brakeman 4.6.1 → 4.7.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of brakeman might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGES.md +11 -0
- data/bundle/load.rb +7 -7
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/CHANGELOG.md +122 -4
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/FAQ.md +4 -14
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/Gemfile +19 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/MIT-LICENSE +2 -2
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/README.md +80 -42
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/REFERENCE.md +121 -64
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/TODO +24 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/haml.gemspec +44 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml.rb +2 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/attribute_builder.rb +164 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/attribute_compiler.rb +224 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/attribute_parser.rb +150 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/buffer.rb +25 -132
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/compiler.rb +330 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/engine.rb +34 -41
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/error.rb +65 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/escapable.rb +50 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/exec.rb +38 -20
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/filters.rb +22 -27
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/generator.rb +42 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/helpers.rb +129 -90
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/helpers/action_view_extensions.rb +4 -2
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/helpers/action_view_mods.rb +45 -60
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/helpers/action_view_xss_mods.rb +2 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/helpers/safe_erubi_template.rb +20 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/helpers/safe_erubis_template.rb +5 -1
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/helpers/xss_mods.rb +19 -12
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/options.rb +63 -69
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/parser.rb +292 -228
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/plugin.rb +37 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/railtie.rb +48 -0
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/sass_rails_filter.rb +18 -4
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/template.rb +13 -6
- data/bundle/ruby/2.6.0/gems/{haml-4.0.7 → haml-5.1.2}/lib/haml/template/options.rb +13 -2
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/temple_engine.rb +123 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/temple_line_counter.rb +30 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/util.rb +258 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/lib/haml/version.rb +5 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/yard/default/fulldoc/html/css/common.sass +15 -0
- data/bundle/ruby/2.6.0/gems/haml-5.1.2/yard/default/layout/html/footer.erb +12 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/AUTHORS +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/COPYING +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/Changelog.md +3 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/Gemfile +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/LICENSE +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/README.md +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/TODO +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/appveyor.yml +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/highline.gemspec +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/builtin_styles.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/color_scheme.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/compatibility.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/custom_errors.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/import.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/io_console_compatible.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/list.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/list_renderer.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/menu.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/menu/item.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/paginator.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/question.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/question/answer_converter.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/question_asker.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/simulate.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/statement.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/string.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/string_extensions.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/style.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/template_renderer.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/terminal.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/terminal/io_console.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/terminal/ncurses.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/terminal/unix_stty.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/version.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{highline-2.0.2 → highline-2.0.3}/lib/highline/wrapper.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby2ruby-2.4.3 → ruby2ruby-2.4.4}/History.rdoc +6 -0
- data/bundle/ruby/2.6.0/gems/{ruby2ruby-2.4.3 → ruby2ruby-2.4.4}/Manifest.txt +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby2ruby-2.4.3 → ruby2ruby-2.4.4}/README.rdoc +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby2ruby-2.4.3 → ruby2ruby-2.4.4}/lib/ruby2ruby.rb +3 -3
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/History.rdoc +38 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/Manifest.txt +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/README.rdoc +3 -3
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/compare/normalize.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/debugging.md +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/rp_extensions.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/rp_stringscanner.rb +0 -0
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby20_parser.rb +7045 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1/lib/ruby_parser.yy → ruby_parser-3.14.0/lib/ruby20_parser.y} +390 -397
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby21_parser.rb +7116 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby21_parser.y +399 -254
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby22_parser.rb +7149 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby22_parser.y +400 -255
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby23_parser.rb +7166 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby23_parser.y +400 -255
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby24_parser.rb +7178 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby24_parser.y +404 -257
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby25_parser.rb +7178 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby25_parser.y +404 -257
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby26_parser.rb +7198 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby26_parser.y +410 -261
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby_lexer.rb +424 -432
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby_lexer.rex +0 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby_lexer.rex.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby_parser.rb +27 -27
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.14.0/lib/ruby_parser.yy +2732 -0
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/lib/ruby_parser_extras.rb +627 -406
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/tools/munge.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{ruby_parser-3.13.1 → ruby_parser-3.14.0}/tools/ripper.rb +13 -2
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/History.rdoc +13 -0
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/Manifest.txt +1 -0
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/README.rdoc +0 -0
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/lib/composite_sexp_processor.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/lib/pt_testcase.rb +0 -0
- data/bundle/ruby/2.6.0/gems/sexp_processor-4.13.0/lib/sexp.rb +381 -0
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1/lib/sexp.rb → sexp_processor-4.13.0/lib/sexp_matcher.rb} +25 -385
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/lib/sexp_processor.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/lib/strict_sexp.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{sexp_processor-4.12.1 → sexp_processor-4.13.0}/lib/unique.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/CHANGES +5 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/EXPRESSIONS.md +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/Gemfile +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/LICENSE +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/README.md +1 -1
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/engine.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/erb/engine.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/erb/parser.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/erb/template.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/erb/trimming.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/exceptions.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filter.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/code_merger.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/control_flow.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/dynamic_inliner.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/encoding.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/eraser.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/escapable.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/multi_flattener.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/remove_bom.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/static_analyzer.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/static_merger.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/string_splitter.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/filters/validator.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/generator.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/generators/array.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/generators/array_buffer.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/generators/erb.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/generators/rails_output_buffer.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/generators/string_buffer.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/grammar.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/attribute_merger.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/attribute_remover.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/attribute_sorter.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/dispatcher.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/fast.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/filter.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/pretty.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/html/safe.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/map.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/mixins/dispatcher.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/mixins/engine_dsl.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/mixins/grammar_dsl.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/mixins/options.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/mixins/template.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/parser.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/static_analyzer.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/templates.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/templates/rails.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/templates/tilt.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/lib/temple/utils.rb +0 -0
- data/bundle/ruby/2.6.0/gems/temple-0.8.2/lib/temple/version.rb +3 -0
- data/bundle/ruby/2.6.0/gems/{temple-0.8.1 → temple-0.8.2}/temple.gemspec +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/COPYING +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt.rb +1 -1
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/asciidoc.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/babel.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/bluecloth.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/builder.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/coffee.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/commonmarker.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/creole.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/csv.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/dummy.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/erb.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/erubi.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/erubis.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/etanni.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/haml.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/kramdown.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/less.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/liquid.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/livescript.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/mapping.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/markaby.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/maruku.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/nokogiri.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/pandoc.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/plain.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/prawn.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/radius.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/rdiscount.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/rdoc.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/redcarpet.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/redcloth.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/rst-pandoc.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/sass.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/sigil.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/string.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/template.rb +7 -12
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/typescript.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/wikicloth.rb +0 -0
