RubyGems - hom - Versions diffs - 1.3.0 → 1.3.1 - Mend

hom 1.3.0 → 1.3.1

Files changed (11) hide show

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 80265a394bf1cecc27755bfcc583dbc81cb3ea51ffcb110fae6a61ecc3d0f0cd
+  data.tar.gz: 9ab3f813474864c3db170c4add2780309a2470f8bc4acca7c6daa2355bd27087
+SHA512:
+  metadata.gz: 1d7d556b5749cd886a0731f39734e32cd34dde6ee8ffc0c07294034d0554c0f9bc2f6c35c51bf1f206b50bd9f03a6c01fae28bab158590f1792782f1bee341d6
+  data.tar.gz: 6e27e6d36d7648c968c8bec6c45a99c263e056945eacab2b4de3538220a40f5ad881e5cf30974e5561c0645044eb3ea9968cda6c2ea0e4ab148e1f1d207206c7

data/CHANGES.md ADDED

@@ -0,0 +1,57 @@
+# 1.3.1
+* Added metadata to gemspec
+# 1.3.0
+* HOM::NodeList#join now returns a new node list
+* Added plus method to HOM::Element
+* Added plus method to HOM::Entity
+# 1.2.0
+* Added html_safe? methods to HOM::Element and HOM::NodeList for compatibility with [erubis-auto](https://github.com/timcraft/erubis-auto)
+# 1.1.0
+* Added HOM::NodeList class
+# 1.0.0
+* Ruby 1.8.7 compatibility
+* Removed support for rendering arbitrary objects by calling #html
+# 0.4.0
+* Deprecated support for rendering arbitrary objects by calling #html
+* Added notion of undefined content, changing how elements with nil content are rendered:
+  With an element like this: `HOM::Element.new(:h1, {}, nil)`
+  Pre v0.4.0 rendering: `<h1>`
+  Post v0.4.0 rendering: `<h1></h1>`
+# 0.3.0
+* Added notion of undefined attribute values, nil is now rendered as an empty value:
+  With an element like this: `HOM::Element.new(:input, {:value => nil})`
+  Pre v0.3.0 rendering: `<input value>`
+  Post v0.3.0 rendering: `<input value="">`
+* Removed Element#lookup method
+# 0.2.0
+* Replaced method missing attribute access with Element#lookup method
+# 0.1.0
+* First version!

data/LICENSE.txt ADDED

@@ -0,0 +1,4 @@
+Copyright (c) 2011-2020 TIMCRAFT
+This is an Open Source project licensed under the terms of the LGPLv3 license.
+Please see <http://www.gnu.org/licenses/lgpl-3.0.html> for license text.

