brakeman 4.10.0 → 5.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (197) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +46 -0
  3. data/README.md +11 -2
  4. data/bundle/load.rb +5 -3
  5. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/CHANGELOG.md +16 -0
  6. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/FAQ.md +0 -0
  7. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/Gemfile +1 -4
  8. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/MIT-LICENSE +0 -0
  9. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/README.md +2 -3
  10. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/REFERENCE.md +29 -7
  11. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/TODO +0 -0
  12. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/haml.gemspec +2 -1
  13. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml.rb +0 -0
  14. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/attribute_builder.rb +3 -3
  15. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/attribute_compiler.rb +42 -31
  16. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/attribute_parser.rb +0 -0
  17. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/buffer.rb +0 -0
  18. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/compiler.rb +0 -0
  19. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/engine.rb +0 -0
  20. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/error.rb +0 -0
  21. data/bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/escapable.rb +77 -0
  22. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/exec.rb +0 -0
  23. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/filters.rb +0 -0
  24. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/generator.rb +0 -0
  25. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers.rb +7 -1
  26. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/action_view_extensions.rb +0 -0
  27. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/action_view_mods.rb +0 -0
  28. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/action_view_xss_mods.rb +0 -0
  29. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/safe_erubi_template.rb +0 -0
  30. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/safe_erubis_template.rb +0 -0
  31. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/xss_mods.rb +6 -3
  32. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/options.rb +0 -0
  33. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/parser.rb +32 -4
  34. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/plugin.rb +0 -0
  35. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/railtie.rb +0 -0
  36. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/sass_rails_filter.rb +0 -0
  37. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/template.rb +0 -0
  38. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/template/options.rb +0 -0
  39. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/temple_engine.rb +0 -0
  40. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/temple_line_counter.rb +0 -0
  41. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/util.rb +1 -1
  42. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/version.rb +1 -1
  43. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/yard/default/fulldoc/html/css/common.sass +0 -0
  44. data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/yard/default/layout/html/footer.erb +0 -0
  45. data/bundle/ruby/2.7.0/gems/parallel-1.20.1/MIT-LICENSE.txt +20 -0
  46. data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel.rb +523 -0
  47. data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/processor_count.rb +42 -0
  48. data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/version.rb +3 -0
  49. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/LICENSE.txt +22 -0
  50. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/NEWS.md +178 -0
  51. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/README.md +48 -0
  52. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml.rb +3 -0
  53. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/attlistdecl.rb +63 -0
  54. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/attribute.rb +205 -0
  55. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/cdata.rb +68 -0
  56. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/child.rb +97 -0
  57. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/comment.rb +80 -0
  58. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/doctype.rb +311 -0
  59. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/document.rb +451 -0
  60. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/attlistdecl.rb +11 -0
  61. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/dtd.rb +47 -0
  62. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/elementdecl.rb +18 -0
  63. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/entitydecl.rb +57 -0
  64. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/notationdecl.rb +40 -0
  65. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/element.rb +2599 -0
  66. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/encoding.rb +51 -0
  67. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/entity.rb +171 -0
  68. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/default.rb +116 -0
  69. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/pretty.rb +142 -0
  70. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/transitive.rb +58 -0
