s.add_development_dependency 'simplecov', '~> 0.15'
data/lib/asciidoctor/include_ext/include_processor.rb CHANGED
@@ -1,10 +1,12 @@
1
1
  # frozen_string_literal: true
2
2
  require 'logger'
3
3
  require 'open-uri'
4
+ require 'uri'
4
5
 
5
6
  require 'asciidoctor/include_ext/version'
6
7
  require 'asciidoctor/include_ext/reader_ext'
7
8
  require 'asciidoctor/include_ext/lineno_lines_selector'
9
+ require 'asciidoctor/include_ext/logging'
8
10
  require 'asciidoctor/include_ext/tag_lines_selector'
9
11
  require 'asciidoctor'
10
12
  require 'asciidoctor/extensions'
@@ -22,7 +24,7 @@ module Asciidoctor::IncludeExt
22
24
  # @param logger [Logger] the logger to use for logging warning and errors
23
25
  # from this object and selectors.
24
26
  def initialize(selectors: [LinenoLinesSelector, TagLinesSelector],
25
- logger: Logger.new(STDERR), **)
27
+ logger: Logging.default_logger, **)
26
28
  super
27
29
  @selectors = selectors.dup.freeze
28
30
  @logger = logger
@@ -85,7 +87,7 @@ module Asciidoctor::IncludeExt
85
87
 
86
88
  return false if doc.safe >= ::Asciidoctor::SafeMode::SECURE
87
89
  return false if doc.attributes.fetch('max-include-depth', 64).to_i < 1
88
- return false if target_uri?(target) && !doc.attributes.key?('allow-uri-read')
90
+ return false if target_http?(target) && !doc.attributes.key?('allow-uri-read')
89
91
  true
90
92
  end
91
93
 
@@ -93,7 +95,7 @@ module Asciidoctor::IncludeExt
93
95
  # @param reader (see #process)
94
96
  # @return [String, nil] file path or URI of the *target*, or `nil` if not found.
95
97
  def resolve_target_path(target, reader)
96
- return target if target_uri? target
98
+ return target if target_http? target
97
99
 
98
100
  # Include file is resolved relative to dir of the current include,
99
101
  # or base_dir if within original docfile.
@@ -105,16 +107,22 @@ module Asciidoctor::IncludeExt
105
107
  # Reads the specified file as individual lines, filters them using the
106
108
  # *selector* (if provided) and returns those lines in an array.
107
109
  #
108
- # @param filename [String] path of the file to be read.
110
+ # @param path [String] URL or path of the file to be read.
109
111
  # @param selector [#to_proc, nil] predicate to filter lines that should be
110
112
  # included in the output. It must accept two arguments: line and
111
113
  # the line number. If `nil` is given, all lines are passed.
112
114
  # @return [Array<String>] an array of read lines.
113
- def read_lines(filename, selector)
114
- if selector
115
- IO.foreach(filename).select.with_index(1, &selector)
116
- else
117
- open(filename, &:read)
115
+ def read_lines(path, selector)
116
+ # IO.open is deliberately not used directly to avoid potential security risks.
117
+ # TODO: Get rid of 'open-uri' (URI.open).
118
+ io = target_http?(path) ? URI : File
119
+
120
+ io.open(path) do |f|
121
+ if selector
122
+ f.each.select.with_index(1, &selector)
123
+ else
124
+ f.read
125
+ end
118
126
  end
119
127
  end
120
128
 
@@ -141,9 +149,13 @@ module Asciidoctor::IncludeExt
141
149
  private
142
150
 
143
151
  # @param target (see #process)
144
- # @return [Boolean] `true` if the *target* is an URI, `false` otherwise.
145
- def target_uri?(target)
146
- ::Asciidoctor::Helpers.uriish?(target)
152
+ # @return [Boolean] `true` if the *target* is a valid HTTP(S) URI, `false` otherwise.
153
+ def target_http?(target)
154
+ # First do a fast test, then try to parse it.
155
+ target.downcase.start_with?('http://', 'https://') \
156
+ && URI.parse(target).is_a?(URI::HTTP)
157
+ rescue URI::InvalidURIError
158
+ false
147
159
  end
148
160
  end
149
161
  end
data/lib/asciidoctor/include_ext/logging.rb ADDED
@@ -0,0 +1,21 @@
1
+ # frozen_string_literal: true
2
+ require 'logger'
3
+ require 'asciidoctor'
4
+ require 'asciidoctor/include_ext/version'
5
+
6
+ module Asciidoctor::IncludeExt
7
+ # Helper module for getting default Logger based on the Asciidoctor version.
8
+ module Logging
9
+ module_function
10
+
11
+ # @return [Logger] the default `Asciidoctor::Logger` if using Asciidoctor
12
+ # 1.5.7 or later, or Ruby's `Logger` that outputs to `STDERR`.
13
+ def default_logger
14
+ if defined? ::Asciidoctor::LoggerManager
15
+ ::Asciidoctor::LoggerManager.logger
16
+ else
17
+ ::Logger.new(STDERR)
18
+ end
19
+ end
20
+ end
21
+ end
data/lib/asciidoctor/include_ext/tag_lines_selector.rb CHANGED
@@ -4,6 +4,7 @@ require 'set'
4
4
 
