brakeman 5.1.1 → 5.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (145) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +18 -1
  3. data/README.md +1 -1
  4. data/bundle/load.rb +5 -5
  5. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/CHANGELOG.md +8 -0
  6. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/FAQ.md +0 -0
  7. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/Gemfile +0 -0
  8. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/MIT-LICENSE +0 -0
  9. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/README.md +19 -13
  10. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/REFERENCE.md +10 -3
  11. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/TODO +0 -0
  12. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/haml.gemspec +0 -0
  13. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/attribute_builder.rb +55 -0
  14. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/attribute_compiler.rb +4 -2
  15. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/attribute_parser.rb +0 -0
  16. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/buffer.rb +0 -56
  17. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/compiler.rb +0 -0
  18. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/engine.rb +0 -0
  19. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/error.rb +0 -0
  20. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/escapable.rb +0 -0
  21. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/exec.rb +0 -0
  22. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/filters.rb +0 -0
  23. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/generator.rb +0 -0
  24. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers/action_view_extensions.rb +0 -0
  25. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers/action_view_mods.rb +0 -0
  26. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers/action_view_xss_mods.rb +0 -0
  27. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers/safe_erubi_template.rb +0 -0
  28. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers/safe_erubis_template.rb +0 -0
  29. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers/xss_mods.rb +0 -0
  30. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/helpers.rb +0 -0
  31. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/options.rb +0 -0
  32. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/parser.rb +0 -0
  33. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/plugin.rb +18 -1
  34. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/railtie.rb +5 -0
  35. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/sass_rails_filter.rb +0 -0
  36. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/template/options.rb +0 -0
  37. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/template.rb +0 -0
  38. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/temple_engine.rb +2 -1
  39. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/temple_line_counter.rb +0 -0
  40. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/util.rb +0 -0
  41. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml/version.rb +1 -1
  42. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/lib/haml.rb +0 -0
  43. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/yard/default/fulldoc/html/css/common.sass +0 -0
  44. data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.2}/yard/default/layout/html/footer.erb +0 -0
  45. data/bundle/ruby/2.7.0/gems/{parallel-1.20.1 → parallel-1.21.0}/MIT-LICENSE.txt +0 -0
  46. data/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/processor_count.rb +45 -0
  47. data/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib/parallel/version.rb +4 -0
  48. data/bundle/ruby/2.7.0/gems/{parallel-1.20.1 → parallel-1.21.0}/lib/parallel.rb +52 -43
  49. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/History.rdoc +88 -0
  50. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/Manifest.txt +3 -0
  51. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/README.rdoc +1 -0
  52. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/compare/normalize.rb +6 -1
  53. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/debugging.md +0 -0
  54. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/gauntlet.md +106 -0
  55. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/rp_extensions.rb +15 -36
