disarm 0.10.0-aarch64-linux

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c0514babf96beba18a192fbca1a48ac2d557418cbb3e6637a9fa1b4087d6f5f1
+  data.tar.gz: 9f6fe6a9da7132a7ccbe503f7a5a57101da291edbb9bac0edf41b40232c208e7
+SHA512:
+  metadata.gz: 7b037d86d3dece4e7115ae6f097fdf20fd15f01a24373f1e530ff87bc3e574047e56bfb58359f7368864ebb99a5b79570bbbe6eb98e6c9fa8e35739144a822c1
+  data.tar.gz: d2e33ede6d8f214013ebc7d580325e88410f633b1e1c2759b47c721f8fcfa45a2e0f2dc02995da49b9474ede14ae9c23cc2fbb5caafef59d1547bff9b9cf25ca

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Richard Quinn
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,101 @@
+# disarm (Ruby)
+
+Ruby bindings for [**disarm**](https://github.com/raeq/disarm) — Unicode
+confusable / text-security building blocks (homoglyph & bidi & zalgo handling,
+plus standards-based transliteration), powered by Rust.
+
+The native extension wraps the **pure-Rust `disarm` core** (no Python), via
+[magnus](https://github.com/matsadler/magnus) + [rb-sys](https://github.com/oxidize-rb/rb-sys).
+Precompiled platform gems install without a local Rust toolchain.
+
+## Install
+
+```ruby
+# Gemfile
+gem "disarm"
+```
+
+```sh
+gem install disarm
+```
+
+Requires Ruby >= 3.1. `gem install disarm` pulls a precompiled platform gem
+(Linux x86_64/aarch64, macOS x86_64/arm64, Windows) when one is available, and
+falls back to compiling from source (needs a Rust toolchain) otherwise.
+
+## Usage
+
+```ruby
+require "disarm"
+
+# Standards-based transliteration to ASCII. `scheme:` is a symbol (or string):
+# :default (general-purpose), :strict_iso9 (ISO 9:1995), :gost7034.
+Disarm.transliterate("Москва")                       # => "Moskva"
+Disarm.transliterate("Москва", scheme: :strict_iso9)
+
+# TR39 confusable folding (homoglyph defense). `target:` defaults to :latin.
+Disarm.normalize_confusables("раypal")               # => "paypal"
+Disarm.confusable?("pаypal")                          # => true
+Disarm.normalize_confusables("paypal", target: :cyrillic)
+
+# Canonicalization primitives
+Disarm.strip_accents("café")                         # => "cafe"
+Disarm.fold_case("HELLO")                            # => "hello"
+Disarm.slugify("Héllo Wörld")                        # => "hello-world"
+Disarm.slugify("Hello World", separator: "_", max_length: 5, word_boundary: true)
+Disarm.demojize("I ❤️ Ruby")                          # => "I red heart Ruby"
+Disarm.demojize("👍🏽", strip_modifiers: true)
+
+# Security presets
+Disarm.strip_obfuscation("Ѕ𝗲𝗰𝗿𝗲𝘁  ​data")            # deobfuscated
+Disarm.security_clean("…")                           # homoglyph/bidi/zero-width clean
+
+# IDN / hostname spoof check (a false result is not a safety guarantee)
+Disarm.suspicious_hostname?("pаypal.com")            # => true (Cyrillic 'а')
+```
+
+Every option past the text is a keyword argument with the core's default, and
+scheme/target tokens accept symbols or strings. `slugify` exposes the core's
+`SlugConfig` surface (`separator:`, `lowercase:`, `max_length:`,
+`word_boundary:`, `save_order:`, `stopwords:`, `allow_unicode:`, `lang:`,
+`entities:`, `decimal:`, `hexadecimal:`, `safe_chars:`).
+
+### Errors
+
+Every public method is wrapped so that everything disarm raises descends from
+`Disarm::Error < StandardError` — a single `rescue Disarm::Error` catches all of
+them. An invalid scheme/target, a non-String argument, or any other bad input
+raises the more specific `Disarm::InvalidArgument`; the original backtrace is
+preserved so the failing call site stays visible.
+
+```ruby
+begin
+  Disarm.transliterate("x", scheme: :klingon)
+rescue Disarm::InvalidArgument => e   # also rescuable as Disarm::Error
+  warn e.message
+end
+```
+
+## Security posture
+
+This binding inherits the core's guarantees and limitations verbatim — it adds
+no logic of its own. disarm is an **input-normalization** layer, not an output
+sanitizer; read the [Threat Model](https://github.com/raeq/disarm/blob/main/THREAT_MODEL.md)
+before relying on it in a security context.
+
+## Development
+
+```sh
+cd bindings/ruby
+bundle install
+bundle exec rake compile   # builds the native ext for the host platform
+bundle exec rake spec      # runs the RSpec suite against it
+```
+
+`bundle exec rake compile` requires a Rust toolchain (the core is a path
+dependency until disarm 0.10 is published to crates.io). Cross-platform release
+gems are built in CI with `rb-sys-dock`.
+
+## License
+
+MIT — same as the disarm core.