  71. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/functions.rb +447 -0
  72. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/instruction.rb +79 -0
  73. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/light/node.rb +188 -0
  74. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/namespace.rb +59 -0
  75. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/node.rb +76 -0
  76. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/output.rb +30 -0
  77. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parent.rb +166 -0
  78. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parseexception.rb +52 -0
  79. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb +694 -0
  80. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/lightparser.rb +59 -0
  81. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/pullparser.rb +197 -0
  82. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/sax2parser.rb +273 -0
  83. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/streamparser.rb +61 -0
  84. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/treeparser.rb +101 -0
  85. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/ultralightparser.rb +57 -0
  86. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/xpathparser.rb +689 -0
  87. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/quickpath.rb +266 -0
  88. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/rexml.rb +37 -0
  89. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/sax2listener.rb +98 -0
  90. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/security.rb +28 -0
  91. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/source.rb +298 -0
  92. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/streamlistener.rb +93 -0
  93. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/text.rb +424 -0
  94. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/undefinednamespaceexception.rb +9 -0
  95. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/relaxng.rb +539 -0
  96. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/validation.rb +144 -0
  97. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/validationexception.rb +10 -0
  98. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xmldecl.rb +130 -0
  99. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xmltokens.rb +85 -0
  100. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xpath.rb +81 -0
  101. data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xpath_parser.rb +974 -0
  102. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/History.rdoc +25 -0
  103. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/Manifest.txt +2 -0
  104. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/README.rdoc +0 -0
  105. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/compare/normalize.rb +2 -2
  106. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/debugging.md +190 -0
  107. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/rp_extensions.rb +0 -0
  108. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/rp_stringscanner.rb +0 -0
  109. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby20_parser.rb +2392 -2384
  110. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby20_parser.y +6 -1
  111. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby21_parser.rb +2553 -2550
  112. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby21_parser.y +6 -1
  113. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby22_parser.rb +2491 -2471
  114. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby22_parser.y +6 -1
  115. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby23_parser.rb +2422 -2403
  116. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby23_parser.y +6 -1
  117. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby24_parser.rb +2460 -2450
  118. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby24_parser.y +6 -1
  119. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby25_parser.rb +2450 -2441
  120. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby25_parser.y +6 -1
  121. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby26_parser.rb +2444 -2433
  122. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby26_parser.y +7 -1
  123. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby27_parser.rb +7310 -0
  124. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby27_parser.y +21 -1
  125. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.rb +7310 -0
  126. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.y +2677 -0
  127. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_lexer.rb +19 -0
  128. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_lexer.rex +1 -1
  129. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_lexer.rex.rb +1 -1
  130. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_parser.rb +2 -0
  131. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_parser.yy +27 -1
  132. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_parser_extras.rb +2 -2
  133. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/tools/munge.rb +2 -2
  134. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/tools/ripper.rb +0 -0
  135. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/History.rdoc +12 -0
  136. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/Manifest.txt +0 -0
  137. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/README.rdoc +0 -0
  138. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/composite_sexp_processor.rb +0 -0