  56. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/rp_stringscanner.rb +33 -0
  57. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby20_parser.rb +7128 -0
  58. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby20_parser.y +335 -252
  59. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby21_parser.rb +7182 -0
  60. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby21_parser.y +330 -249
  61. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby22_parser.rb +7228 -0
  62. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby22_parser.y +334 -251
  63. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby23_parser.rb +7237 -0
  64. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0/lib/ruby26_parser.y → ruby_parser-3.18.1/lib/ruby23_parser.y} +336 -276
  65. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby24_parser.rb +7268 -0
  66. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby24_parser.y +334 -251
  67. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby25_parser.rb +7268 -0
  68. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0/lib/ruby30_parser.y → ruby_parser-3.18.1/lib/ruby25_parser.y} +335 -304
  69. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby26_parser.rb +7287 -0
  70. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0/lib/ruby27_parser.y → ruby_parser-3.18.1/lib/ruby26_parser.y} +334 -288
  71. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby27_parser.rb +8517 -0
  72. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0/lib/ruby_parser.yy → ruby_parser-3.18.1/lib/ruby27_parser.y} +906 -380
  73. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby30_parser.rb +8751 -0
  74. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby30_parser.y +3472 -0
  75. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby3_parser.yy +3476 -0
  76. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby_lexer.rb +261 -609
  77. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby_lexer.rex +27 -20
  78. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby_lexer.rex.rb +59 -23
  79. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_lexer_strings.rb +638 -0
  80. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby_parser.rb +0 -0
  81. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib/ruby_parser.yy +3487 -0
  82. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/lib/ruby_parser_extras.rb +296 -115
  83. data/bundle/ruby/2.7.0/gems/{ruby_parser-3.16.0 → ruby_parser-3.18.1}/tools/munge.rb +34 -6
  84. data/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/tools/ripper.rb +44 -0
  85. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/History.rdoc +15 -0
  86. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/Manifest.txt +0 -0
  87. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/README.rdoc +0 -0
  88. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/composite_sexp_processor.rb +0 -0
  89. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/pt_testcase.rb +7 -2
  90. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/sexp.rb +19 -9
  91. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/sexp_matcher.rb +0 -0
  92. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/sexp_processor.rb +1 -1
  93. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/strict_sexp.rb +25 -3
  94. data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.3 → sexp_processor-4.16.0}/lib/unique.rb +0 -0
  95. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/CHANGELOG.md +4 -0
  96. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/MIT-LICENSE.txt +0 -0
  97. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/README.md +1 -1
  98. data/bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/data/display_width.marshal.gz +0 -0
  99. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/lib/unicode/display_width/constants.rb +2 -2
  100. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/lib/unicode/display_width/index.rb +0 -0
  101. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/lib/unicode/display_width/no_string_ext.rb +0 -0
  102. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/lib/unicode/display_width/string_ext.rb +0 -0
  103. data/bundle/ruby/2.7.0/gems/{unicode-display_width-1.7.0 → unicode-display_width-1.8.0}/lib/unicode/display_width.rb +0 -0
