gemirro 0.14.0 → 0.15.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of gemirro might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7f8ed49cdaf7a3dfa867d33877665b815796ae10
4
- data.tar.gz: d9b9ccee8d9155442d3ddf07ab83b9621ef14dc7
3
+ metadata.gz: 9f716a33048fb00a9dc0badbbeef4032ac994612
4
+ data.tar.gz: 9ac8e472c3d86842d594808cec512f5017ee0a75
5
5
  SHA512:
6
- metadata.gz: 547800218f3511b9f1b393422ce532fe5966863e23362e44e427432bd7c423d62ed5325b284b65e422bb9cae8decd94339402e3d0c929787ac9425a27f359463
7
- data.tar.gz: 338b016ee577548cf9db4ea6b8afdf431dfeb17c9c6a8afa7e49d8fbe19a19f404d2f7cb5ef31a9ca334541f168b3f8f61a9224593eb4ed045cf526d8381b10e
6
+ metadata.gz: e2098a84b24c3680f81e1094ad58d6590d353528c1a29a29a4f3b8754c0aaa8c8d9a325a01a14c5dd6ee4fb6641db3e5be6b3cc8f37757841512bb5c8aecd8a3
7
+ data.tar.gz: 6fc381c4e269aca6648d2ba0199ef604c519ed0c852e127e9efe927ab9de16866e2fb0e1cd871298c3602ad4174bf0aba5eeae85121ddf475e222070df89a51f
data/gemirro.gemspec CHANGED
@@ -19,6 +19,7 @@ Gem::Specification.new do |s|
19
19
 
20
20
  s.add_dependency 'builder', '~>3.2'
21
21
  s.add_dependency 'confstruct', '~>1.0'
22
+ s.add_dependency 'erubis', '~>2.7'
22
23
  s.add_dependency 'httpclient', '~>2.8'
23
24
  s.add_dependency 'parallel', '~>1.12'
24
25
  s.add_dependency 'sinatra', '~>2.0'
@@ -261,6 +261,16 @@ module Gemirro
261
261
  Marshal.load(::Gem.inflate(uz_file.read))
262
262
  end
263
263
  end
264
+
265
+ ##
266
+ # Escape string
267
+ #
268
+ # @param [String] string
269
+ # @return [String]
270
+ #
271
+ def escape(string)
272
+ Rack::Utils.escape_html(string)
273
+ end
264
274
  end
265
275
  end
266
276
  end
@@ -1,4 +1,4 @@
1
1
  # Gemirro Version
2
2
  module Gemirro
3
- VERSION = '0.14.0'.freeze
3
+ VERSION = '0.15.0'.freeze
4
4
  end
data/views/gem.erb CHANGED
@@ -10,19 +10,19 @@
10
10
  <div class="panel panel-info">
11
11
  <div class="panel-heading">
12
12
  <a href="<%= url("gem/#{name}") %>">
13
- <h2 class="panel-title"><%= name %> <span class="badge pull-right"><%= versions.newest.number %></span></h2>
13
+ <h2 class="panel-title"><%= escape(name) %> <span class="badge pull-right"><%= escape(versions.newest.number) %></span></h2>
14
14
  </a>
15
15
  </div>
16
16
  <div class="panel-body">
17
17
  <% newest_gem = versions.newest %>
18
18
  <% if spec = spec_for(name, newest_gem.number, newest_gem.platform) %>
19
- <p><%= spec.description %></p>
19
+ <p><%= escape(spec.description) %></p>
20
20
 
21
21
  <h3>Dependencies</h3>
22
22
  <ul class="list-group">
23
23
  <% spec.dependencies.each do |dependency| %>
24
24
  <li class="list-group-item">
25
- <a href="<%= url("gem/#{dependency.name}") %>"><%= [dependency.name, dependency.requirement].join(' ') %></a>
25
+ <a href="<%= url("gem/#{dependency.name}") %>"><%= escape([dependency.name, dependency.requirement].join(' ')) %></a>
26
26
  </li>
27
27
  <% end %>
28
28
  </ul>
@@ -31,7 +31,7 @@
31
31
  <ul class="list-group">
32
32
  <% spec.authors.each do |author| %>
33
33
  <li class="list-group-item">
34
- <a href="<%= spec.homepage %>"><%= author %></a>
34
+ <a href="<%= escape(spec.homepage) %>"><%= escape(author) %></a>
35
35
  </li>
36
36
  <% end %>
37
37
  </ul>
@@ -42,9 +42,9 @@
42
42
  <% versions.each.reverse_each do |version| %>
43
43
  <li class="list-group-item clearfix">
44
44
  <p class="pull-left">
45
- <code>gem install <%= version.name %> -v "<%= version.number %>"</code>
45
+ <code>gem install <%= escape(version.name) %> -v "<%= escape(version.number) %>"</code>
46
46
  <% unless version.platform =~ /^ruby/i %>
47
- <small class="platform"><%= version.platform %></small>
47
+ <small class="platform"><%= escape(version.platform) %></small>
48
48
  <% end %>
49
49
  </p>
50
50
  <div class="pull-right">
data/views/index.erb CHANGED
@@ -12,21 +12,21 @@
12
12
  <div class="panel panel-info">
13
13
  <div class="panel-heading">
14
14
  <a href="<%= url("gem/#{name}") %>">
15
- <h2 class="panel-title"><%= name %> <span class="badge pull-right"><%= versions.newest.number %></span></h2>
15
+ <h2 class="panel-title"><%= escape(name) %> <span class="badge pull-right"><%= escape(versions.newest.number) %></span></h2>
16
16
  </a>
17
17
  </div>
18
18
 
19
19
  <div class="panel-body">
20
20
  <% spec = spec_for(name, versions.newest.number) %>
21
21
  <% if spec.is_a?(::Gem::Specification) %>
22
- <%= spec.description %>
22
+ <%= escape(spec.description) %>
23
23
  <% end %>
24
24
 
25
25
  <% versions.reverse_each.first(5).each do |version| %>
26
26
  <p>
27
- <code>gem install <%= version.name %> <%= "--prerelease" if version.number.to_s.match(/[a-z]/i) %> -v "<%= version.number %>"</code>
27
+ <code>gem install <%= escape(version.name) %> <%= "--prerelease" if version.number.to_s.match(/[a-z]/i) %> -v "<%= escape(version.number) %>"</code>
28
28
  <% unless version.platform =~ /^ruby/i %>
29
- <small class="platform"><%= version.platform %></small>
29
+ <small class="platform"><%= escape(version.platform) %></small>
30
30
  <% end %>
31
31
  </p>
32
32
  <% end %>
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gemirro
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.14.0
4
+ version: 0.15.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pierre Rambaud
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-23 00:00:00.000000000 Z
11
+ date: 2017-11-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: builder
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '1.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: erubis
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '2.7'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '2.7'
41
55
  - !ruby/object:Gem::Dependency
42
56
  name: httpclient
43
57
  requirement: !ruby/object:Gem::Requirement
@@ -289,7 +303,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
289
303
  version: '0'
290
304
  requirements: []
291
305
  rubyforge_project:
292
- rubygems_version: 2.6.13
306
+ rubygems_version: 2.6.11
293
307
  signing_key:
294
308
  specification_version: 4
295
309
  summary: Gem for easily creating your own gems mirror.