data/lib/disarm/version.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Disarm
+  # Kept in lockstep with the Rust crate / Python package version.
+  VERSION = "0.10.0"
+end

data/lib/disarm.rb

@@ -0,0 +1,142 @@
+# frozen_string_literal: true
+
+require_relative "disarm/version"
+
+# Load the native extension. Precompiled platform gems ship a per-minor-version
+# subdir (e.g. lib/disarm/3.3/disarm.so); a source gem compiles to
+# lib/disarm/disarm.so. Try the versioned path first, then fall back.
+begin
+  ruby_minor = RUBY_VERSION[/\d+\.\d+/]
+  require_relative "disarm/#{ruby_minor}/disarm"
+rescue LoadError => e
+  # Only fall back to the unversioned (source-gem) path when the versioned file
+  # is genuinely absent. A real load failure of an *existing* ext (e.g. a missing
+  # dependent shared library or an undefined symbol) must propagate, not be masked
+  # by the fallback.
+  raise unless e.message.include?("cannot load such file")
+
+  require_relative "disarm/disarm"
+end
+
+# The native extension (ext/disarm) defines the raw `_`-prefixed shims and the
+# already-idiomatic no-option methods (strip_accents, fold_case,
+# suspicious_hostname?). This file adds the idiomatic Ruby surface on top (#357):
+# keyword arguments with the core's defaults, symbol tokens (:latin, :default, …),
+# a single transliterate(text, scheme:) entrypoint, and a Disarm::Error hierarchy.
+# Each method is still a thin wrapper over the pure-Rust `disarm` core.
+module Disarm
+  # Base class for every error disarm raises, so consumers can `rescue
+  # Disarm::Error`. The native shim raises Ruby's built-in ArgumentError /
+  # RuntimeError; the wrappers below translate those into this hierarchy.
+  class Error < StandardError; end
+
+  # Raised for an invalid argument — an unknown scheme/target token, a
+  # malformed option, etc. (the core's `ErrorKind::InvalidArgument`).
+  class InvalidArgument < Error; end
+
+  class << self
+    # Transliterate Unicode text to ASCII. `scheme:` selects the standard:
+    # :default (the general-purpose scheme), :strict_iso9, or :gost7034. Accepts
+    # a String or Symbol.
+    def transliterate(text, scheme: :default)
+      scheme = scheme.to_s
+      translate_errors do
+        # The bare default keeps the core's borrow-on-no-op fast path.
+        scheme == "default" ? _transliterate(text) : _transliterate_scheme(text, scheme)
+      end
+    end
+
+    # Fold cross-script confusables toward `target:` (:latin or :cyrillic).
+    def normalize_confusables(text, target: :latin)
+      translate_errors { _normalize_confusables(text, target.to_s) }
+    end
+
+    # Whether `text` contains a character confusable with `target:` (:latin or
+    # :cyrillic).
+    def confusable?(text, target: :latin)
+      translate_errors { _confusable?(text, target.to_s) }
+    end
+
+    # Generate a URL-safe slug. Mirrors the core's `SlugConfig` defaults; every
+    # option past `text` is keyword-only. (`regex_pattern`/`replacements` are not
+    # surfaced yet — see ext/disarm/src/lib.rs.)
+    def slugify(
+      text,
+      separator: "-",
+      lowercase: true,
+      max_length: 0,
+      word_boundary: false,
+      save_order: false,
+      stopwords: [],
+      allow_unicode: false,
+      lang: nil,
+      entities: true,
+      decimal: true,
+      hexadecimal: true,
+      safe_chars: ""
+    )
+      translate_errors do
+        # `Array(stopwords)` tolerates the common `stopwords: nil` (and a bare
+        # String) instead of raising NoMethodError on `.map`.
+        _slugify(
+          text, separator.to_s, lowercase, max_length, word_boundary, save_order,
+          Array(stopwords).map(&:to_s), allow_unicode, lang&.to_s, entities, decimal,
+          hexadecimal, safe_chars.to_s
+        )
+      end
+    end
+
+    # Replace emoji with their plain names (e.g. "👍" → "thumbs up").
+    # `strip_modifiers:` drops skin-tone / variation modifiers before naming.
+    def demojize(text, strip_modifiers: false)
+      translate_errors { _demojize(text, strip_modifiers) }
+    end
+
+    # Remove obfuscation (zero-width, bidi, combining-mark abuse) while keeping
+    # legible content.
+    def strip_obfuscation(text)
+      translate_errors { _strip_obfuscation(text) }
+    end
+
+    # Aggressive security cleaning: strip obfuscation, control characters, and
+    # other spoofing vectors.
+    def security_clean(text)
+      translate_errors { _security_clean(text) }
+    end
+
+    # Strip diacritics ("café" → "cafe").
+    def strip_accents(text)
+      translate_errors { _strip_accents(text) }
+    end
+
+    # Unicode case-fold ("HELLO" → "hello").
+    def fold_case(text)
+      translate_errors { _fold_case(text) }
+    end
+
+    # Whether the hostname looks like a mixed-script / confusable IDN spoof. A
+    # false result asserts nothing was *found*, not that the host is safe.
+    def suspicious_hostname?(host)
+      translate_errors { _suspicious_hostname?(host) }
+    end
+
+    private
+
+    # Run a native call, re-raising its built-in exception as the matching
+    # Disarm::Error subclass so callers can `rescue Disarm::Error` across the
+    # whole surface. The original backtrace is preserved (passed as the third
+    # `raise` argument) so the failing native call site stays visible. A bad
+    # argument from the native layer can arrive as ArgumentError (an invalid
+    # scheme/target), TypeError (a non-String argument), or RangeError (e.g. a
+    # negative max_length) — all map to Disarm::InvalidArgument.
+    def translate_errors
+      yield
+    rescue Error
+      raise # already in our hierarchy — don't re-wrap
+    rescue ::ArgumentError, ::TypeError, ::RangeError => e
+      raise InvalidArgument, e.message, e.backtrace
+    rescue ::RuntimeError => e
+      raise Error, e.message, e.backtrace
+    end
+  end
+end