  104. data/lib/brakeman/app_tree.rb +1 -1
  105. data/lib/brakeman/checks/base_check.rb +10 -0
  106. data/lib/brakeman/checks/check_eol_rails.rb +23 -0
  107. data/lib/brakeman/checks/check_eol_ruby.rb +26 -0
  108. data/lib/brakeman/checks/check_json_parsing.rb +1 -1
  109. data/lib/brakeman/checks/check_sql.rb +3 -2
  110. data/lib/brakeman/checks/check_symbol_dos.rb +1 -1
  111. data/lib/brakeman/checks/eol_check.rb +47 -0
  112. data/lib/brakeman/options.rb +8 -0
  113. data/lib/brakeman/processors/alias_processor.rb +7 -1
  114. data/lib/brakeman/processors/gem_processor.rb +3 -0
  115. data/lib/brakeman/processors/haml_template_processor.rb +9 -0
  116. data/lib/brakeman/processors/lib/call_conversion_helper.rb +2 -0
  117. data/lib/brakeman/processors/lib/rails3_route_processor.rb +2 -0
  118. data/lib/brakeman/processors/model_processor.rb +1 -0
  119. data/lib/brakeman/report/ignore/config.rb +1 -1
  120. data/lib/brakeman/report/report_csv.rb +1 -1
  121. data/lib/brakeman/report/report_sarif.rb +1 -1
  122. data/lib/brakeman/report/report_text.rb +1 -1
  123. data/lib/brakeman/scanner.rb +15 -13
  124. data/lib/brakeman/tracker/config.rb +8 -1
  125. data/lib/brakeman/version.rb +1 -1
  126. data/lib/brakeman/warning_codes.rb +2 -0
  127. data/lib/brakeman.rb +2 -2
  128. data/lib/ruby_parser/bm_sexp.rb +11 -1
  129. metadata +105 -99
  130. data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/processor_count.rb +0 -42
  131. data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/version.rb +0 -3
  132. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/rp_stringscanner.rb +0 -64
  133. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby20_parser.rb +0 -7075
  134. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby21_parser.rb +0 -7148
  135. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby22_parser.rb +0 -7185
  136. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby23_parser.rb +0 -7199
  137. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby23_parser.y +0 -2643
  138. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby24_parser.rb +0 -7219
  139. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby25_parser.rb +0 -7218
  140. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby25_parser.y +0 -2651
  141. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby26_parser.rb +0 -7240
  142. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby27_parser.rb +0 -7358
  143. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.rb +0 -7358
  144. data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/tools/ripper.rb +0 -39
  145. data/bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/data/display_width.marshal.gz +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cafb4506d0cbb4ef2ab84459c03a8d356ed916c29ceca5104536b836162a91ed
4
- data.tar.gz: b1166612e496c77ffc41f07dc4c7a1226c19ee0726d1e02e3241c792ce4463a8
3
+ metadata.gz: 6cb338d80c6615c14b65edf49dd428ad57bb033e71366a2f1cc599253d28fb11
4
+ data.tar.gz: f310c08560f4e5dd9d55983ba41e8ad64ac5cce07a805415ddd51658069c8fb9
5
5
  SHA512:
6
- metadata.gz: 70920cb9dd7d8647ee9767502575c8336768cfe7d6c418cef810c90b7f3a9a9ea2fb48fb70af123dd8853bb60851cac3def642b0412fb5a4422c47b2f37fd6dd
7
- data.tar.gz: '083ba7226c065d0e15ddaf5bbf3023326a35bcf167c9070080629fedb517110726d17fac3cf3c4f2f24232ce49dc1b5476d4bf46c60aa55869c4407c6e79bc92'
6
+ metadata.gz: d79a9b1253b5bce89082ea81ed8ece812299c7df06a68248cb2e03866e32a57d685615e0b9f5f5ed36250f70d1f64705eced85dab9c4497dd529aa6416055755
7
+ data.tar.gz: 89279ff60b5a728a10017c905cbc43da143eb78064d4531b913bcb545d566ffdcfad6744e718eb1ac082cec4333ea7a0b2bdf29c39b77cae236fabf9cdeb8cca
data/CHANGES.md CHANGED
@@ -1,3 +1,20 @@
1
+ # 5.2.0 - 2021-12-15
2
+
3
+ * Initial Rails 7 support
4
+ * Require Ruby 2.5.0+
5
+ * Fix issue with calls to `foo.root` in routes
6
+ * Ignore `I18n.locale` in SQL queries
7
+ * Do not treat `sanitize_sql_like` as safe
8
+ * Add new checks for unsupported Ruby and Rails versions
9
+
10
+ # 5.1.2 - 2021-10-28
11
+
12
+ * Handle cases where enums are not symbols
13
+ * Support newer Haml with ::Haml::AttributeBuilder.build
14
+ * Fix issue where the previous output is still visible (Jason Frey)
15
+ * Fix warning sorting with nil line numbers
16
+ * Update for latest RubyParser (Ryan Davis)
17
+
1
18
  # 5.1.1 - 2021-07-19
2
19
 