- data/bundle/ruby/2.6.0/gems/{tilt-2.0.9 → tilt-2.0.10}/lib/tilt/yajl.rb +0 -0
- data/lib/brakeman/checks/base_check.rb +23 -1
- data/lib/brakeman/checks/check_cookie_serialization.rb +1 -1
- data/lib/brakeman/checks/check_cross_site_scripting.rb +1 -1
- data/lib/brakeman/checks/check_execute.rb +26 -1
- data/lib/brakeman/differ.rb +16 -28
- data/lib/brakeman/parsers/haml_embedded.rb +1 -1
- data/lib/brakeman/parsers/template_parser.rb +3 -1
- data/lib/brakeman/processors/alias_processor.rb +10 -0
- data/lib/brakeman/processors/base_processor.rb +2 -0
- data/lib/brakeman/processors/haml_template_processor.rb +86 -122
- data/lib/brakeman/processors/lib/rails2_config_processor.rb +1 -1
- data/lib/brakeman/processors/template_alias_processor.rb +28 -0
- data/lib/brakeman/tracker/config.rb +33 -92
- data/lib/brakeman/version.rb +1 -1
- metadata +215 -206
- data/bundle/ruby/2.6.0/gems/haml-4.0.7/lib/haml/compiler.rb +0 -540
- data/bundle/ruby/2.6.0/gems/haml-4.0.7/lib/haml/error.rb +0 -61
- data/bundle/ruby/2.6.0/gems/haml-4.0.7/lib/haml/railtie.rb +0 -22
- data/bundle/ruby/2.6.0/gems/haml-4.0.7/lib/haml/template/plugin.rb +0 -41
- data/bundle/ruby/2.6.0/gems/haml-4.0.7/lib/haml/util.rb +0 -377
- data/bundle/ruby/2.6.0/gems/haml-4.0.7/lib/haml/version.rb +0 -3
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby20_parser.rb +0 -6869
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby20_parser.y +0 -2431
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby21_parser.rb +0 -6944
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby22_parser.rb +0 -6968
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby23_parser.rb +0 -6987
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby24_parser.rb +0 -6994
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby25_parser.rb +0 -6994
- data/bundle/ruby/2.6.0/gems/ruby_parser-3.13.1/lib/ruby26_parser.rb +0 -7012
- data/bundle/ruby/2.6.0/gems/temple-0.8.1/lib/temple/version.rb +0 -3
- data/bundle/ruby/2.6.0/gems/tilt-2.0.9/CHANGELOG.md +0 -132
- data/bundle/ruby/2.6.0/gems/tilt-2.0.9/Gemfile +0 -70
- data/bundle/ruby/2.6.0/gems/tilt-2.0.9/HACKING +0 -16
- data/bundle/ruby/2.6.0/gems/tilt-2.0.9/README.md +0 -233
- data/bundle/ruby/2.6.0/gems/tilt-2.0.9/tilt.gemspec +0 -130
@@ -0,0 +1,37 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Haml
|
4
|
+
|
5
|
+
# This module makes Haml work with Rails using the template handler API.
|
6
|
+
class Plugin
|
7
|
+
def handles_encoding?; true; end
|
8
|
+
|
9
|
+
def compile(template, source)
|
10
|
+
options = Haml::Template.options.dup
|
11
|
+
if template.respond_to?(:type)
|
12
|
+
options[:mime_type] = template.type
|
13
|
+
elsif template.respond_to? :mime_type
|
14
|
+
options[:mime_type] = template.mime_type
|
15
|
+
end
|
16
|
+