data/README.md CHANGED

@@ -1,26 +1,24 @@
-hom
-===
+# hom
+[![Gem Version](https://badge.fury.io/rb/hom.svg)](https://badge.fury.io/rb/hom) [![Build Status](https://api.travis-ci.org/timcraft/hom.svg?branch=master)](https://travis-ci.org/timcraft/hom)
 A straightforward API for generating HTML.
-Motivation
-----------
+## Motivation
 HOM helps you implement HTML presentation logic in your code. Things like
 navigation links, select boxes, sets of checkboxes; anything with behaviour
 that is too complex for your templates.
-Installation
-------------
+## Installation
     $ gem install hom
-Quick start
------------
+## Quick start
 ```ruby
 require 'hom'
@@ -29,8 +27,7 @@ puts HOM::Element.new(:h1, nil, 'hello world')
 ```
-Using HOM::Element
-------------------
+## Using HOM::Element
 Create instances of HOM::Element to represent DOM elements. The first
 constructor argument is a symbol representing the tag name. For example,
@@ -73,8 +70,7 @@ generated HTML markup. HOM::Element objects are safe to use directly in Rails
 templates, all escaping is handled automatically.
-Using HOM::Entity
------------------
+## Using HOM::Entity
 Create instances of HOM::Entity to represent HTML entities. Use an integer
 argument for numeric entities and a symbol/string argument for named entities,
@@ -87,8 +83,7 @@ HOM::Entity.new(:nbsp)
 ```
-Using HOM::NodeList
--------------------
+## Using HOM::NodeList
 Use HOM::NodeList to group nodes together without having to wrap them in an
 outer element. For example:
@@ -100,3 +95,37 @@ HOM::NodeList.new(['This is a ', HOM::Element.new(:strong, nil, 'Contrived'), '
 Calling #to_s on a HOM::NodeList object will return a string containing the
 generated HTML markup. Calling #join will insert separator nodes, a bit like
 Array#join, but returning HTML safe output.
+## XSS 101
+Do you have helper methods that look like this:
+```ruby
+def user_name(user)
+  "<strong>#{user.name}</strong>".html_safe
+end
+```
+Bzzzt, that's a security vulnerability right there. If you're using Rails
+you should have code that looks like this:
+```ruby
+def user_name(user)
+  content_tag(:strong, user.name)
+end
+```
+The content_tag helper will automatically escape content not explicitly
+marked as safe. HOM will do very much the same thing, the equivalent helper
+method would look like this:
+```ruby
+def user_name(user)
+  HOM::Element.new(:strong, nil, user.name)
+end
+```
+Moral of the story: building up fragments of HTML using string interpolation
+and concatenation is highly error prone. Solution: use content_tag or HOM to
+safely build your content, and audit your usage of html_safe.

data/hom.gemspec CHANGED

@@ -1,18 +1,20 @@
 Gem::Specification.new do |s|
   s.name = 'hom'
-  s.version = '1.3.0'
+  s.version = '1.3.1'
+  s.license = 'LGPL-3.0'
   s.platform = Gem::Platform::RUBY
   s.authors = ['Tim Craft']
   s.email = ['mail@timcraft.com']
-  s.homepage = 'http://github.com/timcraft/hom'
+  s.homepage = 'https://github.com/timcraft/hom'
   s.description = 'A straightforward API for generating HTML'
   s.summary = 'See description'
-  s.files = Dir.glob('{lib,spec}/**/*') + %w(Rakefile README.md hom.gemspec)
-  s.add_development_dependency('rake', '~> 10.0.3')
-  s.add_development_dependency('activesupport', ['>= 3.0.3'])
+  s.files = Dir.glob('lib/**/*.rb') + %w(LICENSE.txt README.md CHANGES.md hom.gemspec)
+  s.required_ruby_version = '>= 1.9.3'
   s.require_path = 'lib'
-  if RUBY_VERSION == '1.8.7'
-    s.add_development_dependency('minitest', '>= 4.2.0')
-  end
+  s.metadata = {
+    'homepage' => 'https://github.com/timcraft/hom',
+    'source_code_uri' => 'https://github.com/timcraft/hom',
+    'bug_tracker_uri' => 'https://github.com/timcraft/hom/issues',
+    'changelog_uri' => 'https://github.com/timcraft/hom/blob/main/CHANGES.md'
+  }
 end

metadata CHANGED

@@ -1,48 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: hom
 version: !ruby/object:Gem::Version
-  version: 1.3.0
-  prerelease:
+  version: 1.3.1
 platform: ruby
 authors:
 - Tim Craft
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-06-10 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 10.0.3
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 10.0.3
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 3.0.3
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 3.0.3
+date: 2020-11-03 00:00:00.000000000 Z
+dependencies: []
 description: A straightforward API for generating HTML
 email:
 - mail@timcraft.com
@@ -50,37 +17,36 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- lib/hom.rb
