configurability 2.1.0 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ae00303104896fbdb4479b741a713cf98447ca1a
-  data.tar.gz: d7aaa1d875c3f4dd0e20e152ba76ba52e62be667
+  metadata.gz: 06d07154d070a00edad0282c0dc59e0c5e66ef95
+  data.tar.gz: a4b60f5580fd34ca3d8d84adc19628381fb2c640
 SHA512:
-  metadata.gz: fd1b469747088b887326ec6c65996e3c5485606eb20ce62556e45b407ba50b26d964fdcc6893130a7e26ae1c5981e549cff58638b1b2edb7cc709fc149574ee6
-  data.tar.gz: 68d3cb5b755de3e19b5ff1d910cd8f7b8ba12856627484d7d9c90da6219db3ff928aabc4250231329afa1a93367b8bfa43f84b95257e2a1afe7b983367b824b8
+  metadata.gz: d72df2c94b3d9d35fa8ec2b7485ca54c7c99a0f24fc061c6bf21c8c1f6d16a4f6e66aa8a2c87c6b988bf8e55168e7c805453a5a8f696656fefadd332101d993a
+  data.tar.gz: 0e9900c3689b65a0e4d5c6e63e66a953bace0b1f2cc94735369cdc6406756c8def7c60fe803fd2cddace09298816a6c3a4443d2f13253b1825f8238ecbcb7ea3

data/History.rdoc

@@ -1,3 +1,9 @@
+== v2.1.1 [2013-11-20] Michael Granger <ged@FaerieMUD.org>
+
+- Fix untainting to not try to dup/untaint immediate objects.
+  Thanks to john@cozy.co for the bug report.
+
+
 == v2.1.0 [2013-08-13] Michael Granger <ged@FaerieMUD.org>
 
 - Fix behavior of inherited Configurability

data/Rakefile

@@ -10,29 +10,30 @@ end
 Hoe.plugin :mercurial
 Hoe.plugin :signing
 Hoe.plugin :deveiate
+Hoe.plugin :bundler
 
 Hoe.plugins.delete :rubyforge
 
 Encoding.default_internal = Encoding::UTF_8
 
-hoespec = Hoe.spec 'configurability' do
-	self.readme_file = 'README.rdoc'
-	self.history_file = 'History.rdoc'
-	self.extra_rdoc_files = Rake::FileList[ '*.rdoc' ]
+hoespec = Hoe.spec 'configurability' do |spec|
+	spec.readme_file = 'README.rdoc'
+	spec.history_file = 'History.rdoc'
+	spec.extra_rdoc_files = Rake::FileList[ '*.rdoc' ]
+	spec.license 'BSD'
 
-	self.developer 'Michael Granger', 'ged@FaerieMUD.org'
+	spec.developer 'Michael Granger', 'ged@FaerieMUD.org'
 
-	self.dependency 'loggability', '~> 0.4'
+	spec.dependency 'loggability', '~> 0.4'
 
-	self.dependency 'rspec', '~> 2.14', :developer
-	self.dependency 'simplecov', '~> 0.5', :developer
+	spec.dependency 'hoe-deveiate', '~> 0.3', :developer
+	spec.dependency 'simplecov', '~> 0.5', :developer
+	spec.dependency 'hoe-bundler', '~> 1.2', :developer
 
-	self.spec_extras[:licenses] = ["BSD"]
-	self.spec_extras[:rdoc_options] = ['-f', 'fivefish', '-t', 'Configurability Toolkit']
-	self.require_ruby_version( '>= 1.9.2' )
+	spec.require_ruby_version( '>= 1.9.2' )
 
-	self.hg_sign_tags = true if self.respond_to?( :hg_sign_tags= )
-	self.rdoc_locations << "deveiate:/usr/local/www/public/code/#{remote_rdoc_dir}"
+	spec.hg_sign_tags = true if spec.respond_to?( :hg_sign_tags= )
+	spec.rdoc_locations << "deveiate:/usr/local/www/public/code/#{remote_rdoc_dir}"
 end
 