3
20
  * Unrefactor IgnoreConfig's use of `Brakeman::FilePath`
@@ -449,7 +466,7 @@
449
466
  * Delay loading vendored gems and modifying load path
450
467
  * Avoid warning about SQL injection with `quoted_primary_key`
451
468
  * Support more safe `&.` operations
452
- * Allow multile line regex in `validates_format_of` (Dmitrij Fedorenko)
469
+ * Allow multiple line regex in `validates_format_of` (Dmitrij Fedorenko)
453
470
  * Only consider `if` branches in templates
454
471
  * Avoid overwriting instance/class methods with same name (Tim Wade)
455
472
  * Add `--force-scan` option (Neil Matatall)
data/README.md CHANGED
@@ -66,7 +66,7 @@ Outside of Rails root (note that the output file is relative to path/to/rails/ap
66
66
 
67
67
  Brakeman should work with any version of Rails from 2.3.x to 6.x.
68
68
 
69
- Brakeman can analyze code written with Ruby 1.8 syntax and newer, but requires at least Ruby 2.3.0 to run.
69
+ Brakeman can analyze code written with Ruby 1.8 syntax and newer, but requires at least Ruby 2.4.0 to run.
70
70
 
71
71
  # Basic Options
72
72
 
data/bundle/load.rb CHANGED
@@ -1,16 +1,16 @@
1
1
  path = File.expand_path('../..', __FILE__)
2
+ $:.unshift "#{path}/bundle/ruby/2.7.0/gems/ruby_parser-3.18.1/lib"
2
3
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/temple-0.8.2/lib"
3
- $:.unshift "#{path}/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib"
4
- $:.unshift "#{path}/bundle/ruby/2.7.0/gems/unicode-display_width-1.7.0/lib"
4
+ $:.unshift "#{path}/bundle/ruby/2.7.0/gems/sexp_processor-4.16.0/lib"
5
5
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/tilt-2.0.10/lib"
6
+ $:.unshift "#{path}/bundle/ruby/2.7.0/gems/unicode-display_width-1.8.0/lib"
6
7
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/slim-4.1.0/lib"
7
8
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/highline-2.0.3/lib"
8
9
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/ruby2ruby-2.4.4/lib"
9
10
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/terminal-table-1.8.0/lib"
10
- $:.unshift "#{path}/bundle/ruby/2.7.0/gems/sexp_processor-4.15.3/lib"
11
- $:.unshift "#{path}/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib"
11
+ $:.unshift "#{path}/bundle/ruby/2.7.0/gems/haml-5.2.2/lib"
12
+ $:.unshift "#{path}/bundle/ruby/2.7.0/gems/parallel-1.21.0/lib"
12
13
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/ruby_parser-legacy-1.0.0/lib"
13
14
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/erubis-2.7.0/lib"
14
- $:.unshift "#{path}/bundle/ruby/2.7.0/gems/haml-5.2.1/lib"
15
15
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib"
16
16
  $:.unshift "#{path}/bundle/ruby/2.7.0/gems/safe_yaml-1.0.5/lib"
@@ -1,5 +1,13 @@
1
1
  # Haml Changelog
2
2
 
3
+ ## 5.2.2
4
+ Released on July 27, 2021
5
+ ([diff](https://github.com/haml/haml/compare/v5.2.1...v5.2.2)).
6
+
7
+ * Support for adding Annotations to Haml output (a Rails feature 6.1+)
8
+ * Expanded test matrix to include Ruby 3.0 and Rails 6.1
9
+ * Only testing Ruby 2.7+ and Rails 5.2+
10
+
3
11
  ## 5.2.1
4
12
 
5
13
  Released on November 30, 2020
@@ -10,6 +10,13 @@ more pleasant to write HTML documents, by eliminating redundancy, reflecting the
10
10
  underlying structure that the document represents, and providing an elegant syntax
11
11
  that's both powerful and easy to understand.
12
12
 
13
+ ### Supported Versions
14
+
15
+ * Ruby 2.6+
16
+ * Rails 5.1+
17
+
18
+ Other versions may likely work, but we don't test against them.
19
+
13
20
  ## Basic Usage
14
21
 
