gollum 4.1.3 → 4.1.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 848c0eeff664faa7067ad673148909a639d4cf1699dcf2850733ee4f7461a349
4
- data.tar.gz: 1ec61b80592892a341d355783816aaa169b715b3f19ab86314da730348d40cb7
3
+ metadata.gz: 634cc4fc018daf2a0136c3efb1e9ab04960a1ff910007a7d958a7b225ffdd79b
4
+ data.tar.gz: 94a7266abd64ad6610b8844a61e2da2cfb896cfa5ed00013377c3a44709aea46
5
5
  SHA512:
6
- metadata.gz: 65bfd0f5a0691747d4f6ee1db70812483a0944381a1aa281c49bacb63ddb0a7b1e52aa72e90903e65cf4c83de7a3b46d4b6157d1526b9642674724b6290a46f3
7
- data.tar.gz: 37344ac1f0d65815b75ccc0750c626c828d53449d6c304725760a35a4855fcc8d22f90e21191439dbe11205b36aa2863259391d5b9b7f7402eefa2e6afac5d87
6
+ metadata.gz: 06f3c7b6ee5a0e241d903177533ceaf67bcd7557d45ba8795c4246294ff1cd8cb218641dc3ed1477b608ca22953a421bfe96249b1f4c3e510ca27dd94b332482
7
+ data.tar.gz: d30674aba9777221765f94319dde7424c9842abfec89a15867fe2f61e52dc9d259e9b6bd0ef35c2d3ff580e233e4ddf2cbf5e2bee6e4a000af106baf51ae01f5
@@ -19,11 +19,16 @@ Before submitting an issue, **please carefully look through the following places
19
19
  1. The [README](https://github.com/gollum/gollum/blob/master/README.md).
20
20
  1. The project's [wiki](https://github.com/gollum/gollum/wiki).
21
21
 
22
+ Security vulnerabilities can be reported directly to the maintainers using these GPG keys:
23
+
24
+ * [@dometto](https://pgp.mit.edu/pks/lookup?op=vindex&search=0xD637E455CD3E27BF)
25
+
22
26
  Lastly, please **consider helping out** by opening a Pull Request!
23
27
 
24
- Serious bugs can be reported directly to the maintainers using these GPG keys:
28
+ ## Triaging Issues [![Open Source Helpers](https://www.codetriage.com/gollum/gollum/badges/users.svg)](https://www.codetriage.com/gollum/gollum)
29
+
30
+ You can triage issues which may include reproducing bug reports or asking for vital information, such as version numbers or reproduction instructions. If you would like to start triaging issues, one easy way to get started is to [subscribe to gollum on CodeTriage](https://www.codetriage.com/gollum/gollum).
25
31
 
26
- * [@dometto](https://pgp.mit.edu/pks/lookup?op=vindex&search=0xD637E455CD3E27BF)
27
32
 
28
33
  ## Opening a Pull Request
29
34
 
data/HISTORY.md CHANGED
@@ -1,3 +1,11 @@
1
+ # 4.1.4 /2018-01-10
2
+
3
+ * Depend on new version of gollum-lib that relies on a patched version of sanitize, which solves a vulnerability (CVE-2018-3740). See https://github.com/gollum/gollum-lib/pull/296.
4
+
5
+ # 4.1.3 /2018-17-09
6
+
7
+ * Solves a vulnerability in the File view and All Pages view that would allow XSS.
8
+
1
9
  # 4.1.2 /2017-08-07
2
10
 
3
11
  * Lock to a newer version of gollum-lib to avoid installing an outdated and vulnerable dependency (nokogiri) on ruby 2.0. See https://github.com/gollum/gollum-lib/pull/279. Note: this breaks semantic versioning so those using outdated rubies will discover the problem on update.
@@ -0,0 +1,7 @@
1
+ **Note**: we are currently working on version 5.0 of gollum in an attempt to make it, better, faster, and easier to maintain. We will **not** be fixing issues with previous versions of gollum (4.x), except for security issues.
2
+
3
+ Please submit only issues that are present in the `5.x` branch of this project. When submitting issues with `5.x`, please include the output of `gollum --versions` in your ticket.
4
+
5
+ Please read [these guidelines](https://github.com/gollum/gollum/blob/master/CONTRIBUTING.md) before submitting your issue, and for info on reporting vulnerabilities.
6
+
7
+ Finally: we need your help! Please consider chipping in by submitting a PR rather than just by reporting your issue.
data/README.md CHANGED
@@ -3,7 +3,7 @@ gollum -- A git-based Wiki
3
3
 