 ENV['VERSION'] ||= hoespec.spec.version.to_s

data/lib/configurability.rb

@@ -18,10 +18,10 @@ module Configurability
 
 
 	# Library version constant
-	VERSION = '2.1.0'
+	VERSION = '2.1.1'
 
 	# Version-control revision constant
-	REVISION = %q$Revision: d27195f9c3df $
+	REVISION = %q$Revision: 9d24e71e0018 $
 
 	require 'configurability/deferredconfig'
 

data/lib/configurability/config.rb

@@ -250,7 +250,7 @@ class Configurability::Config
 			   else
 				   YAML.load( source )
 			   end
-		ihash = symbolify_keys( untaint_values(hash) )
+		ihash = symbolify_keys( untaint_hash(hash) )
 		mergedhash = defaults.merge( ihash, &mergefunc )
 
 		return Configurability::Config::Struct.new( mergedhash )
@@ -283,27 +283,34 @@ class Configurability::Config
 
 	### Return a copy of the specified +hash+ with all of its values
 	### untainted.
-	def untaint_values( hash )
+	def untaint_hash( hash )
 		newhash = {}
-		hash.each do |key,val|
-			case val
-			when Hash
-				newhash[ key ] = untaint_values( hash[key] )
+		hash.each_key do |key|
+			newhash[ key ] = untaint_value( hash[key] )
+		end
+		return newhash
+	end
 
-			when Array
-				newval = val.collect {|v| v.dup.untaint}
-				newhash[ key ] = newval
 
-			when NilClass, TrueClass, FalseClass, Numeric, Symbol
-				newhash[ key ] = val
+	### Return an untainted copy of the specified +val+.
+	def untaint_value( val )
+		case val
+		when Hash
+			return untaint_hash( val )
+
+		when Array
+			return val.collect {|v| untaint_value(v) }
+
+		when NilClass, TrueClass, FalseClass, Numeric, Symbol, Encoding
+			return val
 
+		else
+			if val.respond_to?( :dup ) && val.respond_to?( :untaint )
+				return val.dup.untaint
 			else
-				newval = val.dup
-				newval.untaint
-				newhash[ key ] = newval
+				return val
 			end
 		end
-		return newhash
 	end
 
 

data/spec/configurability/config_spec.rb

@@ -25,6 +25,12 @@ describe Configurability::Config do
 	  - values
 	  - are
 	  - neat
+	listofints:
+	  - 1
+	  - 2
+	  - 3
+	  - 5
+	  - 7
 	mergekey: Yep.
 	textsection: |-
 	  With some text as the value
@@ -104,6 +110,13 @@ describe Configurability::Config do
 		expect( config.section.monkeysubsection? ).to be_false()
 	end
 
+	it "untaints values loaded from a config" do
+		yaml = TEST_CONFIG.dup.taint
+		config = described_class.new( yaml )
+		expect( config.listsection.first ).to_not be_tainted
+		expect( config.textsection ).to_not be_tainted
+	end
+
 
 	context "a config with nil keys" do
 
@@ -187,7 +200,7 @@ describe Configurability::Config do
 		end
 
 		it "provides a human-readable description of itself when inspected" do
-			expect( config.inspect ).to match( /4 sections/i )
+			expect( config.inspect ).to match( /\d+ sections/i )
 			expect( config.inspect ).to match( /mergekey/ )
 			expect( config.inspect ).to match( /textsection/ )
 			expect( config.inspect ).to match( /from memory/i )

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: configurability
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.1.1
 platform: ruby
 authors:
 - Michael Granger
@@ -30,7 +30,7 @@ cert_chain:
   6mKCwjpegytE0oifXfF8k75A9105cBnNiMZOe1tXiqYc/exCgWvbggurzDOcRkZu
   /YSusaiDXHKU2O3Akc3htA==
   -----END CERTIFICATE-----
-date: 2013-08-14 00:00:00.000000000 Z
+date: 2013-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: loggability
@@ -89,19 +89,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '4.0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: hoe-deveiate
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '2.14'
+        version: '0.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '2.14'
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -116,6 +116,20 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '0.5'
+- !ruby/object:Gem::Dependency
+  name: hoe-bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: hoe
   requirement: !ruby/object:Gem::Requirement
@@ -170,10 +184,8 @@ licenses:
 metadata: {}
 post_install_message: 
 rdoc_options:
-- -f
-- fivefish
-- -t
-- Configurability Toolkit
+- --main
+- README.rdoc
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
@@ -188,7 +200,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: configurability
-rubygems_version: 2.0.5
+rubygems_version: 2.1.10
 signing_key: 
 specification_version: 4
 summary: Configurability is a unified, unintrusive, assume-nothing configuration system