15
22
  Haml can be used from the command line or as part of a Ruby web framework. The
@@ -162,35 +169,34 @@ on a specific area:
162
169
  ruby -Itest test/helper_test.rb -n test_buffer_access
163
170
  ~~~
164
171
 
165
- Haml currently supports Ruby 2.0.0 and higher, so please make sure your changes run on 2.0+.
172
+ Haml currently supports Ruby 2.7.0 and higher, so please make sure your changes run on 2.7+.
166
173
 
167
174
  ## Team
168
175
 
169
176
  ### Current Maintainers
170
177
 
171
- * [Akira Matsuda](https://github.com/amatsuda)
172
- * [Matt Wildig](https://github.com/mattwildig)
173
- * [Tee Parham](https://github.com/teeparham)
178
+ * [Hampton Catlin](https://github.com/hcatlin)
174
179
  * [Takashi Kokubun](https://github.com/k0kubun)
180
+ * [Akira Matsuda](https://github.com/amatsuda)
175
181
 
176
182
  ### Alumni
177
183
 
178
184
  Haml was created by [Hampton Catlin](http://hamptoncatlin.com), the author of
179
- the original implementation. Hampton is no longer involved in day-to-day coding,
180
- but still consults on language issues.
185
+ the original implementation.
181
186
 
182
- [Natalie Weizenbaum](http://nex-3.com) was for many years the primary developer
187
+ [Natalie Weizenbaum](https://github.com/nex3) was for many years the primary developer
183
188
  and architect of the "modern" Ruby implementation of Haml.
184
189
 
185
- [Norman Clarke](http://github.com/norman) was the primary maintainer of Haml from 2012 to 2016.
186
-
187
- ## License
190
+ This project's been around for many years, and we have many amazing people who kept the project
191
+ alive! as former maintainers like:
188
192
 
189
- Some of Natalie's work on Haml was supported by Unspace Interactive.
193
+ [Norman Clarke](http://github.com/norman)
194
+ [Matt Wildig](https://github.com/mattwildig)
195
+ [Tee Parham](https://github.com/teeparham)
190
196
 
191
- Beyond that, the implementation is licensed under the MIT License.
197
+ ## License
192
198
 
193
- Copyright (c) 2006-2019 Hampton Catlin, Natalie Weizenbaum and the Haml team
199
+ Copyright (c) 2006-2021 Hampton Catlin, Natalie Weizenbaum and the Haml team
194
200
 
195
201
  Permission is hereby granted, free of charge, to any person obtaining a copy of
196
202
  this software and associated documentation files (the "Software"), to deal in
@@ -107,13 +107,20 @@ output.
107
107
  In Rails, options can be set by setting the {Haml::Template#options Haml::Template.options}
108
108
  hash in an initializer:
109
109
 
110
- # config/initializers/haml.rb
111
- Haml::Template.options[:format] = :html5
110
+ ```ruby
111
+ # config/initializers/haml.rb
112
+ Haml::Template.options[:format] = :html5
113
+
114
+ # Avoid escaping attributes which are already escaped
115
+ Haml::Template.options[:escape_attrs] = :once
116
+ ```
112
117
 
113
118
  Outside Rails, you can set them by configuring them globally in
114
119
  Haml::Options.defaults:
115
120
 
116
- Haml::Options.defaults[:format] = :html5
121
+ ```ruby
122
+ Haml::Options.defaults[:format] = :html5
123
+ ```
117
124
 
118
125
  In sinatra specifically, you can set them in global config with:
119
126
  ```ruby
@@ -6,6 +6,17 @@ module Haml
6
6
  INVALID_ATTRIBUTE_NAME_REGEX = /[ \0"'>\/=]/
7
7
 
