gitlab-markup 1.7.1 → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '09b3fa152cddf98ba3d9cc535ccc8c98a8f885bdca9bab8e6c2b7d652c1ccd40'
4
- data.tar.gz: 3ea51712dc4e7db1f7cd6a6d58de35cfc573ae175629257301dedb922085d68d
3
+ metadata.gz: ffe78f2c70532bd5111c1adba163151a60108ceec4525f022a47032af7579192
4
+ data.tar.gz: c0d89038ace9d3756e7866d711776e830469d03a70e7d7a25edf93e964f285c3
5
5
  SHA512:
6
- metadata.gz: c2854f54a6c8b066ee2f9c53cdfe4a5f50b18cc26b45241db30f4f9adb7ff245fa0e6cbf638c14c6330bab49721f8d88f644053fa9a86daec321cef7f27ef329
7
- data.tar.gz: d4b7be854df8e75dc311a658ebc74e3bdbd4fca4bd69e25e627da5435b66b28527bfb6f9756c02ae100a11c95482dc76803bceaed3f78d10d4009d0bf1ee2f29
6
+ metadata.gz: ba9c3cf53d15ac267552fb7013dc1612b8ae4e15a71aeed4b256f38bd2bcbe6152fb089b9d82c49598ef0556a5f16f7ae72c288adfd95c8d69f40a2929ea268d
7
+ data.tar.gz: 8db081c15c4883e1d51285575bbfcdd9fb9074767d019988a35cead5de3ffaee1f79fd1fea1ef616f265dee25b12080c5f0b652079165b1fa1c0201c9497eb47
data/.gitlab-ci.yml CHANGED
@@ -1,3 +1,8 @@
1
+ include:
2
+ - template: SAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
3
+ - template: Security/Dependency-Scanning.gitlab-ci.yml # https://docs.gitlab.com/ee/user/application_security/dependency_scanning/
4
+ - template: Security/Secret-Detection.gitlab-ci.yml # https://docs.gitlab.com/ee/user/application_security/secret_detection/
5
+
1
6
  variables:
2
7
  LANG: "C.UTF-8"
3
8
 
@@ -6,7 +11,7 @@ default:
6
11
  - gitlab-org
7
12
 
8
13
  workflow:
9
- rules:
14
+ rules: &workflow_rules
10
15
  # For merge requests, create a pipeline.
11
16
  - if: '$CI_MERGE_REQUEST_IID'
12
17
  # For `master` branch, create a pipeline (this includes on schedules, pushes, merges, etc.).
@@ -48,12 +53,6 @@ workflow:
48
53
  variables:
49
54
  DOCUTILS_VERSION: "0.16"
50
55
 
51
- ruby-24:
52
- image: ruby:2.4
53
- extends:
54
- - .docutils-014
55
- - .specs
56
-
57
56
  ruby-25:
58
57
  image: ruby:2.5
59
58
  extends:
@@ -72,12 +71,6 @@ ruby-27:
72
71
  - .docutils-014
73
72
  - .specs
74
73
 
75
- ruby-24-du15:
76
- image: ruby:2.4
77
- extends:
78
- - .docutils-015
79
- - .specs
80
-
81
74
  ruby-25-du15:
82
75
  image: ruby:2.5
83
76
  extends:
@@ -96,12 +89,6 @@ ruby-27-du15:
96
89
  - .docutils-015
97
90
  - .specs
98
91
 
99
- ruby-24-du16:
100
- image: ruby:2.4
101
- extends:
102
- - .docutils-016
103
- - .specs
104
-
105
92
  ruby-25-du16:
106
93
  image: ruby:2.5
107
94
  extends:
@@ -119,3 +106,11 @@ ruby-27-du16:
119
106
  extends:
120
107
  - .docutils-016
121
108
  - .specs
109
+
110
+ # Dependency Scanning
111
+ gemnasium-dependency_scanning:
112
+ rules: *workflow_rules
113
+
114
+ # Secret Detection
115
+ secret_detection:
116
+ rules: *workflow_rules
data/HISTORY.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## 1.8.0 (2021-12-02)
2
+
3
+ * Disable configuration file processing in RST
4
+ * Wrap call to rest2html in a timeout
5
+
1
6
  ## 1.7.1 (2020-05-01)
2
7
 
3
8
  * Fix RST rendering not working for large files
data/README.md CHANGED
@@ -17,11 +17,11 @@ Markups
17
17
  -------
18
18
 
19
19
  The following markups are supported. The dependencies listed are required if
20
- you wish to run the library. You can also run `script/bootstrap` to fetch them all.
20
+ you wish to run the library. You can also run `script/bootstrap` to fetch them all (Python 3 required).
21
21
 
22
22
  * [.markdown, .mdown, .mkdn, .md](http://daringfireball.net/projects/markdown/) -- `gem install redcarpet` (https://github.com/vmg/redcarpet)
23
23
  * [.textile](http://www.textism.com/tools/textile/) -- `gem install RedCloth`
24
- * [.rdoc](http://rdoc.sourceforge.net/) -- `gem install rdoc -v 3.6.1`
24
+ * [.rdoc](https://ruby.github.io/rdoc/) -- `gem install rdoc -v 3.6.1`
25
25
  * [.org](http://orgmode.org/) -- `gem install org-ruby`
26
26
  * [.creole](http://wikicreole.org/) -- `gem install creole`
27
27
  * [.mediawiki, .wiki](http://www.mediawiki.org/wiki/Help:Formatting) -- `gem install wikicloth`
@@ -33,7 +33,9 @@ you wish to run the library. You can also run `script/bootstrap` to fetch them a
33
33
  Installation
34
34
  -----------
35
35
 