options[:filename] = template.identifier
|
17
|
+
Haml::Engine.new(source, options).compiler.precompiled_with_ambles(
|
18
|
+
[],
|
19
|
+
after_preamble: '@output_buffer = output_buffer ||= ActionView::OutputBuffer.new if defined?(ActionView::OutputBuffer)',
|
20
|
+
)
|
21
|
+
end
|
22
|
+
|
23
|
+
def self.call(template, source = nil)
|
24
|
+
source ||= template.source
|
25
|
+
|
26
|
+
new.compile(template, source)
|
27
|
+
end
|
28
|
+
|
29
|
+
def cache_fragment(block, name = {}, options = nil)
|
30
|
+
@view.fragment_for(block, name, options) do
|
31
|
+
eval("_hamlout.buffer", block.binding)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
ActionView::Template.register_template_handler(:haml, Haml::Plugin)
|
@@ -0,0 +1,48 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'haml/template/options'
|
4
|
+
|
5
|
+
# check for a compatible Rails version when Haml is loaded
|
6
|
+
if (activesupport_spec = Gem.loaded_specs['activesupport'])
|
7
|
+
if activesupport_spec.version.to_s < '4.0'
|
8
|
+
raise Exception.new("\n\n** Haml now requires Rails 4.0 and later. Use Haml version 4.0.x\n\n")
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
module Haml
|
13
|
+
module Filters
|
14
|
+
module RailsErb
|
15
|
+
extend Plain
|
16
|
+
extend TiltFilter
|
17
|
+
extend PrecompiledTiltFilter
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
class Railtie < ::Rails::Railtie
|
22
|
+
initializer :haml do |app|
|
23
|
+
ActiveSupport.on_load(:action_view) do
|
24
|
+
require "haml/template"
|
25
|
+
|
26
|
+
if defined?(::Sass::Rails::SassTemplate) && app.config.assets.enabled
|
27
|
+
require "haml/sass_rails_filter"
|
28
|
+
end
|
29
|
+
|
30
|
+
# Any object under ActionView::Template will be defined as the root constant with the same
|
31
|
+
# name if it exists. If Erubi is loaded at all, ActionView::Template::Handlers::ERB::Erubi
|
32
|
+
# will turn out to be a reference to the ::Erubi module.
|
33
|
+
# In Rails 4.2, calling const_defined? results in odd exceptions, which seems to be
|
34
|
+
# solved by looking for ::Erubi first.
|
35
|
+
# However, in JRuby, the const_defined? finds it anyway, so we must make sure that it's
|
36
|
+
# not just a reference to ::Erubi.
|
37
|
+
if defined?(::Erubi) && (::ActionView::Template::Handlers::ERB.const_get('Erubi') != ::Erubi)
|
38
|
+
require "haml/helpers/safe_erubi_template"
|
39
|
+
Haml::Filters::RailsErb.template_class = Haml::SafeErubiTemplate
|
40
|
+
else
|
41
|
+
require "haml/helpers/safe_erubis_template"
|
42
|
+
Haml::Filters::RailsErb.template_class = Haml::SafeErubisTemplate
|
43
|
+
end
|
44
|
+
Haml::Template.options[:filters] = { 'erb' => Haml::Filters::RailsErb }
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -1,11 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Haml