8
8
  class << self
9
+ def build(class_id, obj_ref, is_html, attr_wrapper, escape_attrs, hyphenate_data_attrs, *attributes_hashes)
10
+ attributes = class_id
11
+ attributes_hashes.each do |old|
12
+ result = {}
13
+ old.each { |k, v| result[k.to_s] = v }
14
+ merge_attributes!(attributes, result)
15
+ end
16
+ merge_attributes!(attributes, parse_object_ref(obj_ref)) if obj_ref
17
+ build_attributes(is_html, attr_wrapper, escape_attrs, hyphenate_data_attrs, attributes)
18
+ end
19
+
9
20
  def build_attributes(is_html, attr_wrapper, escape_attrs, hyphenate_data_attrs, attributes = {})
10
21
  # @TODO this is an absolutely ridiculous amount of arguments. At least
11
22
  # some of this needs to be moved into an instance method.
@@ -159,6 +170,50 @@ module Haml
159
170
  hash.merge! flatten_data_attributes(v, joined, join_char, seen)
160
171
  end
161
172
  end
173
+
174
+ # Takes an array of objects and uses the class and id of the first
175
+ # one to create an attributes hash.
176
+ # The second object, if present, is used as a prefix,
177
+ # just like you can do with `dom_id()` and `dom_class()` in Rails
178
+ def parse_object_ref(ref)
179
+ prefix = ref[1]
180
+ ref = ref[0]
181
+ # Let's make sure the value isn't nil. If it is, return the default Hash.
182
+ return {} if ref.nil?
183
+ class_name =
184
+ if ref.respond_to?(:haml_object_ref)
185
+ ref.haml_object_ref
186
+ else
187
+ underscore(ref.class)
188
+ end
189
+ ref_id =
190
+ if ref.respond_to?(:to_key)
191
+ key = ref.to_key
192
+ key.join('_') unless key.nil?
193
+ else
194
+ ref.id
195
+ end
196
+ id = "#{class_name}_#{ref_id || 'new'}"
197
+ if prefix
198
+ class_name = "#{ prefix }_#{ class_name}"
199
+ id = "#{ prefix }_#{ id }"
200
+ end
201
+
202
+ { 'id'.freeze => id, 'class'.freeze => class_name }
203
+ end
204
+
205
+ # Changes a word from camel case to underscores.
206
+ # Based on the method of the same name in Rails' Inflector,
207
+ # but copied here so it'll run properly without Rails.
208
+ def underscore(camel_cased_word)
209
+ word = camel_cased_word.to_s.dup
210
+ word.gsub!(/::/, '_')
211
+ word.gsub!(/([A-Z]+)([A-Z][a-z])/, '\1_\2')
212
+ word.gsub!(/([a-z\d])([A-Z])/, '\1_\2')
213
+ word.tr!('-', '_')
214
+ word.downcase!
215
+ word
216
+ end
162
217
  end
163
218
  end
164
219
  end
@@ -51,7 +51,8 @@ module Haml
51
51
  # @param dynamic_attributes [Haml::Parser::DynamicAttributes]
52
52
  # @return [String] Attributes rendering code
53
53
  def compile_runtime_build(attributes, object_ref, dynamic_attributes)
54
- "_hamlout.attributes(#{to_literal(attributes)}, #{object_ref}, #{dynamic_attributes.to_literal})"
54
+ arguments = [@is_html, @attr_wrapper, @escape_attrs, @hyphenate_data_attrs].map(&method(:to_literal)).join(', ')
55
+ "::Haml::AttributeBuilder.build(#{to_literal(attributes)}, #{object_ref}, #{arguments}, #{dynamic_attributes.to_literal})"
55
56
  end
56
57
 
57
58
  # Build array of grouped values whose sort order may go back and forth, which is also sorted with key name.
@@ -106,7 +107,8 @@ module Haml
106
107
  hash_content = values.group_by(&:key).map do |key, values_for_key|
107
108
  "#{frozen_string(key)} => #{merged_value(key, values_for_key)}"
108
109
  end.join(', ')
109
- [:dynamic, "_hamlout.attributes({ #{hash_content} }, nil)"]
110
+ arguments = [@is_html, @attr_wrapper, @escape_attrs, @hyphenate_data_attrs].map(&method(:to_literal)).join(', ')
111
+ [:dynamic, "::Haml::AttributeBuilder.build({ #{hash_content} }, nil, #{arguments})"]
110
112
  end
111
113
 
112
114
  # Renders attribute values statically.
@@ -130,18 +130,6 @@ module Haml
130
130
  @real_tabs += tab_change
131
131
  end
132
132
 
