RubyGems - cocoapods-downloader - Versions diffs - 1.5.1 → 1.6.2 - Mend

cocoapods-downloader 1.5.1 → 1.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cocoapods-downloader might be problematic. Click here for more details.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.markdown +5 -2
data/lib/cocoapods-downloader/base.rb +9 -0
data/lib/cocoapods-downloader/gem_version.rb +1 -1
data/lib/cocoapods-downloader/git.rb +6 -0
data/lib/cocoapods-downloader/mercurial.rb +6 -0
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 62d6e0b714faaaf66ca8228f636b34e61976252749672e04a3a6aa0445b18709
-  data.tar.gz: f585de6e9a7e972a89c87c98d73619798e66340d814fff06231992dfbce62e33
+  metadata.gz: 20f16f6bb4e3cc9aa727c6a112b18667e583292c3b2acc931597809f7ff1b26b
+  data.tar.gz: b58a2541b4a8210e8357b92cf9f532a061f39585a619484efa8ea6c83a39585a
 SHA512:
-  metadata.gz: 87552efe2b4e7332c9b5cfe88ea19ad1e404d4eee94ea3187f60d26e40dcd910b049f05e7246dd8a7cb210ce96658cc7703a3f9095e6ed0c49151ae9019a80a7
-  data.tar.gz: 8b44845a7e0da71748ff781fd15de6eb17bbca24f8fa72b76029bc65341805436d2460b6df38b092322006a5e7b2075b40a04eaad06c63cd9dcef87a69fcdfa0
+  metadata.gz: 976e976c7c981b75242914f8be32f8c2be30e30e23d2a4c61bd7a1ea10d41cdee46c74768f1af849515a6743d5d3020dec90597ffe196eea0e48d5b2fd6c425e
+  data.tar.gz: 147b35462c7f4c988635de9e37a0a787e0a3709c410f83788121c303ddeac0eabc34643fe4eae0fdcb72c483bc3245399c9714e7dac6284c92a2a6eb9d4b394b

data/README.markdown CHANGED Viewed

@@ -4,8 +4,7 @@ A small library for downloading files from remotes in a folder.
 [![Build Status](https://img.shields.io/github/workflow/status/CocoaPods/CocoaPods-Downloader/Spec)](https://github.com/CocoaPods/cocoapods-downloader/actions)
 [![Gem Version](https://img.shields.io/gem/v/cocoapods-downloader)](https://rubygems.org/gems/cocoapods-downloader)
-[![Maintainability](https://api.codeclimate.com/v1/badges/a99a88d28ad37a79dbf6/maintainability)](https://codeclimate.com/github/CocoaPods/cocoapods-downloader/maintainability)
-[![Test Coverage](https://api.codeclimate.com/v1/badges/a99a88d28ad37a79dbf6/test_coverage)](https://codeclimate.com/github/CocoaPods/cocoapods-downloader/test_coverage)
+[![Maintainability](https://api.codeclimate.com/v1/badges/2253ffb0c2c98e4d1c71/maintainability)](https://codeclimate.com/github/CocoaPods/cocoapods-downloader/maintainability)
 ## Install
@@ -73,6 +72,10 @@ All CocoaPods development happens on GitHub, there is a repository for [CocoaPod
 Follow [@CocoaPods](http://twitter.com/CocoaPods) to get up to date information about what's going on in the CocoaPods world.
+## Development
+You need to have `svn`, `bzr`, `hg` and `git` installed to run the specs. There are some specs which require `hdiutil` which will only run on macOS.
 ## License
 This gem and CocoaPods are available under the MIT license.

data/lib/cocoapods-downloader/base.rb CHANGED Viewed

@@ -77,6 +77,7 @@ module Pod
       # @return [void]
       #
       def download
+        validate_input
         ui_action("#{name} download") do
           target_path.mkpath
           download!
@@ -121,6 +122,14 @@ module Pod
         raise 'Abstract method'
       end
+      # Provides a before-download check for safety of the options in the
+      # concrete downloader.
+      #
+      # @return [void]
+      #
+      def validate_input
+      end
       # Returns a User-Agent string that itentifies http network requests as
       # originating from CocoaPods.
       # Contains version numbers from the CocoaPods Gem and the cocoapods-downloader Gem.

data/lib/cocoapods-downloader/gem_version.rb CHANGED Viewed

@@ -3,6 +3,6 @@ module Pod
     # @return [String] Downloader’s version, following
     #         [semver](http://semver.org).
     #
-    VERSION = '1.5.1'.freeze
+    VERSION = '1.6.2'.freeze
   end
 end

data/lib/cocoapods-downloader/git.rb CHANGED Viewed

@@ -153,6 +153,12 @@ module Pod
       def target_git(*args)
         git!(['-C', target_path] + args)
       end
+      def validate_input
+        input = [url, options[:branch], options[:commit], options[:tag]].map(&:to_s)
+        invalid = input.compact.any? { |value| value.start_with?('--') || value.include?(' --') }
+        raise DownloaderError, "Provided unsafe input for git #{options}." if invalid
+      end
     end
   end
 end

data/lib/cocoapods-downloader/mercurial.rb CHANGED Viewed

@@ -49,6 +49,12 @@ module Pod
       def download_branch!
         hg! 'clone', url, '--updaterev', options[:branch], @target_path
       end
+      def validate_input
+        input = [url, options[:revision], options[:branch], options[:tag]].map(&:to_s)
+        invalid = input.compact.any? { |value| value.start_with?('--') || value.include?(' --') }
+        raise DownloaderError, "Provided unsafe input for hg #{options}." if invalid
+      end
     end
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-downloader
 version: !ruby/object:Gem::Version
-  version: 1.5.1
+  version: 1.6.2
 platform: ruby
 authors:
 - Eloy Duran
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-07 00:00:00.000000000 Z
+date: 2022-03-28 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -52,7 +52,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 3
 summary: A small library for downloading files from remotes in a folder.