36
- ```
36
+ Ruby 2.6+ is highly recommended (Ruby 2.5 is still supported).
37
+
38
+ ```shell
37
39
  gem install gitlab-markup
38
40
  ```
39
41
 
@@ -1,3 +1,4 @@
1
+ # frozen_string_literal: true
1
2
  require File.expand_path('../lib/github-markup', __FILE__)
2
3
 
3
4
  Gem::Specification.new do |s|
@@ -54,6 +54,7 @@ from docutils.core import publish_parts
54
54
  from docutils.writers.html4css1 import Writer, HTMLTranslator
55
55
 
56
56
  SETTINGS = {
57
+ '_disable_config': True,
57
58
  'cloak_email_addresses': False,
58
59
  'file_insertion_enabled': False,
59
60
  'raw_enabled': False,
@@ -12,6 +12,8 @@ module GitHub
12
12
  end
13
13
 
14
14
  class CommandImplementation < Implementation
15
+ DEFAULT_GITLAB_MARKUP_TIMEOUT = '10'.freeze
16
+
15
17
  attr_reader :command, :block, :name
16
18
 
17
19
  def initialize(regexp, command, name, &block)
@@ -27,7 +29,8 @@ module GitHub
27
29
  call_block(rendered, content)
28
30
  end
29
31
 
30
- private
32
+ private
33
+
31
34
  def call_block(rendered, content)
32
35
  if block && block.arity == 2
33
36
  block.call(rendered, content)
@@ -38,20 +41,41 @@ module GitHub
38
41
  end
39
42
  end
40
43
 
44
+ def timeout_in_seconds
45
+ ENV.fetch('GITLAB_MARKUP_TIMEOUT', DEFAULT_GITLAB_MARKUP_TIMEOUT).to_i
46
+ end
47
+
48
+ def prepend_command_timeout_prefix(command)
49
+ timeout_command_prefix = "timeout --signal=KILL #{timeout_in_seconds}"
50
+
51
+ # Preserve existing support for command being either a String or an Array
52
+ if command.is_a?(String)
53
+ "#{timeout_command_prefix} #{command}"
54
+ else
55
+ timeout_command_prefix.split(' ') + command
56
+ end
57
+ end
58
+
41
59
  if defined?(POSIX::Spawn)
42
60
  def execute(command, target)
43
- spawn = POSIX::Spawn::Child.new(*command, :input => target)
61
+ command_with_timeout_prefix = prepend_command_timeout_prefix(command)
62
+ spawn = POSIX::Spawn::Child.new(*command_with_timeout_prefix, :input => target)
44
63
  if spawn.status.success?
45
64
  sanitize(spawn.out, target.encoding)
65
+ elsif spawn.status.termsig == Signal.list['KILL']
66
+ raise TimeoutError.new("Command was killed, probably due to exceeding GITLAB_MARKUP_TIMEOUT limit of #{timeout_in_seconds} seconds")
46
67
  else
47
68
  raise CommandError.new(spawn.err.strip)
48
69
  end
49
70
  end
50
71
  else
51
72
  def execute(command, target)
52
- stdout_str, stderr_str, status = Open3.capture3(*command, stdin_data: target)
73
+ command_with_timeout_prefix = prepend_command_timeout_prefix(command)
74
+ stdout_str, stderr_str, status = Open3.capture3(*command_with_timeout_prefix, stdin_data: target)
53
75
  if status.success?
54
76
  sanitize(stdout_str, target.encoding)
77
+ elsif status.termsig == Signal.list['KILL']
78
+ raise TimeoutError.new("Command was killed, probably due to exceeding GITLAB_MARKUP_TIMEOUT limit of #{timeout_in_seconds} seconds")
55
79
  else
56
80
  raise CommandError.new(stderr_str.strip)
57
81
  end
data/lib/github-markup.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module GitHub
2
2
  module Markup
3
- VERSION = '1.7.1'
3
+ VERSION = '1.8.0'
4
4
  Version = VERSION
5
5
  end
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-markup
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.1
4
+ version: 1.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Wanstrath
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-07 00:00:00.000000000 Z
11
+ date: 2021-12-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -165,7 +165,7 @@ metadata:
165
165
  bug_tracker_uri: https://gitlab.com/gitlab-org/gitlab-markup/issues
166
166
  changelog_uri: https://gitlab.com/gitlab-org/gitlab-markup/blob/master/HISTORY.md
167
167
  source_code_uri: https://gitlab.com/gitlab-org/gitlab-markup
168
- post_install_message:
168
+ post_install_message:
169
169
  rdoc_options: []
170
170
  require_paths:
171
171
  - lib
@@ -180,8 +180,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
180
180
  - !ruby/object:Gem::Version
181
181
  version: '0'
182
182
  requirements: []
183
- rubygems_version: 3.0.3
184
- signing_key:
183
+ rubygems_version: 3.1.6
184
+ signing_key:
185
185
  specification_version: 4
186
186
  summary: Fork from github-markup GitLab uses to render non markdown content
187
187
  test_files: