erb 3.0.0 → 4.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +9 -7
- data/.gitignore +3 -0
- data/Gemfile +5 -2
- data/NEWS.md +23 -8
- data/Rakefile +9 -0
- data/erb.gemspec +8 -3
- data/ext/erb/escape/escape.c +95 -0
- data/ext/erb/escape/extconf.rb +7 -0
- data/lib/erb/compiler.rb +471 -0
- data/lib/erb/def_method.rb +46 -0
- data/lib/erb/util.rb +62 -0
- data/lib/erb/version.rb +1 -1
- data/lib/erb.rb +3 -574
- data/libexec/erb +1 -11
- metadata +14 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e00dd4c30b3c6affa697b52c33f6888583030f2cd90ae088e92dc36e1e2d513b
|
4
|
+
data.tar.gz: 5c778ef315846ec45a3c2f0413ca1c1f1bf38727037bcb2c23be2a2782f4f5b9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f3ec96b260c70b9a3c673d21500a5b2e4834870caecb0153b0f7bf5337581e5183a90ed81b59e5a26843b76012540d5c695c26cfe206b636e7a33a2639c4d6fa
|
7
|
+
data.tar.gz: f918bf3065949b0ab784212357a160bce6432b284509660d0949d8479866cc5577bbe3892a9f1dee721d501f5a09d522efcd22473aee84c14a4557ae94ca6dc8
|
data/.github/workflows/test.yml
CHANGED
@@ -1,6 +1,10 @@
|
|
1
1
|
name: test
|
2
2
|
|
3
|
-
on:
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: [master]
|
6
|
+
pull_request:
|
7
|
+
workflow_dispatch:
|
4
8
|
|
5
9
|
jobs:
|
6
10
|
ruby-versions:
|
@@ -10,7 +14,7 @@ jobs:
|
|
10
14
|
steps:
|
11
15
|
- id: versions
|
12
16
|
run: |
|
13
|
-
versions=$(curl -s 'https://cache.ruby-lang.org/pub/misc/ci_versions/cruby.json')
|
17
|
+
versions=$(curl -s 'https://cache.ruby-lang.org/pub/misc/ci_versions/cruby.json' | jq -c '. + ["jruby", "truffleruby-head"]')
|
14
18
|
echo "::set-output name=value::${versions}"
|
15
19
|
test:
|
16
20
|
needs: ruby-versions
|
@@ -19,6 +23,7 @@ jobs:
|
|
19
23
|
matrix:
|
20
24
|
ruby: ${{ fromJson(needs.ruby-versions.outputs.versions) }}
|
21
25
|
os: [ubuntu-latest]
|
26
|
+
fail-fast: false
|
22
27
|
runs-on: ${{ matrix.os }}
|
23
28
|
steps:
|
24
29
|
- uses: actions/checkout@v2
|
@@ -26,9 +31,6 @@ jobs:
|
|
26
31
|
uses: ruby/setup-ruby@v1
|
27
32
|
with:
|
28
33
|
ruby-version: ${{ matrix.ruby }}
|
29
|
-
|
30
|
-
run: |
|
31
|
-
gem install bundler --no-document
|
32
|
-
bundle install
|
34
|
+
bundler-cache: true
|
33
35
|
- name: Run test
|
34
|
-
run: rake test
|
36
|
+
run: bundle exec rake test
|
data/.gitignore
CHANGED
data/Gemfile
CHANGED
data/NEWS.md
CHANGED
@@ -1,24 +1,39 @@
|
|
1
1
|
# Change Log
|
2
2
|
|
3
|
+
## 4.0.1
|
4
|
+
|
5
|
+
* Stop building the C extension for TruffleRuby [#39](https://github.com/ruby/erb/pull/39)
|
6
|
+
|
7
|
+
## 4.0.0
|
8
|
+
|
9
|
+
* Optimize `ERB::Util.html_escape` [#27](https://github.com/ruby/erb/pull/27)
|
10
|
+
* No longer duplicate an argument string when nothing is escaped.
|
11
|
+
* This makes `ERB::Util.html_escape` faster than `CGI.escapeHTML` in no-escape cases.
|
12
|
+
* It skips calling `#to_s` when an argument is already a String.
|
13
|
+
* Define `ERB::Escape.html_escape` as an alias to `ERB::Util.html_escape` [#38](https://github.com/ruby/erb/pull/38)
|
14
|
+
* `ERB::Util.html_escape` is known to be monkey-patched by Rails.
