csv-safe 3.3.2 → 3.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/csv-safe.rb +12 -1
  3. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b2e43ee1a7f2f053978881689f828d902792bad9351b4dbe3e6d8b1597c8e81c
4
- data.tar.gz: f1c312cd85f476bd79e810ee6d9caec64d5e573c3ee72a05bf7146a88a42dff8
3
+ metadata.gz: 22c91d79df799ed708ae5822dbcbbe7beb973855cd964d9174976a9865066c41
4
+ data.tar.gz: 5a02160ead5010cc8f02d3217cf36d890db19f2aac26964848ad9b6758d116e8
5
5
  SHA512:
6
- metadata.gz: f648eb5969723864361824107f75137d12fbf3d33b8fa7022ab79f87b104c1a3669aa943064f5de0f788c8de532ba7cb1d92d7a7e00546a8c263010a3b59e0d7
7
- data.tar.gz: 9a55113ecfe03b996406d41af0397cc04aa1a571083f32b294ec448ce3781a561a1150cc4255ef9a960012777ba78e14f36557e27d0221780a55c412e8758c07
6
+ metadata.gz: 8c1ebb993ab8ae6bcabc162b8f86cbc82273e2ac6f75f5fe50adc41404a0acfc9ba87326a440919c6ec12459665440ca618725f92094c80094479b3694e0ced1
7
+ data.tar.gz: 4a6a6724696698a92cebdc1b0df46eb94b141de1df9477531b6b562cf688df96669310ff1c7046be807dcb1f0cf345e53a3321fe47b535288e6184bbd0c224c8
data/lib/csv-safe.rb CHANGED
@@ -20,8 +20,19 @@ class CSVSafe < CSV
20
20
 
21
21
  private
22
22
 
23
+ DANGEROUS_LEADING_CHARS = ["-", "=", "+", "@", "%", "|", "\r", "\t", "\n"].freeze
24
+ private_constant :DANGEROUS_LEADING_CHARS
25
+
23
26
  def starts_with_special_character?(str)
24
- str.start_with?("-", "=", "+", "@", "%", "|", "\r", "\t")
27
+ # The first check is load-bearing, not redundant with the second: \r, \t
28
+ # and \n are both dangerous leading chars AND whitespace that lstrip
29
+ # removes, so the lstrip check alone would miss a field like "\tfoo".
30
+ return true if str.start_with?(*DANGEROUS_LEADING_CHARS)
31
+
32
+ # lstrip raises ArgumentError on invalid byte sequences; for those, fall
33
+ # back to the first-char check only (preserves the pre-existing
34
+ # non-raising behavior for malformed-encoding fields).
35
+ str.valid_encoding? && str.lstrip.start_with?(*DANGEROUS_LEADING_CHARS)
25
36
  end
26
37
 
27
38
  def prefix(field)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: csv-safe
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.2
4
+ version: 3.3.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alex Zvorygin
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2026-05-06 00:00:00.000000000 Z
11
+ date: 2026-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: csv