133
- def attributes(class_id, obj_ref, *attributes_hashes)
134
- attributes = class_id
135
- attributes_hashes.each do |old|
136
- result = {}
137
- old.each { |k, v| result[k.to_s] = v }
138
- AttributeBuilder.merge_attributes!(attributes, result)
139
- end
140
- AttributeBuilder.merge_attributes!(attributes, parse_object_ref(obj_ref)) if obj_ref
141
- AttributeBuilder.build_attributes(
142
- html?, @options[:attr_wrapper], @options[:escape_attrs], @options[:hyphenate_data_attrs], attributes)
143
- end
144
-
145
133
  # Remove the whitespace from the right side of the buffer string.
146
134
  # Doesn't do anything if we're at the beginning of a capture_haml block.
147
135
  def rstrip!
@@ -190,49 +178,5 @@ module Haml
190
178
  tabs = [count + @tabulation, 0].max
191
179
  @@tab_cache[tabs] ||= ' ' * tabs
192
180
  end
193
-
194
- # Takes an array of objects and uses the class and id of the first
195
- # one to create an attributes hash.
196
- # The second object, if present, is used as a prefix,
197
- # just like you can do with `dom_id()` and `dom_class()` in Rails
198
- def parse_object_ref(ref)
199
- prefix = ref[1]
200
- ref = ref[0]
201
- # Let's make sure the value isn't nil. If it is, return the default Hash.
202
- return {} if ref.nil?
203
- class_name =
204
- if ref.respond_to?(:haml_object_ref)
205
- ref.haml_object_ref
206
- else
207
- underscore(ref.class)
208
- end
209
- ref_id =
210
- if ref.respond_to?(:to_key)
211
- key = ref.to_key
212
- key.join('_') unless key.nil?
213
- else
214
- ref.id
215
- end
216
- id = "#{class_name}_#{ref_id || 'new'}"
217
- if prefix
218
- class_name = "#{ prefix }_#{ class_name}"
219
- id = "#{ prefix }_#{ id }"
220
- end
221
-
222
- { 'id'.freeze => id, 'class'.freeze => class_name }
223
- end
224
-
225
- # Changes a word from camel case to underscores.
226
- # Based on the method of the same name in Rails' Inflector,
227
- # but copied here so it'll run properly without Rails.
228
- def underscore(camel_cased_word)
229
- word = camel_cased_word.to_s.dup
230
- word.gsub!(/::/, '_')
231
- word.gsub!(/([A-Z]+)([A-Z][a-z])/, '\1_\2')
232
- word.gsub!(/([a-z\d])([A-Z])/, '\1_\2')
233
- word.tr!('-', '_')
234
- word.downcase!
235
- word
236
- end
237
181
  end
238
182
  end
@@ -4,6 +4,11 @@ module Haml
4
4
 
5
5
  # This module makes Haml work with Rails using the template handler API.
6
6
  class Plugin
7
+ class << self
8
+ attr_accessor :annotate_rendered_view_with_filenames
9
+ end
10
+ self.annotate_rendered_view_with_filenames = false
11
+
7
12
  def handles_encoding?; true; end
8
13
 
9
14
  def compile(template, source)
@@ -14,9 +19,21 @@ module Haml
14
19
  options[:mime_type] = template.mime_type
15
20
  end
16
21
  options[:filename] = template.identifier
22
+
23
+ preamble = '@output_buffer = output_buffer ||= ActionView::OutputBuffer.new if defined?(ActionView::OutputBuffer);'
24
+ postamble = ''
25
+
26
+ if self.class.annotate_rendered_view_with_filenames
27
+ # short_identifier is only available in Rails 6+. On older versions, 'inspect' gives similar results.
28
+ ident = template.respond_to?(:short_identifier) ? template.short_identifier : template.inspect
29
+ preamble += "haml_concat '<!-- BEGIN #{ident} -->'.html_safe;"
30
+ postamble += "haml_concat '<!-- END #{ident} -->'.html_safe;"
31
+ end
32
+
17
33
  Haml::Engine.new(source, options).compiler.precompiled_with_ambles(
18
34
  [],
19
- after_preamble: '@output_buffer = output_buffer ||= ActionView::OutputBuffer.new if defined?(ActionView::OutputBuffer)',
35
+ after_preamble: preamble,
36
+ before_postamble: postamble
20
37
  )
21
38
  end
22
39
 