|
2
4
|
module Filters
|
3
5
|
# This is an extension of Sass::Rails's SassTemplate class that allows
|
4
6
|
# Rails's asset helpers to be used inside Haml Sass filter.
|
5
7
|
class SassRailsTemplate < ::Sass::Rails::SassTemplate
|
6
|
-
|
7
|
-
scope
|
8
|
-
|
8
|
+
if Gem::Version.new(Sprockets::VERSION) >= Gem::Version.new('3.0.0')
|
9
|
+
def render(scope=Object.new, locals={}, &block)
|
10
|
+
environment = ::Sprockets::Railtie.build_environment(::Rails.application)
|
11
|
+
scope = environment.context_class.new(
|
12
|
+
environment: environment,
|
13
|
+
filename: "/",
|
14
|
+
metadata: {}
|
15
|
+
)
|
16
|
+
super
|
17
|
+
end
|
18
|
+
else
|
19
|
+
def render(scope=Object.new, locals={}, &block)
|
20
|
+
scope = ::Rails.application.assets.context_class.new(::Rails.application.assets, "/", "/")
|
21
|
+
super
|
22
|
+
end
|
9
23
|
end
|
10
24
|
|
11
25
|
def sass_options(scope)
|
@@ -30,4 +44,4 @@ module Haml
|
|
30
44
|
register_tilt_filter "Sass", :extend => "Css", :template_class => SassRailsTemplate
|
31
45
|
register_tilt_filter "Scss", :extend => "Css", :template_class => ScssRailsTemplate
|
32
46
|
end
|
33
|
-
end
|
47
|
+
end
|
@@ -1,12 +1,20 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'haml/template/options'
|
2
|
-
|
3
|
-
|
4
|
-
require 'haml/helpers/
|
4
|
+
if defined?(ActiveSupport)
|
5
|
+
ActiveSupport.on_load(:action_view) do
|
6
|
+
require 'haml/helpers/action_view_mods'
|
7
|
+
require 'haml/helpers/action_view_extensions'
|
8
|
+
end
|
9
|
+
else
|
10
|
+
require 'haml/helpers/action_view_mods'
|
11
|
+
require 'haml/helpers/action_view_extensions'
|
12
|
+
end
|
5
13
|
require 'haml/helpers/xss_mods'
|
6
14
|
require 'haml/helpers/action_view_xss_mods'
|
7
15
|
|
8
16
|
module Haml
|
9
|
-
class
|
17
|
+
class TempleEngine
|
10
18
|
def precompiled_method_return_value_with_haml_xss
|
11
19
|
"::Haml::Util.html_safe(#{precompiled_method_return_value_without_haml_xss})"
|
12
20
|
end
|
@@ -26,7 +34,6 @@ module Haml
|
|
26
34
|
end
|
27
35
|
|
28
36
|
|
29
|
-
Haml::Template.options[:ugly] = defined?(Rails) ? !Rails.env.development? : true
|
30
37
|
Haml::Template.options[:escape_html] = true
|
31
38
|
|
32
|
-
require 'haml/
|
39
|
+
require 'haml/plugin'
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# We keep options in its own self-contained file
|
2
4
|
# so that we can load it independently in Rails 3,
|
3
5
|
# where the full template stuff is lazy-loaded.
|
@@ -6,11 +8,20 @@ module Haml
|
|
6
8
|
module Template
|
7
9
|
extend self
|
8
10
|
|
9
|
-
|
11
|
+
class Options < Hash
|
12
|
+
def []=(key, value)
|
13
|
+
super
|
14
|
+
if Haml::Options.buffer_defaults.key?(key)
|
15
|
+
Haml::Options.buffer_defaults[key] = value
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
@options = ::Haml::Template::Options.new
|
10
21
|
# The options hash for Haml when used within Rails.
|
11
22
|
# See {file:REFERENCE.md#options the Haml options documentation}.
|
12
23
|
#
|
13
|
-
# @return [
|
24
|
+
# @return [Haml::Template::Options<Symbol => Object>]
|
14
25
|
attr_accessor :options
|
15
26
|
end
|
16
27
|
end
|
@@ -0,0 +1,123 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'temple'
|
4
|
+
require 'haml/escapable'
|
5
|
+
require 'haml/generator'
|
6
|
+
|
7
|
+
module Haml
|
8
|
+
class TempleEngine < Temple::Engine
|
9
|
+
define_options(
|
10
|
+
attr_wrapper: "'",
|
11
|
+
autoclose: %w(area base basefont br col command embed frame
|
12
|
+
hr img input isindex keygen link menuitem meta
|
13
|
+
param source track wbr),
|
14
|
+
encoding: nil,
|
15
|
+
escape_attrs: true,
|
16
|
+
escape_html: false,
|
17
|
+
escape_filter_interpolations: nil,
|
18
|
+
filename: '(haml)',
|
19
|
+
format: :html5,
|
20
|
+
hyphenate_data_attrs: true,
|
21
|
+
line: 1,
|
22
|
+
mime_type: 'text/html',
|
23
|
+
preserve: %w(textarea pre code),
|
24
|
+
remove_whitespace: false,
|
25
|
+
suppress_eval: false,
|
26
|
+
cdata: false,
|
27
|
+
parser_class: ::Haml::Parser,
|
28
|
+
compiler_class: ::Haml::Compiler,
|
29
|
+
trace: false,
|
30
|
+
filters: {},
|
31
|
+
)
|
32
|
+
|
33
|
+
use :Parser, -> { options[:parser_class] }
|
34
|
+
use :Compiler, -> { options[:compiler_class] }
|
35
|
+
use Escapable
|
36
|
+
filter :ControlFlow
|
37
|
+
filter :MultiFlattener
|
38
|
+
filter :StaticMerger
|
39
|
+
use Generator
|
40
|
+
|
41
|
+
def compile(template)
|
42
|
+
initialize_encoding(template, options[:encoding])
|
43
|
+
@precompiled = call(template)