-- spec/element_spec.rb
-- spec/encoding_spec.rb
-- spec/entity_spec.rb
-- spec/node_list_spec.rb
-- Rakefile
+- CHANGES.md
+- LICENSE.txt
 - README.md
 - hom.gemspec
-homepage: http://github.com/timcraft/hom
-licenses: []
-post_install_message:
+- lib/hom.rb
+homepage: https://github.com/timcraft/hom
+licenses:
+- LGPL-3.0
+metadata:
+  homepage: https://github.com/timcraft/hom
+  source_code_uri: https://github.com/timcraft/hom
+  bug_tracker_uri: https://github.com/timcraft/hom/issues
+  changelog_uri: https://github.com/timcraft/hom/blob/main/CHANGES.md
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 1.8.25
-signing_key:
-specification_version: 3
+rubygems_version: 3.1.4
+signing_key:
+specification_version: 4
 summary: See description
 test_files: []
-has_rdoc:

data/Rakefile DELETED

@@ -1,8 +0,0 @@
-require 'rake/testtask'
-task :default => :spec
-Rake::TestTask.new(:spec) do |t|
-  t.test_files = FileList['spec/*_spec.rb']
-  t.warning = true
-end

data/spec/element_spec.rb DELETED

@@ -1,42 +0,0 @@
-require 'minitest/autorun'
-require 'active_support/core_ext/string/output_safety'
-if defined? require_relative
-  require_relative '../lib/hom'
-else
-  require File.join(File.dirname(__FILE__), '../lib/hom')
-end
-describe 'HOM::Element' do
-  describe 'content query method' do
-    it 'returns false if the content is undefined' do
-      HOM::Element.new(:br).content?.must_equal(false)
-    end
-    it 'returns true otherwise' do
-      HOM::Element.new(:h1, nil, '').content?.must_equal(true)
-    end
-  end
-  describe 'html_safe query method' do
-    it 'returns true' do
-      HOM::Element.new(:br).html_safe?.must_equal(true)
-    end
-  end
-  describe 'to_s method' do
-    it 'returns an html safe string containing the encoded element' do
-      output = HOM::Element.new(:br).to_s
-      output.html_safe?.must_equal(true)
-      output.must_equal('<br>')
-    end
-  end
-  describe 'addition of an element with another object' do
-    it 'returns a node list containing the two nodes' do
-      nodes = HOM::Element.new(:br) + "\n"
-      nodes.must_be_instance_of(HOM::NodeList)
-      nodes.to_s.must_equal("<br>\n")
-    end
-  end
-end

data/spec/encoding_spec.rb DELETED

@@ -1,102 +0,0 @@
-require 'minitest/autorun'
-require 'active_support/core_ext/string/output_safety'
-if defined? require_relative
-  require_relative '../lib/hom'
-else
-  require File.join(File.dirname(__FILE__), '../lib/hom')
-end
-describe 'HOM::Encoding' do
-  describe 'encode method' do
-    it 'renders elements with a tag name' do
-      element = HOM::Element.new(:br)
-      HOM::Encoding.encode(element).must_equal('<br>')
-    end
-    it 'renders elements with a symbol attribute' do
-      element = HOM::Element.new(:input, :disabled)
-      HOM::Encoding.encode(element).must_equal('<input disabled>')
-    end
-    it 'renders elements with a hash of attributes' do
-      element = HOM::Element.new(:input, {:type => :text, :size => 30, :value => nil})
-      output = HOM::Encoding.encode(element)
-      output.must_match(/<input .+>/)
-      output.must_include(' type="text"')
-      output.must_include(' size="30"')
-      output.must_include(' value=""')
-    end
-    it 'renders elements with an array of mixed attributes' do
-      element = HOM::Element.new(:input, [{:type => :text, :size => 30}, :disabled])
-      output = HOM::Encoding.encode(element)
-      output.must_match(/<input .+>/)
-      output.must_include(' type="text"')
-      output.must_include(' size="30"')
-      output.must_include(' disabled')
-    end
-    it 'renders elements with empty content' do
-      element = HOM::Element.new(:h1, nil, '')
-      HOM::Encoding.encode(element).must_equal('<h1></h1>')
-    end
-    it 'renders elements with string content' do
-      element = HOM::Element.new(:h2, nil, 'hello world')
-      HOM::Encoding.encode(element).must_equal('<h2>hello world</h2>')
-    end
-    it 'renders elements with numeric content' do
-      element = HOM::Element.new(:h4, nil, 1234567890)
-      HOM::Encoding.encode(element).must_equal('<h4>1234567890</h4>')
-    end
-    it 'renders elements with a single child element' do
-      element = HOM::Element.new(:h5, nil, HOM::Element.new(:b, nil, 'how bold'))
-      HOM::Encoding.encode(element).must_equal('<h5><b>how bold</b></h5>')
-    end
-    it 'renders elements with nil content' do
-      element = HOM::Element.new(:h6, nil, nil)
-      HOM::Encoding.encode(element).must_equal('<h6></h6>')
-    end
-    it 'renders elements with multiple child elements' do