|
15
|
+
`ERB::Escape.html_escape` is useful when you want a non-monkey-patched version.
|
16
|
+
* Drop deprecated `-S` option from `erb` command
|
17
|
+
|
3
18
|
## 3.0.0
|
4
19
|
|
5
|
-
|
6
|
-
|
7
|
-
|
20
|
+
* Bump `required_ruby_version` to Ruby 2.7+ [#23](https://github.com/ruby/erb/pull/23)
|
21
|
+
* `ERB::Util.url_encode` uses a native implementation [#23](https://github.com/ruby/erb/pull/23)
|
22
|
+
* Fix a bug that a magic comment with a wrong format could be detected [#6](https://github.com/ruby/erb/pull/6)
|
8
23
|
|
9
24
|
## 2.2.3
|
10
25
|
|
11
|
-
|
26
|
+
* Bump `required_ruby_version` from 2.3 to 2.5 as it has never been supported [#3](https://github.com/ruby/erb/pull/3)
|
12
27
|
|
13
28
|
## 2.2.2
|
14
29
|
|
15
|
-
|
16
|
-
|
30
|
+
* `ERB.version` returns just a version number
|
31
|
+
* `ERB::Revision` is deprecated
|
17
32
|
|
18
33
|
## 2.2.1
|
19
34
|
|
20
|
-
|
35
|
+
* `ERB#initialize` warns `safe_level` and later arguments even without -w
|
21
36
|
|
22
37
|
## 2.2.0
|
23
38
|
|
24
|
-
|
39
|
+
* Ruby 3.0 promoted ERB to a default gem
|
data/Rakefile
CHANGED
@@ -7,6 +7,15 @@ Rake::TestTask.new(:test) do |t|
|
|
7
7
|
t.test_files = FileList['test/**/test_*.rb']
|
8
8
|
end
|
9
9
|
|
10
|
+
case RUBY_ENGINE
|
11
|
+
when 'jruby', 'truffleruby'
|
12
|
+
# not using C extension
|
13
|
+
else
|
14
|
+
require 'rake/extensiontask'
|
15
|
+
Rake::ExtensionTask.new('erb/escape')
|
16
|
+
task test: :compile
|
17
|
+
end
|
18
|
+
|
10
19
|
task :sync_tool do
|
11
20
|
require 'fileutils'
|
12
21
|
FileUtils.cp '../ruby/tool/lib/core_assertions.rb', './test/lib'
|
data/erb.gemspec
CHANGED
@@ -8,8 +8,8 @@ end
|
|
8
8
|
Gem::Specification.new do |spec|
|
9
9
|
spec.name = 'erb'
|
10
10
|
spec.version = ERB.const_get(:VERSION, false)
|
11
|
-
spec.authors = ['Masatoshi SEKI']
|
12
|
-
spec.email = ['seki@ruby-lang.org']
|
11
|
+
spec.authors = ['Masatoshi SEKI', 'Takashi Kokubun']
|
12
|
+
spec.email = ['seki@ruby-lang.org', 'takashikkbn@gmail.com']
|
13
13
|
|
14
14
|
spec.summary = %q{An easy to use but powerful templating system for Ruby.}
|
15
15
|
spec.description = %q{An easy to use but powerful templating system for Ruby.}
|
@@ -27,7 +27,12 @@ Gem::Specification.new do |spec|
|
|
27
27
|
spec.executables = ['erb']
|
28
28
|
spec.require_paths = ['lib']
|
29
29
|
|
30
|
-
|
30
|
+
if RUBY_ENGINE == 'jruby'
|
31
|
+
spec.platform = 'java'
|
32
|
+
else
|
33
|
+
spec.required_ruby_version = '>= 2.7.0'
|
34
|
+
spec.extensions = ['ext/erb/escape/extconf.rb']
|
35
|
+
end
|
31
36
|
|
32
37
|
spec.add_dependency 'cgi', '>= 0.3.3'
|
33
38
|
end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
#include "ruby.h"
|
2
|
+
#include "ruby/encoding.h"
|
3
|
+
|
4
|
+
static VALUE rb_cERB, rb_mEscape, rb_cCGI;
|
5
|
+
static ID id_escapeHTML;
|
6
|
+
|
7
|
+
#define HTML_ESCAPE_MAX_LEN 6