|
44
|
+
end
|
45
|
+
|
46
|
+
# The source code that is evaluated to produce the Haml document.
|
47
|
+
#
|
48
|
+
# This is automatically converted to the correct encoding
|
49
|
+
# (see {file:REFERENCE.md#encodings the `:encoding` option}).
|
50
|
+
#
|
51
|
+
# @return [String]
|
52
|
+
def precompiled
|
53
|
+
encoding = Encoding.find(@encoding || '')
|
54
|
+
return @precompiled.dup.force_encoding(encoding) if encoding == Encoding::ASCII_8BIT
|
55
|
+
return @precompiled.encode(encoding)
|
56
|
+
end
|
57
|
+
|
58
|
+
def precompiled_with_return_value
|
59
|
+
"#{precompiled};#{precompiled_method_return_value}".dup
|
60
|
+
end
|
61
|
+
|
62
|
+
# The source code that is evaluated to produce the Haml document.
|
63
|
+
#
|
64
|
+
# This is automatically converted to the correct encoding
|
65
|
+
# (see {file:REFERENCE.md#encodings the `:encoding` option}).
|
66
|
+
#
|
67
|
+
# @return [String]
|
68
|
+
def precompiled_with_ambles(local_names, after_preamble: '')
|
69
|
+
preamble = <<END.tr("\n", ';')
|
70
|
+
begin
|
71
|
+
extend Haml::Helpers
|
72
|
+
_hamlout = @haml_buffer = Haml::Buffer.new(haml_buffer, #{Options.new(options).for_buffer.inspect})
|
73
|
+
_erbout = _hamlout.buffer
|
74
|
+
#{after_preamble}
|
75
|
+
END
|
76
|
+
postamble = <<END.tr("\n", ';')
|
77
|
+
#{precompiled_method_return_value}
|
78
|
+
ensure
|
79
|
+
@haml_buffer = @haml_buffer.upper if @haml_buffer
|
80
|
+
end
|
81
|
+
END
|
82
|
+
"#{preamble}#{locals_code(local_names)}#{precompiled}#{postamble}".dup
|
83
|
+
end
|
84
|
+
|
85
|
+
private
|
86
|
+
|
87
|
+
def initialize_encoding(template, given_value)
|
88
|
+
if given_value
|
89
|
+
@encoding = given_value
|
90
|
+
else
|
91
|
+
@encoding = Encoding.default_internal || template.encoding
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
# Returns the string used as the return value of the precompiled method.
|
96
|
+
# This method exists so it can be monkeypatched to return modified values.
|
97
|
+
def precompiled_method_return_value
|
98
|
+
"_erbout"
|
99
|
+
end
|
100
|
+
|
101
|
+
def locals_code(names)
|
102
|
+
names = names.keys if Hash === names
|
103
|
+
|
104
|
+
names.map do |name|
|
105
|
+
# Can't use || because someone might explicitly pass in false with a symbol
|
106
|
+
sym_local = "_haml_locals[#{inspect_obj(name.to_sym)}]"
|
107
|
+
str_local = "_haml_locals[#{inspect_obj(name.to_s)}]"
|
108
|
+
"#{name} = #{sym_local}.nil? ? #{str_local} : #{sym_local};"
|
109
|
+
end.join
|
110
|
+
end
|
111
|
+
|
112
|
+
def inspect_obj(obj)
|
113
|
+
case obj
|
114
|
+
when String
|
115
|
+
%Q!"#{obj.gsub(/[\x00-\x7F]+/) {|s| s.inspect[1...-1]}}"!
|
116
|
+
when Symbol
|
117
|
+
":#{inspect_obj(obj.to_s)}"
|
118
|
+
else
|
119
|
+
obj.inspect
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Haml
|
4
|
+
# A module to count lines of expected code. This would be faster than actual code generation
|
5
|
+
# and counting newlines in it.
|
6
|
+
module TempleLineCounter
|
7
|
+
class UnexpectedExpression < StandardError; end
|
8
|
+
|
9
|
+
def self.count_lines(exp)
|
10
|
+
type, *args = exp
|
11
|
+
case type
|
12
|
+
when :multi
|
13
|
+
args.map { |a| count_lines(a) }.reduce(:+) || 0
|
14
|
+
when :dynamic, :code
|
15
|
+
args.first.count("\n")
|
16
|
+
when :static
|
17
|
+
0 # It has not real newline "\n" but escaped "\\n".
|
18
|
+
when :case
|
19
|
+
arg, *cases = args
|
20
|
+
arg.count("\n") + cases.map do |cond, e|
|
21
|
+
(cond == :else ? 0 : cond.count("\n")) + count_lines(e)
|
22
|
+
end.reduce(:+)
|
23
|
+
when :escape
|
24
|
+
count_lines(args[1])
|
25
|
+
else
|
26
|
+
raise UnexpectedExpression.new("[HAML BUG] Unexpected Temple expression '#{type}' is given!")