  139. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/pt_testcase.rb +2 -2
  140. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/sexp.rb +0 -0
  141. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/sexp_matcher.rb +0 -0
  142. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/sexp_processor.rb +1 -1
  143. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/strict_sexp.rb +0 -0
  144. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/unique.rb +0 -0
  145. data/lib/brakeman.rb +21 -4
  146. data/lib/brakeman/app_tree.rb +36 -3
  147. data/lib/brakeman/checks/base_check.rb +7 -1
  148. data/lib/brakeman/checks/check_detailed_exceptions.rb +1 -1
  149. data/lib/brakeman/checks/check_evaluation.rb +1 -1
  150. data/lib/brakeman/checks/check_execute.rb +2 -1
  151. data/lib/brakeman/checks/check_mass_assignment.rb +4 -6
  152. data/lib/brakeman/checks/check_regex_dos.rb +1 -1
  153. data/lib/brakeman/checks/check_sanitize_methods.rb +2 -1
  154. data/lib/brakeman/checks/check_sql.rb +16 -3
  155. data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
  156. data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
  157. data/lib/brakeman/file_parser.rb +50 -22
  158. data/lib/brakeman/options.rb +5 -1
  159. data/lib/brakeman/parsers/template_parser.rb +26 -3
  160. data/lib/brakeman/processors/alias_processor.rb +91 -19
  161. data/lib/brakeman/processors/base_processor.rb +4 -4
  162. data/lib/brakeman/processors/controller_alias_processor.rb +6 -43
  163. data/lib/brakeman/processors/controller_processor.rb +1 -1
  164. data/lib/brakeman/processors/haml_template_processor.rb +8 -1
  165. data/lib/brakeman/processors/lib/call_conversion_helper.rb +10 -0
  166. data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
  167. data/lib/brakeman/processors/lib/rails3_config_processor.rb +16 -16
  168. data/lib/brakeman/processors/lib/rails4_config_processor.rb +2 -1
  169. data/lib/brakeman/processors/library_processor.rb +9 -0
  170. data/lib/brakeman/processors/output_processor.rb +1 -1
  171. data/lib/brakeman/processors/template_alias_processor.rb +5 -0
  172. data/lib/brakeman/report.rb +12 -1
  173. data/lib/brakeman/report/ignore/interactive.rb +1 -1
  174. data/lib/brakeman/report/report_base.rb +0 -2
  175. data/lib/brakeman/report/report_csv.rb +37 -60
  176. data/lib/brakeman/report/report_github.rb +31 -0
  177. data/lib/brakeman/report/report_junit.rb +2 -2
  178. data/lib/brakeman/report/report_sarif.rb +1 -1
  179. data/lib/brakeman/report/report_sonar.rb +38 -0
  180. data/lib/brakeman/report/report_tabs.rb +1 -1
  181. data/lib/brakeman/report/report_text.rb +1 -1
  182. data/lib/brakeman/rescanner.rb +7 -5
  183. data/lib/brakeman/scanner.rb +47 -18
  184. data/lib/brakeman/tracker.rb +39 -4
  185. data/lib/brakeman/tracker/collection.rb +27 -5
  186. data/lib/brakeman/tracker/config.rb +73 -0
  187. data/lib/brakeman/tracker/controller.rb +1 -1
  188. data/lib/brakeman/tracker/method_info.rb +29 -0
  189. data/lib/brakeman/util.rb +17 -4
  190. data/lib/brakeman/version.rb +1 -1
  191. data/lib/brakeman/warning.rb +10 -2
  192. data/lib/brakeman/warning_codes.rb +2 -0
  193. data/lib/ruby_parser/bm_sexp.rb +9 -9
  194. metadata +149 -84
  195. data/bundle/ruby/2.7.0/gems/haml-5.1.2/lib/haml/escapable.rb +0 -50
  196. data/bundle/ruby/2.7.0/gems/ruby_parser-3.15.0/debugging.md +0 -57
  197. data/bundle/ruby/2.7.0/gems/ruby_parser-3.15.0/lib/ruby27_parser.rb +0 -7224
@@ -0,0 +1,79 @@
1
+ # frozen_string_literal: false
2
+
3
+ require_relative "child"
4
+ require_relative "source"
5
+
6
+ module REXML
7
+ # Represents an XML Instruction; IE, <? ... ?>
8
+ # TODO: Add parent arg (3rd arg) to constructor
9
+ class Instruction < Child
10
+ START = "<?"
11
+ STOP = "?>"
12
+
13
+ # target is the "name" of the Instruction; IE, the "tag" in <?tag ...?>
14
+ # content is everything else.
15
+ attr_accessor :target, :content
16
+
17
+ # Constructs a new Instruction
18
+ # @param target can be one of a number of things. If String, then
19
+ # the target of this instruction is set to this. If an Instruction,
20
+ # then the Instruction is shallowly cloned (target and content are
21
+ # copied).
22
+ # @param content Must be either a String, or a Parent. Can only
23
+ # be a Parent if the target argument is a Source. Otherwise, this
24
+ # String is set as the content of this instruction.
25
+ def initialize(target, content=nil)
26
+ case target
27
+ when String
28
+ super()
29
+ @target = target
30
+ @content = content
31
+ when Instruction
32
+ super(content)
33
+ @target = target.target
34
+ @content = target.content
35
+ else
36
+ message =
37
+ "processing instruction target must be String or REXML::Instruction: "
38
+ message << "<#{target.inspect}>"
39
+ raise ArgumentError, message
40
+ end
41
+ @content.strip! if @content
42
+ end
43
+
44
+ def clone
45
+ Instruction.new self
46
+ end
47
+
48
+ # == DEPRECATED
49
+ # See the rexml/formatters package
50
+ #
51
+ def write writer, indent=-1, transitive=false, ie_hack=false
52
+ Kernel.warn( "#{self.class.name}.write is deprecated", uplevel: 1)
53
+ indent(writer, indent)
54
+ writer << START
55
+ writer << @target
56
+ if @content
57
+ writer << ' '
58
+ writer << @content
59
+ end
60
+ writer << STOP
61
+ end
62
+
63
+ # @return true if other is an Instruction, and the content and target
64
+ # of the other matches the target and content of this object.