5
5
  require 'asciidoctor'
6
6
  require 'asciidoctor/include_ext/version'
7
+ require 'asciidoctor/include_ext/logging'
7
8
 
8
9
  module Asciidoctor::IncludeExt
9
10
  # Lines selector that selects lines of the content based on the specified tags.
@@ -39,7 +40,7 @@ module Asciidoctor::IncludeExt
39
40
  # @param attributes [Hash<String, String>] the attributes parsed from the
40
41
  # `include::[]`s attributes slot. It must contain a key `"tag"` or `"tags"`.
41
42
  # @param logger [Logger]
42
- def initialize(target, attributes, logger: Logger.new(STDERR), **)
43
+ def initialize(target, attributes, logger: Logging.default_logger, **)
43
44
  tag_flags =
44
45
  if attributes.key? 'tag'
45
46
  parse_attribute(attributes['tag'], true)
data/lib/asciidoctor/include_ext/version.rb CHANGED
@@ -3,6 +3,6 @@
3
3
  module Asciidoctor
4
4
  module IncludeExt
5
5
  # Version of the asciidoctor-include-ext gem.
6
- VERSION = '0.2.0'.freeze
6
+ VERSION = '0.4.0'.freeze
7
7
  end
8
8
  end
metadata CHANGED
@@ -1,71 +1,63 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: asciidoctor-include-ext
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jakub Jirutka
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-03 00:00:00.000000000 Z
11
+ date: 2022-03-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: asciidoctor
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: 1.5.6
20
+ - - "<"
21
+ - !ruby/object:Gem::Version
22
+ version: 3.0.0
20
23
  type: :runtime
21
24
  prerelease: false
22
25
  version_requirements: !ruby/object:Gem::Requirement
23
26
  requirements:
24
- - - "~>"
27
+ - - ">="
25
28
  - !ruby/object:Gem::Version
26
29
  version: 1.5.6
27
- - !ruby/object:Gem::Dependency
28
- name: corefines
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - "~>"
32
- - !ruby/object:Gem::Version
33
- version: '1.11'
34
- type: :development
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - "~>"
30
+ - - "<"
39
31
  - !ruby/object:Gem::Version
40
- version: '1.11'
32
+ version: 3.0.0
41
33
  - !ruby/object:Gem::Dependency
42
34
  name: kramdown
43
35
  requirement: !ruby/object:Gem::Requirement
44
36
  requirements:
45
37
  - - "~>"
46
38
  - !ruby/object:Gem::Version
47
- version: '1.16'
39
+ version: '2.0'
48
40
  type: :development
49
41
  prerelease: false
50
42
  version_requirements: !ruby/object:Gem::Requirement
51
43
  requirements:
52
44
  - - "~>"
53
45
  - !ruby/object:Gem::Version
54
- version: '1.16'
46
+ version: '2.0'
55
47
  - !ruby/object:Gem::Dependency
56
48
  name: rake
57
49
  requirement: !ruby/object:Gem::Requirement
58
50
  requirements:
59
51
  - - "~>"
60
52
  - !ruby/object:Gem::Version
61
- version: '12.0'
53
+ version: '13.0'
62
54
  type: :development
63
55
  prerelease: false
64
56
  version_requirements: !ruby/object:Gem::Requirement
65
57
  requirements:
66
58
  - - "~>"
67
59
  - !ruby/object:Gem::Version
68
- version: '12.0'
60
+ version: '13.0'
69
61
  - !ruby/object:Gem::Dependency
70
62
  name: rspec
71
63
  requirement: !ruby/object:Gem::Requirement
@@ -140,6 +132,7 @@ files:
140
132
  - lib/asciidoctor/include_ext.rb
141
133
  - lib/asciidoctor/include_ext/include_processor.rb
142
134
  - lib/asciidoctor/include_ext/lineno_lines_selector.rb
135
+ - lib/asciidoctor/include_ext/logging.rb
143
136
  - lib/asciidoctor/include_ext/reader_ext.rb
144
137
  - lib/asciidoctor/include_ext/tag_lines_selector.rb
145
138
  - lib/asciidoctor/include_ext/version.rb
@@ -155,15 +148,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
155
148
  requirements:
156
149
  - - ">="
157
150
  - !ruby/object:Gem::Version
158
- version: '2.1'
151
+ version: '2.3'
159
152
  required_rubygems_version: !ruby/object:Gem::Requirement
160
153
  requirements:
161
154
  - - ">="
162
155
  - !ruby/object:Gem::Version
163
156
  version: '0'
164
157
  requirements: []
165
- rubyforge_project:
166
- rubygems_version: 2.7.6
158
+ rubygems_version: 3.3.7
167
159
  signing_key:
168
160
  specification_version: 4
169
161
  summary: Asciidoctor's standard include::[] processor reimplemented as an extension