-      element = HOM::Element.new(:ul, nil, (1..3).map { |n| HOM::Element.new(:li, nil, n) })
-      HOM::Encoding.encode(element).must_equal('<ul><li>1</li><li>2</li><li>3</li></ul>')
-    end
-    it 'escapes string content' do
-      element = HOM::Element.new(:h3, nil, 'a && b, x > y')
-      HOM::Encoding.encode(element).must_equal('<h3>a &amp;&amp; b, x &gt; y</h3>')
-    end
-    it 'does not escape content that has been marked as html safe' do
-      element = HOM::Element.new(:span, nil, '<br>'.html_safe)
-      HOM::Encoding.encode(element).must_equal('<span><br></span>')
-    end
-  end
-  describe 'safe_encode method' do
-    it 'encodes the argument and marks it as html safe' do
-      element = HOM::Element.new(:br)
-      output = HOM::Encoding.safe_encode(element)
-      output.must_equal('<br>')
-      output.html_safe?.must_equal(true)
-    end
-  end
-end

data/spec/entity_spec.rb DELETED

@@ -1,67 +0,0 @@
-require 'minitest/autorun'
-if defined? require_relative
-  require_relative '../lib/hom'
-else
-  require File.join(File.dirname(__FILE__), '../lib/hom')
-end
-describe 'HOM::Entity' do
-  before do
-    @named_entity = HOM::Entity.new(:nbsp)
-    @numeric_entity = HOM::Entity.new(160)
-  end
-  describe 'value method' do
-    it 'returns the value passed to the constructor' do
-      @named_entity.value.must_equal(:nbsp)
-      @numeric_entity.value.must_equal(160)
-    end
-  end
-  describe 'numeric query method' do
-    it 'returns false for named entities' do
-      @named_entity.numeric?.must_equal(false)
-    end
-    it 'returns true for numeric entities' do
-      @numeric_entity.numeric?.must_equal(true)
-    end
-  end
-  describe 'named query method' do
-    it 'returns true for named entities' do
-      @named_entity.named?.must_equal(true)
-    end
-    it 'returns false for numeric entities' do
-      @numeric_entity.named?.must_equal(false)
-    end
-  end
-  describe 'to_s method' do
-    it 'returns the encoded html entity' do
-      @named_entity.to_s.must_equal('&nbsp;')
-      @numeric_entity.to_s.must_equal('&#160;')
-    end
-  end
-  describe 'html_safe query method' do
-    it 'returns true' do
-      @named_entity.html_safe?.must_equal(true)
-      @numeric_entity.html_safe?.must_equal(true)
-    end
-  end
-  describe 'addition of an entity with another object' do
-    it 'returns a node list containing the two nodes' do
-      nodes = HOM::Entity.new(:pound) + '9.99'
-      nodes.must_be_instance_of(HOM::NodeList)
-      nodes.to_s.must_equal('&pound;9.99')
-    end
-  end
-end

data/spec/node_list_spec.rb DELETED

@@ -1,59 +0,0 @@
-require 'minitest/autorun'
-require 'active_support/core_ext/string/output_safety'
-if defined? require_relative
-  require_relative '../lib/hom'
-else
-  require File.join(File.dirname(__FILE__), '../lib/hom')
-end
-describe 'HOM::NodeList' do
-  describe 'html_safe query method' do
-    it 'returns true' do
-      HOM::NodeList.new([]).html_safe?.must_equal(true)
-    end
-  end
-  describe 'to_s method' do
-    it 'returns an html safe string containing the encoded nodes' do
-      nodes = HOM::NodeList.new(['Hello', HOM::Entity.new(:nbsp), HOM::Element.new(:b, nil, 'World')])
-      output = nodes.to_s
-      output.must_equal('Hello&nbsp;<b>World</b>')
-      output.html_safe?.must_equal(true)
-    end
-  end
-  describe 'to_a method' do
-    it 'returns the array of nodes passed to the constructor' do
-      nodes = HOM::NodeList.new(%w(a b c))
-      nodes.to_a.must_equal(%w(a b c))
-    end
-  end
-  describe 'addition of two node lists' do
-    it 'returns a new node list containing the items in each list' do
-      nodes = HOM::NodeList.new(['one']) + HOM::NodeList.new(['two'])
-      nodes.must_be_instance_of(HOM::NodeList)
-      nodes.to_a.must_equal(%w(one two))
-    end
-  end
-  describe 'addition of a node list with an element object' do
-    it 'returns a new node list containing the items in the list and the additional element' do
-      element = HOM::Element.new(:b, nil, 'World')
-      nodes = HOM::NodeList.new(['Hello', HOM::Entity.new(:nbsp)]) + element
-      nodes.must_be_instance_of(HOM::NodeList)
-      nodes.to_s.must_equal('Hello&nbsp;<b>World</b>')
-    end
-  end
-  describe 'join method' do
-    it 'returns a new node list containing the items in the list seperated by the given node' do
-      nodes = HOM::NodeList.new(%w(a b c)).join(HOM::Entity.new(:nbsp))
-      nodes.must_be_instance_of(HOM::NodeList)
-      nodes.to_s.must_equal('a&nbsp;b&nbsp;c')
-    end
-  end
-end