@@ -42,6 +42,11 @@ module Haml
42
42
  Haml::Filters::RailsErb.template_class = Haml::SafeErubisTemplate
43
43
  end
44
44
  Haml::Template.options[:filters] = { 'erb' => Haml::Filters::RailsErb }
45
+
46
+ if app.config.respond_to?(:action_view) &&
47
+ app.config.action_view.annotate_rendered_view_with_filenames
48
+ Haml::Plugin.annotate_rendered_view_with_filenames = true
49
+ end
45
50
  end
46
51
  end
47
52
  end
@@ -65,7 +65,7 @@ module Haml
65
65
  # (see {file:REFERENCE.md#encodings the `:encoding` option}).
66
66
  #
67
67
  # @return [String]
68
- def precompiled_with_ambles(local_names, after_preamble: '')
68
+ def precompiled_with_ambles(local_names, after_preamble: '', before_postamble: '')
69
69
  preamble = <<END.tr("\n", ';')
70
70
  begin
71
71
  extend Haml::Helpers
@@ -74,6 +74,7 @@ _erbout = _hamlout.buffer
74
74
  #{after_preamble}
75
75
  END
76
76
  postamble = <<END.tr("\n", ';')
77
+ #{before_postamble}
77
78
  #{precompiled_method_return_value}
78
79
  ensure
79
80
  @haml_buffer = @haml_buffer.upper if @haml_buffer
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Haml
4
- VERSION = "5.2.1"
4
+ VERSION = "5.2.2"
5
5
  end
@@ -0,0 +1,45 @@
1
+ # frozen_string_literal: true
2
+ require 'etc'
3
+
4
+ module Parallel
5
+ # TODO: inline this method into parallel.rb and kill physical_processor_count in next major release
6
+ module ProcessorCount
7
+ # Number of processors seen by the OS, used for process scheduling
8
+ def processor_count
9
+ @processor_count ||= Integer(ENV['PARALLEL_PROCESSOR_COUNT'] || Etc.nprocessors)
10
+ end
11
+
12
+ # Number of physical processor cores on the current system.
13
+ def physical_processor_count
14
+ @physical_processor_count ||= begin
15
+ ppc =
16
+ case RbConfig::CONFIG["target_os"]
17
+ when /darwin[12]/
18
+ IO.popen("/usr/sbin/sysctl -n hw.physicalcpu").read.to_i
19
+ when /linux/
20
+ cores = {} # unique physical ID / core ID combinations
21
+ phy = 0
22
+ IO.read("/proc/cpuinfo").scan(/^physical id.*|^core id.*/) do |ln|
23
+ if ln.start_with?("physical")
24
+ phy = ln[/\d+/]
25
+ elsif ln.start_with?("core")
26
+ cid = "#{phy}:#{ln[/\d+/]}"
27
+ cores[cid] = true unless cores[cid]
28
+ end
29
+ end
30
+ cores.count
31
+ when /mswin|mingw/
32
+ require 'win32ole'
33
+ result_set = WIN32OLE.connect("winmgmts://").ExecQuery(
34
+ "select NumberOfCores from Win32_Processor"
35
+ )
36
+ result_set.to_enum.collect(&:NumberOfCores).reduce(:+)
37
+ else
38
+ processor_count
39
+ end
40
+ # fall back to logical count if physical info is invalid
41
+ ppc > 0 ? ppc : processor_count
42
+ end
43
+ end
44
+ end
45
+ end
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+ module Parallel
3
+ VERSION = Version = '1.21.0' # rubocop:disable Naming/ConstantName
4
+ end