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,258 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
begin
|
4
|
+
require 'erubis/tiny'
|
5
|
+
rescue LoadError
|
6
|
+
require 'erb'
|
7
|
+
end
|
8
|
+
require 'set'
|
9
|
+
require 'stringio'
|
10
|
+
require 'strscan'
|
11
|
+
|
12
|
+
module Haml
|
13
|
+
# A module containing various useful functions.
|
14
|
+
module Util
|
15
|
+
extend self
|
16
|
+
|
17
|
+
# Silence all output to STDERR within a block.
|
18
|
+
#
|
19
|
+
# @yield A block in which no output will be printed to STDERR
|
20
|
+
def silence_warnings
|
21
|
+
the_real_stderr, $stderr = $stderr, StringIO.new
|
22
|
+
yield
|
23
|
+
ensure
|
24
|
+
$stderr = the_real_stderr
|
25
|
+
end
|
26
|
+
|
27
|
+
## Rails XSS Safety
|
28
|
+
|
29
|
+
# Whether or not ActionView's XSS protection is available and enabled,
|
30
|
+
# as is the default for Rails 3.0+, and optional for version 2.3.5+.
|
31
|
+
# Overridden in haml/template.rb if this is the case.
|
32
|
+
#
|
33
|
+
# @return [Boolean]
|
34
|
+
def rails_xss_safe?
|
35
|
+
false
|
36
|
+
end
|
37
|
+
|
38
|
+
# Returns the given text, marked as being HTML-safe.
|
39
|
+
# With older versions of the Rails XSS-safety mechanism,
|
40
|
+
# this destructively modifies the HTML-safety of `text`.
|
41
|
+
#
|
42
|
+
# It only works if you are using ActiveSupport or the parameter `text`
|
43
|
+
# implements the #html_safe method.
|
44
|
+
#
|
45
|
+
# @param text [String, nil]
|
46
|
+
# @return [String, nil] `text`, marked as HTML-safe
|
47
|
+
def html_safe(text)
|
48
|
+
return unless text
|
49
|
+
text.html_safe
|
50
|
+
end
|
51
|
+
|
52
|
+
# Checks that the encoding of a string is valid
|
53
|
+
# and cleans up potential encoding gotchas like the UTF-8 BOM.
|
54
|
+
# If it's not, yields an error string describing the invalid character
|
55
|
+
# and the line on which it occurs.
|
56
|
+
#
|
57
|
+
# @param str [String] The string of which to check the encoding
|
58
|
+
# @yield [msg] A block in which an encoding error can be raised.
|
59
|
+
# Only yields if there is an encoding error
|
60
|
+
# @yieldparam msg [String] The error message to be raised
|
61
|
+
# @return [String] `str`, potentially with encoding gotchas like BOMs removed
|
62
|
+
def check_encoding(str)
|
63
|
+
if str.valid_encoding?
|
64
|
+
# Get rid of the Unicode BOM if possible
|
65
|
+
# Shortcut for UTF-8 which might be the majority case
|
66
|
+
if str.encoding == Encoding::UTF_8
|
67
|
+
return str.gsub(/\A\uFEFF/, '')
|
68
|
+
elsif str.encoding.name =~ /^UTF-(16|32)(BE|LE)?$/
|
69
|
+
return str.gsub(Regexp.new("\\A\uFEFF".encode(str.encoding)), '')
|
70
|
+
else
|
71
|
+
return str
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
encoding = str.encoding
|
76
|
+
newlines = Regexp.new("\r\n|\r|\n".encode(encoding).force_encoding(Encoding::ASCII_8BIT))
|
77
|
+
str.force_encoding(Encoding::ASCII_8BIT).split(newlines).each_with_index do |line, i|
|
78
|
+
begin
|
79
|
+
line.encode(encoding)