65
+ def ==( other )
66
+ other.kind_of? Instruction and
67
+ other.target == @target and
68
+ other.content == @content
69
+ end
70
+
71
+ def node_type
72
+ :processing_instruction
73
+ end
74
+
75
+ def inspect
76
+ "<?p-i #{target} ...?>"
77
+ end
78
+ end
79
+ end
@@ -0,0 +1,188 @@
1
+ # frozen_string_literal: false
2
+ require_relative '../xmltokens'
3
+
4
+ module REXML
5
+ module Light
6
+ # Represents a tagged XML element. Elements are characterized by
7
+ # having children, attributes, and names, and can themselves be
8
+ # children.
9
+ class Node
10
+ NAMESPLIT = /^(?:(#{XMLTokens::NCNAME_STR}):)?(#{XMLTokens::NCNAME_STR})/u
11
+ PARENTS = [ :element, :document, :doctype ]
12
+ # Create a new element.
13
+ def initialize node=nil
14
+ @node = node
15
+ if node.kind_of? String
16
+ node = [ :text, node ]
17
+ elsif node.nil?
18
+ node = [ :document, nil, nil ]
19
+ elsif node[0] == :start_element
20
+ node[0] = :element
21
+ elsif node[0] == :start_doctype
22
+ node[0] = :doctype
23
+ elsif node[0] == :start_document
24
+ node[0] = :document
25
+ end
26
+ end
27
+
28
+ def size
29
+ if PARENTS.include? @node[0]
30
+ @node[-1].size
31
+ else
32
+ 0
33
+ end
34
+ end
35
+
36
+ def each
37
+ size.times { |x| yield( at(x+4) ) }
38
+ end
39
+
40
+ def name
41
+ at(2)
42
+ end
43
+
44
+ def name=( name_str, ns=nil )
45
+ pfx = ''
46
+ pfx = "#{prefix(ns)}:" if ns
47
+ _old_put(2, "#{pfx}#{name_str}")
48
+ end
49
+
50
+ def parent=( node )
51
+ _old_put(1,node)
52
+ end
53
+
54
+ def local_name
55
+ namesplit
56
+ @name
57
+ end
58
+
59
+ def local_name=( name_str )
60
+ _old_put( 1, "#@prefix:#{name_str}" )
61
+ end
62
+
63
+ def prefix( namespace=nil )
64
+ prefix_of( self, namespace )
65
+ end
66
+
67
+ def namespace( prefix=prefix() )
68
+ namespace_of( self, prefix )
69
+ end
70
+
71
+ def namespace=( namespace )
72
+ @prefix = prefix( namespace )
73
+ pfx = ''
74
+ pfx = "#@prefix:" if @prefix.size > 0
75
+ _old_put(1, "#{pfx}#@name")
76
+ end
77
+
78
+ def []( reference, ns=nil )
79
+ if reference.kind_of? String
80
+ pfx = ''
81
+ pfx = "#{prefix(ns)}:" if ns
82
+ at(3)["#{pfx}#{reference}"]
83
+ elsif reference.kind_of? Range
84
+ _old_get( Range.new(4+reference.begin, reference.end, reference.exclude_end?) )
85
+ else
86
+ _old_get( 4+reference )
87
+ end
88
+ end
89
+
90
+ def =~( path )
91
+ XPath.match( self, path )
92
+ end
93
+
94
+ # Doesn't handle namespaces yet
95
+ def []=( reference, ns, value=nil )
96
+ if reference.kind_of? String
97
+ value = ns unless value
98
+ at( 3 )[reference] = value
99
+ elsif reference.kind_of? Range
100
+ _old_put( Range.new(3+reference.begin, reference.end, reference.exclude_end?), ns )
101
+ else
102
+ if value
103
+ _old_put( 4+reference, ns, value )
104
+ else
105
+ _old_put( 4+reference, ns )
106
+ end
107
+ end
108
+ end
109
+
110
+ # Append a child to this element, optionally under a provided namespace.
111
+ # The namespace argument is ignored if the element argument is an Element
112
+ # object. Otherwise, the element argument is a string, the namespace (if
113
+ # provided) is the namespace the element is created in.