|
8
|
+
|
9
|
+
static const struct {
|
10
|
+
uint8_t len;
|
11
|
+
char str[HTML_ESCAPE_MAX_LEN+1];
|
12
|
+
} html_escape_table[UCHAR_MAX+1] = {
|
13
|
+
#define HTML_ESCAPE(c, str) [c] = {rb_strlen_lit(str), str}
|
14
|
+
HTML_ESCAPE('\'', "'"),
|
15
|
+
HTML_ESCAPE('&', "&"),
|
16
|
+
HTML_ESCAPE('"', """),
|
17
|
+
HTML_ESCAPE('<', "<"),
|
18
|
+
HTML_ESCAPE('>', ">"),
|
19
|
+
#undef HTML_ESCAPE
|
20
|
+
};
|
21
|
+
|
22
|
+
static inline void
|
23
|
+
preserve_original_state(VALUE orig, VALUE dest)
|
24
|
+
{
|
25
|
+
rb_enc_associate(dest, rb_enc_get(orig));
|
26
|
+
}
|
27
|
+
|
28
|
+
static inline long
|
29
|
+
escaped_length(VALUE str)
|
30
|
+
{
|
31
|
+
const long len = RSTRING_LEN(str);
|
32
|
+
if (len >= LONG_MAX / HTML_ESCAPE_MAX_LEN) {
|
33
|
+
ruby_malloc_size_overflow(len, HTML_ESCAPE_MAX_LEN);
|
34
|
+
}
|
35
|
+
return len * HTML_ESCAPE_MAX_LEN;
|
36
|
+
}
|
37
|
+
|
38
|
+
static VALUE
|
39
|
+
optimized_escape_html(VALUE str)
|
40
|
+
{
|
41
|
+
VALUE vbuf;
|
42
|
+
char *buf = ALLOCV_N(char, vbuf, escaped_length(str));
|
43
|
+
const char *cstr = RSTRING_PTR(str);
|
44
|
+
const char *end = cstr + RSTRING_LEN(str);
|
45
|
+
|
46
|
+
char *dest = buf;
|
47
|
+
while (cstr < end) {
|
48
|
+
const unsigned char c = *cstr++;
|
49
|
+
uint8_t len = html_escape_table[c].len;
|
50
|
+
if (len) {
|
51
|
+
memcpy(dest, html_escape_table[c].str, len);
|
52
|
+
dest += len;
|
53
|
+
}
|
54
|
+
else {
|
55
|
+
*dest++ = c;
|
56
|
+
}
|
57
|
+
}
|
58
|
+
|
59
|
+
VALUE escaped = str;
|
60
|
+
if (RSTRING_LEN(str) < (dest - buf)) {
|
61
|
+
escaped = rb_str_new(buf, dest - buf);
|
62
|
+
preserve_original_state(str, escaped);
|
63
|
+
}
|
64
|
+
ALLOCV_END(vbuf);
|
65
|
+
return escaped;
|
66
|
+
}
|
67
|
+
|
68
|
+
// ERB::Util.html_escape is different from CGI.escapeHTML in the following two parts:
|
69
|
+
// * ERB::Util.html_escape converts an argument with #to_s first (only if it's not T_STRING)
|
70
|
+
// * ERB::Util.html_escape does not allocate a new string when nothing needs to be escaped
|
71
|
+
static VALUE
|
72
|
+
erb_escape_html(VALUE self, VALUE str)
|
73
|
+
{
|
74
|
+
if (!RB_TYPE_P(str, T_STRING)) {
|
75
|
+
str = rb_convert_type(str, T_STRING, "String", "to_s");
|
76
|
+
}
|
77
|
+
|
78
|
+
if (rb_enc_str_asciicompat_p(str)) {
|
79
|
+
return optimized_escape_html(str);
|
80
|
+
}
|
81
|
+
else {
|
82
|
+
return rb_funcall(rb_cCGI, id_escapeHTML, 1, str);
|
83
|
+
}
|
84
|
+
}
|
85
|
+
|
86
|
+
void
|
87
|
+
Init_escape(void)
|
88
|
+
{
|
89
|
+
rb_cERB = rb_define_class("ERB", rb_cObject);
|
90
|
+
rb_mEscape = rb_define_module_under(rb_cERB, "Escape");
|
91
|
+
rb_define_module_function(rb_mEscape, "html_escape", erb_escape_html, 1);
|
92
|
+
|
93
|
+
rb_cCGI = rb_define_class("CGI", rb_cObject);
|
94
|
+
id_escapeHTML = rb_intern("escapeHTML");
|
95
|
+
}
|