|
80
|
+
rescue Encoding::UndefinedConversionError => e
|
81
|
+
yield <<MSG.rstrip, i + 1
|
82
|
+
Invalid #{encoding.name} character #{e.error_char.dump}
|
83
|
+
MSG
|
84
|
+
end
|
85
|
+
end
|
86
|
+
return str
|
87
|
+
end
|
88
|
+
|
89
|
+
# Like {\#check\_encoding}, but also checks for a Ruby-style `-# coding:` comment
|
90
|
+
# at the beginning of the template and uses that encoding if it exists.
|
91
|
+
#
|
92
|
+
# The Haml encoding rules are simple.
|
93
|
+
# If a `-# coding:` comment exists,
|
94
|
+
# we assume that that's the original encoding of the document.
|
95
|
+
# Otherwise, we use whatever encoding Ruby has.
|
96
|
+
#
|
97
|
+
# Haml uses the same rules for parsing coding comments as Ruby.
|
98
|
+
# This means that it can understand Emacs-style comments
|
99
|
+
# (e.g. `-*- encoding: "utf-8" -*-`),
|
100
|
+
# and also that it cannot understand non-ASCII-compatible encodings
|
101
|
+
# such as `UTF-16` and `UTF-32`.
|
102
|
+
#
|
103
|
+
# @param str [String] The Haml template of which to check the encoding
|
104
|
+
# @yield [msg] A block in which an encoding error can be raised.
|
105
|
+
# Only yields if there is an encoding error
|
106
|
+
# @yieldparam msg [String] The error message to be raised
|
107
|
+
# @return [String] The original string encoded properly
|
108
|
+
# @raise [ArgumentError] if the document declares an unknown encoding
|
109
|
+
def check_haml_encoding(str, &block)
|
110
|
+
str = str.dup if str.frozen?
|
111
|
+
|
112
|
+
bom, encoding = parse_haml_magic_comment(str)
|
113
|
+
if encoding; str.force_encoding(encoding)
|
114
|
+
elsif bom; str.force_encoding(Encoding::UTF_8)
|
115
|
+
end
|
116
|
+
|
117
|
+
return check_encoding(str, &block)
|
118
|
+
end
|
119
|
+
|
120
|
+
# Like `Object#inspect`, but preserves non-ASCII characters rather than escaping them.
|
121
|
+
# This is necessary so that the precompiled Haml template can be `#encode`d into `@options[:encoding]`
|
122
|
+
# before being evaluated.
|
123
|
+
#
|
124
|
+
# @param obj {Object}
|
125
|
+
# @return {String}
|
126
|
+
def inspect_obj(obj)
|
127
|
+
case obj
|
128
|
+
when String
|
129
|
+
%Q!"#{obj.gsub(/[\x00-\x7F]+/) {|s| s.dump[1...-1]}}"!
|
130
|
+
when Symbol
|
131
|
+
":#{inspect_obj(obj.to_s)}"
|
132
|
+
else
|
133
|
+
obj.inspect
|
134
|
+
end
|
135
|
+
end
|
136
|
+
|
137
|
+
# Scans through a string looking for the interoplation-opening `#{`
|
138
|
+
# and, when it's found, yields the scanner to the calling code
|
139
|
+
# so it can handle it properly.
|
140
|
+
#
|
141
|
+
# The scanner will have any backslashes immediately in front of the `#{`
|
142
|
+
# as the second capture group (`scan[2]`),
|
143
|
+
# and the text prior to that as the first (`scan[1]`).
|
144
|
+
#
|
145
|
+
# @yieldparam scan [StringScanner] The scanner scanning through the string
|
146
|
+
# @return [String] The text remaining in the scanner after all `#{`s have been processed
|
147
|
+
def handle_interpolation(str)
|
148
|
+
scan = StringScanner.new(str)
|
149
|
+
yield scan while scan.scan(/(.*?)(\\*)#([\{@$])/)