114
+ def << element
115
+ if node_type() == :text
116
+ at(-1) << element
117
+ else
118
+ newnode = Node.new( element )
119
+ newnode.parent = self
120
+ self.push( newnode )
121
+ end
122
+ at(-1)
123
+ end
124
+
125
+ def node_type
126
+ _old_get(0)
127
+ end
128
+
129
+ def text=( foo )
130
+ replace = at(4).kind_of?(String)? 1 : 0
131
+ self._old_put(4,replace, normalizefoo)
132
+ end
133
+
134
+ def root
135
+ context = self
136
+ context = context.at(1) while context.at(1)
137
+ end
138
+
139
+ def has_name?( name, namespace = '' )
140
+ at(3) == name and namespace() == namespace
141
+ end
142
+
143
+ def children
144
+ self
145
+ end
146
+
147
+ def parent
148
+ at(1)
149
+ end
150
+
151
+ def to_s
152
+
153
+ end
154
+
155
+ private
156
+
157
+ def namesplit
158
+ return if @name.defined?
159
+ at(2) =~ NAMESPLIT
160
+ @prefix = '' || $1
161
+ @name = $2
162
+ end
163
+
164
+ def namespace_of( node, prefix=nil )
165
+ if not prefix
166
+ name = at(2)
167
+ name =~ NAMESPLIT
168
+ prefix = $1
169
+ end
170
+ to_find = 'xmlns'
171
+ to_find = "xmlns:#{prefix}" if not prefix.nil?
172
+ ns = at(3)[ to_find ]
173
+ ns ? ns : namespace_of( @node[0], prefix )
174
+ end
175
+
176
+ def prefix_of( node, namespace=nil )
177
+ if not namespace
178
+ name = node.name
179
+ name =~ NAMESPLIT
180
+ $1
181
+ else
182
+ ns = at(3).find { |k,v| v == namespace }
183
+ ns ? ns : prefix_of( node.parent, namespace )
184
+ end
185
+ end
186
+ end
187
+ end
188
+ end
@@ -0,0 +1,59 @@
1
+ # frozen_string_literal: false
2
+
3
+ require_relative 'xmltokens'
4
+
5
+ module REXML
6
+ # Adds named attributes to an object.
7
+ module Namespace
8
+ # The name of the object, valid if set
9
+ attr_reader :name, :expanded_name
10
+ # The expanded name of the object, valid if name is set
11
+ attr_accessor :prefix
12
+ include XMLTokens
13
+ NAMESPLIT = /^(?:(#{NCNAME_STR}):)?(#{NCNAME_STR})/u
14
+
15
+ # Sets the name and the expanded name
16
+ def name=( name )
17
+ @expanded_name = name
18
+ case name
19
+ when NAMESPLIT
20
+ if $1
21
+ @prefix = $1
22
+ else
23
+ @prefix = ""
24
+ @namespace = ""
25
+ end
26
+ @name = $2
27
+ when ""
28
+ @prefix = nil
29
+ @namespace = nil
30
+ @name = nil
31
+ else
32
+ message = "name must be \#{PREFIX}:\#{LOCAL_NAME} or \#{LOCAL_NAME}: "
33
+ message += "<#{name.inspect}>"
34
+ raise ArgumentError, message
35
+ end
36
+ end
37
+
38
+ # Compares names optionally WITH namespaces
39
+ def has_name?( other, ns=nil )
40
+ if ns
41
+ return (namespace() == ns and name() == other)
42
+ elsif other.include? ":"
43
+ return fully_expanded_name == other
44
+ else
45
+ return name == other
46
+ end
47
+ end
48
+
49
+ alias :local_name :name
50
+
51
+ # Fully expand the name, even if the prefix wasn't specified in the
52
+ # source file.
53
+ def fully_expanded_name
54
+ ns = prefix
55
+ return "#{ns}:#@name" if ns.size > 0
56
+ return @name
57
+ end
58
+ end
59
+ end
@@ -0,0 +1,76 @@
1
+ # frozen_string_literal: false
2
+ require_relative "parseexception"
3
+ require_relative "formatters/pretty"
4
+ require_relative "formatters/default"
5
+
6
+ module REXML
7
+ # Represents a node in the tree. Nodes are never encountered except as
8
+ # superclasses of other objects. Nodes have siblings.