4
4
  [![Gem Version](https://badge.fury.io/rb/gollum.svg)](http://badge.fury.io/rb/gollum)
5
5
  [![Build Status](https://travis-ci.org/gollum/gollum.svg?branch=master)](https://travis-ci.org/gollum/gollum)
6
- [![Dependency Status](https://gemnasium.com/gollum/gollum.svg)](https://gemnasium.com/gollum/gollum)
6
+ [![Open Source Helpers](https://www.codetriage.com/gollum/gollum/badges/users.svg)](https://www.codetriage.com/gollum/gollum)
7
7
 
8
8
  ## DESCRIPTION
9
9
 
@@ -33,9 +33,9 @@ For more information on Gollum's capabilities and pitfalls:
33
33
 
34
34
  | Operating System | Ruby | Adapters | Supported |
35
35
  | ---------------- | -------------- | ------------------ | --------- |
36
- | Unix/Linux-like | Ruby 1.9.3+ | all except [RJGit](https://github.com/repotag/rjgit) | yes |
36
+ | Unix/Linux-like | Ruby (MRI) 2.1.0+ | all except [RJGit](https://github.com/repotag/rjgit) | yes |
37
37
  | Unix/Linux-like | [JRuby](https://github.com/jruby/jruby) (1.9.3+ compatible) | [RJGit](https://github.com/repotag/rjgit) | yes |
38
- | Windows | Ruby 1.9.3+ | all except [RJGit](https://github.com/repotag/rjgit) | no |
38
+ | Windows | Ruby (MRI) 2.1.0+ | all except [RJGit](https://github.com/repotag/rjgit) | no |
39
39
  | Windows | [JRuby](https://github.com/jruby/jruby) (1.9.3+ compatible) | [RJGit](https://github.com/repotag/rjgit) | almost<sup>1</sup> |
40
40
 
41
41
  **Notes:**
@@ -5,8 +5,8 @@ Gem::Specification.new do |s|
5
5
  s.required_ruby_version = '>= 1.9'
6
6
 
7
7
  s.name = 'gollum'
8
- s.version = '4.1.3'
9
- s.date = '2018-09-17'
8
+ s.version = '4.1.4'
9
+ s.date = '2018-10-01'
10
10
  s.rubyforge_project = 'gollum'
11
11
  s.license = 'MIT'
12
12
 
@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
24
24
  s.rdoc_options = ['--charset=UTF-8']
25
25
  s.extra_rdoc_files = %w[README.md LICENSE]
26
26
 
27
- s.add_dependency 'gollum-lib', '>= 4.2.9'
27
+ s.add_dependency 'gollum-lib', '~> 4.2', '>= 4.2.10'
28
28
  s.add_dependency 'kramdown', '~> 1.9.0'
29
29
  s.add_dependency 'sinatra', '~> 1.4', '>= 1.4.4'
30
30
  s.add_dependency 'mustache', ['>= 0.99.5', '< 1.0.0']
@@ -44,6 +44,7 @@ Gem::Specification.new do |s|
44
44
  CONTRIBUTING.md
45
45
  Gemfile
46
46
  HISTORY.md
47
+ ISSUE_TEMPLATE.md
47
48
  LICENSE
48
49
  README.md
49
50
  Rakefile
@@ -16,7 +16,7 @@ require File.expand_path('../gollum/uri_encode_component', __FILE__)
16
16
  $KCODE = 'U' if RUBY_VERSION[0, 3] == '1.8'
17
17
 
18
18
  module Gollum
19
- VERSION = '4.1.3'
19
+ VERSION = '4.1.4'
20
20
 
21
21
  def self.assets_path
22
22
  ::File.expand_path('gollum/public', ::File.dirname(__FILE__))
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gollum
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.1.3
4
+ version: 4.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tom Preston-Werner
@@ -9,22 +9,28 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2018-09-17 00:00:00.000000000 Z
12
+ date: 2018-10-01 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: gollum-lib
16
16
  requirement: !ruby/object:Gem::Requirement
17
17
  requirements:
18
+ - - "~>"
19
+ - !ruby/object:Gem::Version
20
+ version: '4.2'
18
21
  - - ">="
19
22
  - !ruby/object:Gem::Version
20
- version: 4.2.9
23
+ version: 4.2.10
21
24
  type: :runtime
22
25
  prerelease: false
23
26
  version_requirements: !ruby/object:Gem::Requirement
24
27
  requirements:
28
+ - - "~>"
29
+ - !ruby/object:Gem::Version
30
+ version: '4.2'
25
31
  - - ">="
26
32
  - !ruby/object:Gem::Version
27
- version: 4.2.9
33
+ version: 4.2.10
28
34
  - !ruby/object:Gem::Dependency
29
35
  name: kramdown
30
36
  requirement: !ruby/object:Gem::Requirement
@@ -217,6 +223,7 @@ files:
217
223
  - CONTRIBUTING.md
218
224
  - Gemfile
219
225
  - HISTORY.md
226
+ - ISSUE_TEMPLATE.md
220
227
  - LICENSE
221
228
  - README.md
222
229
  - Rakefile