metadata

@@ -0,0 +1,104 @@
+--- !ruby/object:Gem::Specification
+name: disarm
+version: !ruby/object:Gem::Version
+  version: 0.10.0
+platform: aarch64-linux
+authors:
+- Richard Quinn
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2026-06-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: |
+  Ruby bindings for the disarm Rust core: TR39 confusable folding, bidi/zalgo/
+  zero-width neutralization, Unicode normalization, standards-based
+  transliteration, slugification, and IDN/hostname spoof detection. The native
+  extension wraps the pure-Rust core (no Python), so precompiled platform gems
+  run without a local Rust toolchain.
+email:
+- quinn.richard@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/disarm.rb
+- lib/disarm/3.1/disarm.so
+- lib/disarm/3.2/disarm.so
+- lib/disarm/3.3/disarm.so
+- lib/disarm/version.rb
+homepage: https://github.com/raeq/disarm
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/raeq/disarm
+  source_code_uri: https://github.com/raeq/disarm
+  documentation_uri: https://docs.disarm.dev
+  rubygems_mfa_required: 'true'
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '3.1'
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: 3.4.dev
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.3.22
+requirements: []
+rubygems_version: 3.5.23
+signing_key: 
+specification_version: 4
+summary: Unicode confusable/text-security building blocks, powered by Rust
+test_files: []