9
+ module Node
10
+ # @return the next sibling (nil if unset)
11
+ def next_sibling_node
12
+ return nil if @parent.nil?
13
+ @parent[ @parent.index(self) + 1 ]
14
+ end
15
+
16
+ # @return the previous sibling (nil if unset)
17
+ def previous_sibling_node
18
+ return nil if @parent.nil?
19
+ ind = @parent.index(self)
20
+ return nil if ind == 0
21
+ @parent[ ind - 1 ]
22
+ end
23
+
24
+ # indent::
25
+ # *DEPRECATED* This parameter is now ignored. See the formatters in the
26
+ # REXML::Formatters package for changing the output style.
27
+ def to_s indent=nil
28
+ unless indent.nil?
29
+ Kernel.warn( "#{self.class.name}.to_s(indent) parameter is deprecated", uplevel: 1)
30
+ f = REXML::Formatters::Pretty.new( indent )
31
+ f.write( self, rv = "" )
32
+ else
33
+ f = REXML::Formatters::Default.new
34
+ f.write( self, rv = "" )
35
+ end
36
+ return rv
37
+ end
38
+
39
+ def indent to, ind
40
+ if @parent and @parent.context and not @parent.context[:indentstyle].nil? then
41
+ indentstyle = @parent.context[:indentstyle]
42
+ else
43
+ indentstyle = ' '
44
+ end
45
+ to << indentstyle*ind unless ind<1
46
+ end
47
+
48
+ def parent?
49
+ false;
50
+ end
51
+
52
+
53
+ # Visit all subnodes of +self+ recursively
54
+ def each_recursive(&block) # :yields: node
55
+ self.elements.each {|node|
56
+ block.call(node)
57
+ node.each_recursive(&block)
58
+ }
59
+ end
60
+
61
+ # Find (and return) first subnode (recursively) for which the block
62
+ # evaluates to true. Returns +nil+ if none was found.
63
+ def find_first_recursive(&block) # :yields: node
64
+ each_recursive {|node|
65
+ return node if block.call(node)
66
+ }
67
+ return nil
68
+ end
69
+
70
+ # Returns the position that +self+ holds in its parent's array, indexed
71
+ # from 1.
72
+ def index_in_parent
73
+ parent.index(self)+1
74
+ end
75
+ end
76
+ end
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: false
2
+ require_relative 'encoding'
3
+
4
+ module REXML
5
+ class Output
6
+ include Encoding
7
+
8
+ attr_reader :encoding
9
+
10
+ def initialize real_IO, encd="iso-8859-1"
11
+ @output = real_IO
12
+ self.encoding = encd
13
+
14
+ @to_utf = encoding != 'UTF-8'
15
+
16
+ if encoding == "UTF-16"
17
+ @output << "\ufeff".encode("UTF-16BE")
18
+ self.encoding = "UTF-16BE"
19
+ end
20
+ end
21
+
22
+ def <<( content )
23
+ @output << (@to_utf ? self.encode(content) : content)
24
+ end
25
+
26
+ def to_s
27
+ "Output[#{encoding}]"
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,166 @@
1
+ # frozen_string_literal: false
2
+ require_relative "child"
3
+
4
+ module REXML
5
+ # A parent has children, and has methods for accessing them. The Parent
6
+ # class is never encountered except as the superclass for some other
7
+ # object.