|
150
|
+
scan.rest
|
151
|
+
end
|
152
|
+
|
153
|
+
# Moves a scanner through a balanced pair of characters.
|
154
|
+
# For example:
|
155
|
+
#
|
156
|
+
# Foo (Bar (Baz bang) bop) (Bang (bop bip))
|
157
|
+
# ^ ^
|
158
|
+
# from to
|
159
|
+
#
|
160
|
+
# @param scanner [StringScanner] The string scanner to move
|
161
|
+
# @param start [String] The character opening the balanced pair.
|
162
|
+
# @param finish [String] The character closing the balanced pair.
|
163
|
+
# @param count [Fixnum] The number of opening characters matched
|
164
|
+
# before calling this method
|
165
|
+
# @return [(String, String)] The string matched within the balanced pair
|
166
|
+
# and the rest of the string.
|
167
|
+
# `["Foo (Bar (Baz bang) bop)", " (Bang (bop bip))"]` in the example above.
|
168
|
+
def balance(scanner, start, finish, count = 0)
|
169
|
+
str = ''.dup
|
170
|
+
scanner = StringScanner.new(scanner) unless scanner.is_a? StringScanner
|
171
|
+
regexp = Regexp.new("(.*?)[\\#{start.chr}\\#{finish.chr}]", Regexp::MULTILINE)
|
172
|
+
while scanner.scan(regexp)
|
173
|
+
str << scanner.matched
|
174
|
+
count += 1 if scanner.matched[-1] == start
|
175
|
+
count -= 1 if scanner.matched[-1] == finish
|
176
|
+
return [str.strip, scanner.rest] if count == 0
|
177
|
+
end
|
178
|
+
end
|
179
|
+
|
180
|
+
# Formats a string for use in error messages about indentation.
|
181
|
+
#
|
182
|
+
# @param indentation [String] The string used for indentation
|
183
|
+
# @return [String] The name of the indentation (e.g. `"12 spaces"`, `"1 tab"`)
|
184
|
+
def human_indentation(indentation)
|
185
|
+
if !indentation.include?(?\t)
|
186
|
+
noun = 'space'
|
187
|
+
elsif !indentation.include?(?\s)
|
188
|
+
noun = 'tab'
|
189
|
+
else
|
190
|
+
return indentation.inspect
|
191
|
+
end
|
192
|
+
|
193
|
+
singular = indentation.length == 1
|
194
|
+
"#{indentation.length} #{noun}#{'s' unless singular}"
|
195
|
+
end
|
196
|
+
|
197
|
+
def contains_interpolation?(str)
|
198
|
+
/#[\{$@]/ === str
|
199
|
+
end
|
200
|
+
|
201
|
+
def unescape_interpolation(str, escape_html = nil)
|
202
|
+
res = ''.dup
|
203
|
+
rest = Haml::Util.handle_interpolation str.dump do |scan|
|
204
|
+
escapes = (scan[2].size - 1) / 2
|
205
|
+
char = scan[3] # '{', '@' or '$'
|
206
|
+
res << scan.matched[0...-3 - escapes]
|
207
|
+
if escapes % 2 == 1
|
208
|
+
res << "\##{char}"
|
209
|
+
else
|
210
|
+
interpolated = if char == '{'
|
211
|
+
balance(scan, ?{, ?}, 1)[0][0...-1]
|
212
|
+
else
|
213
|
+
scan.scan(/\w+/)
|
214
|
+
end
|
215
|
+
content = eval("\"#{interpolated}\"")
|
216
|
+
content.prepend(char) if char == '@' || char == '$'
|
217
|
+
content = "Haml::Helpers.html_escape((#{content}))" if escape_html
|
218
|
+
|
219
|
+
res << "\#{#{content}}"
|
220
|
+
end
|
221
|
+
end
|
222
|
+
res + rest
|
223
|
+
end
|
224
|
+
|
225
|
+
private
|
226
|
+
|
227
|
+
# Parses a magic comment at the beginning of a Haml file.
|
228
|
+
# The parsing rules are basically the same as Ruby's.
|
229
|
+
#
|
230
|
+
# @return [(Boolean, String or nil)]
|
231
|
+
# Whether the document begins with a UTF-8 BOM,
|
232
|
+
# and the declared encoding of the document (or nil if none is declared)
|
233
|
+
def parse_haml_magic_comment(str)
|
234
|
+
scanner = StringScanner.new(str.dup.force_encoding(Encoding::ASCII_8BIT))
|
235
|
+
bom = scanner.scan(/\xEF\xBB\xBF/n)
|
236
|
+
return bom unless scanner.scan(/-\s*#\s*/n)
|
237
|
+
if (coding = try_parse_haml_emacs_magic_comment(scanner))
|
238
|
+
return bom, coding
|
239
|
+
end
|
240
|
+
|
241
|
+
return bom unless scanner.scan(/.*?coding[=:]\s*([\w-]+)/in)
|
242
|
+
return bom, scanner[1]
|
243
|
+
end
|
244
|
+
|
245
|
+
def try_parse_haml_emacs_magic_comment(scanner)
|
246
|
+
pos = scanner.pos
|
247
|
+
return unless scanner.scan(/.*?-\*-\s*/n)
|
248
|
+
# From Ruby's parse.y
|
249
|
+
return unless scanner.scan(/([^\s'":;]+)\s*:\s*("(?:\\.|[^"])*"|[^"\s;]+?)[\s;]*-\*-/n)
|
250
|
+
name, val = scanner[1], scanner[2]
|
251
|
+
return unless name =~ /(en)?coding/in
|
252
|
+
val = $1 if val =~ /^"(.*)"$/n
|
253
|
+
return val
|
254
|
+
ensure
|
255
|
+
scanner.pos = pos
|
256
|
+
end
|
257
|
+
end
|
258
|
+
end
|