8
+ class Parent < Child
9
+ include Enumerable
10
+
11
+ # Constructor
12
+ # @param parent if supplied, will be set as the parent of this object
13
+ def initialize parent=nil
14
+ super(parent)
15
+ @children = []
16
+ end
17
+
18
+ def add( object )
19
+ object.parent = self
20
+ @children << object
21
+ object
22
+ end
23
+
24
+ alias :push :add
25
+ alias :<< :push
26
+
27
+ def unshift( object )
28
+ object.parent = self
29
+ @children.unshift object
30
+ end
31
+
32
+ def delete( object )
33
+ found = false
34
+ @children.delete_if {|c| c.equal?(object) and found = true }
35
+ object.parent = nil if found
36
+ found ? object : nil
37
+ end
38
+
39
+ def each(&block)
40
+ @children.each(&block)
41
+ end
42
+
43
+ def delete_if( &block )
44
+ @children.delete_if(&block)
45
+ end
46
+
47
+ def delete_at( index )
48
+ @children.delete_at index
49
+ end
50
+
51
+ def each_index( &block )
52
+ @children.each_index(&block)
53
+ end
54
+
55
+ # Fetches a child at a given index
56
+ # @param index the Integer index of the child to fetch
57
+ def []( index )
58
+ @children[index]
59
+ end
60
+
61
+ alias :each_child :each
62
+
63
+
64
+
65
+ # Set an index entry. See Array.[]=
66
+ # @param index the index of the element to set
67
+ # @param opt either the object to set, or an Integer length
68
+ # @param child if opt is an Integer, this is the child to set
69
+ # @return the parent (self)
70
+ def []=( *args )
71
+ args[-1].parent = self
72
+ @children[*args[0..-2]] = args[-1]
73
+ end
74
+
75
+ # Inserts an child before another child
76
+ # @param child1 this is either an xpath or an Element. If an Element,
77
+ # child2 will be inserted before child1 in the child list of the parent.
78
+ # If an xpath, child2 will be inserted before the first child to match
79
+ # the xpath.
80
+ # @param child2 the child to insert
81
+ # @return the parent (self)
82
+ def insert_before( child1, child2 )
83
+ if child1.kind_of? String
84
+ child1 = XPath.first( self, child1 )
85
+ child1.parent.insert_before child1, child2
86
+ else
87
+ ind = index(child1)
88
+ child2.parent.delete(child2) if child2.parent
89
+ @children[ind,0] = child2
90
+ child2.parent = self
91
+ end
92
+ self
93
+ end
94
+
95
+ # Inserts an child after another child
96
+ # @param child1 this is either an xpath or an Element. If an Element,
97
+ # child2 will be inserted after child1 in the child list of the parent.
98
+ # If an xpath, child2 will be inserted after the first child to match
99
+ # the xpath.
100
+ # @param child2 the child to insert
101
+ # @return the parent (self)
102
+ def insert_after( child1, child2 )
103
+ if child1.kind_of? String
104
+ child1 = XPath.first( self, child1 )
105
+ child1.parent.insert_after child1, child2
106
+ else
107
+ ind = index(child1)+1
108
+ child2.parent.delete(child2) if child2.parent
109
+ @children[ind,0] = child2
110
+ child2.parent = self
111
+ end
112
+ self
113
+ end
114
+
115
+ def to_a
116
+ @children.dup
117
+ end
118
+
119
+ # Fetches the index of a given child
120
+ # @param child the child to get the index of
121
+ # @return the index of the child, or nil if the object is not a child
122
+ # of this parent.
123
+ def index( child )
124
+ count = -1
125
+ @children.find { |i| count += 1 ; i.hash == child.hash }
126
+ count
127
+ end
128
+
129
+ # @return the number of children of this parent
130
+ def size
131
+ @children.size
132
+ end
133
+
134
+ alias :length :size
135
+
136
+ # Replaces one child with another, making sure the nodelist is correct
137
+ # @param to_replace the child to replace (must be a Child)
138
+ # @param replacement the child to insert into the nodelist (must be a
139
+ # Child)
140
+ def replace_child( to_replace, replacement )
141
+ @children.map! {|c| c.equal?( to_replace ) ? replacement : c }
142
+ to_replace.parent = nil
143
+ replacement.parent = self
144
+ end
145
+
146
+ # Deeply clones this object. This creates a complete duplicate of this
147
+ # Parent, including all descendants.
148
+ def deep_clone
149
+ cl = clone()
150
+ each do |child|
151
+ if child.kind_of? Parent
152
+ cl << child.deep_clone
153
+ else
154
+ cl << child.clone
155
+ end
156
+ end
157
+ cl
158
+ end
159
+
160
+ alias :children :to_a
161
+
162
+ def parent?
163
+ true
164
+ end
165
+ end
166
+ end