html-pipeline 3.0.0.pre3 → 3.0.0.pre5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 613a099c0290d87932d2bbaf78052d8c472518bb911d82fe651ad78a3cc32ee9
-  data.tar.gz: d03826dc83afb689e87395d3a365a24fd5b3608e3a29b632a79a5928acb84a2b
+  metadata.gz: 76b152d297b41b59af64604d1e0b034734c3ce6f3de999b1e614de96f500ecab
+  data.tar.gz: 5d06fbfb10d4390bec9b0c7efffadea4c0e7cf1aaf8ff4e57b23c4b2599bd928
 SHA512:
-  metadata.gz: 35ce289f0ca10929fba016a5dd0d7c0a6bf0d8f8d4390385590c0937190df67605b96b474a477a54feb5192a54fc5b299940d264483700a9c5deac04cff1b9e1
-  data.tar.gz: dbddce89afcb5f0291d28c9b24b4a2e4f25ea847d8960dc06a11f0c6cfd6cf2feb169f406fd69ca5f25a3eabc4338ce0cf7f2b94fa2147c682135bb6dee70728
+  metadata.gz: b4e943345b5febc342cd26417419982be10d2bc1e393e5783c280e06333db6d0e74a92b7d3fc173e84139fa9bc34f534f8823518b2a54ce7911e2e3e94d8dd86
+  data.tar.gz: 7f0fcf7e8821f86acd723a402b5911a3d667a09dd1013ae452a5494395f7535cc30a3bf1b5dca5aaac2c6bb54c103ad62d5ffdaf7f52c4ece182f553ddc810fd

data/.github/dependabot.yml

@@ -15,6 +15,3 @@ updates:
       time: "09:00"
       timezone: "Etc/UTC"
     open-pull-requests-limit: 10
-    allow:
-      - dependency-name: "*"
-        dependency-type: "production"

data/.github/workflows/automerge.yml

@@ -9,26 +9,5 @@ permissions:
 
 jobs:
   dependabot:
-    name: Dependabot
-    runs-on: ubuntu-latest
-
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    steps:
-      - name: Fetch Dependabot metadata
-        id: dependabot-metadata
-        uses: dependabot/fetch-metadata@v1
-        with:
-          github-token: "${{ secrets.GITHUB_TOKEN }}"
-
-      - name: Approve Dependabot PR
-        if: ${{steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major'}}
-        run: gh pr review --approve "$PR_URL"
-        env:
-          PR_URL: ${{github.event.pull_request.html_url}}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Merge Dependabot PR
-        run: gh pr merge --auto --squash "$PR_URL"
-        env:
-          PR_URL: ${{ github.event.pull_request.html_url }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    uses: yettoapp/actions/.github/workflows/automerge_dependabot.yml@main
+    secrets: inherit

data/.github/workflows/ci.yml

@@ -0,0 +1,22 @@
+name: CI
+
+on:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Ruby
+        uses: yettoapp/actions/setup-languages@main
+        with:
+          ruby: true
+
+      - name: Run tests
+        run: bundle exec rake test

data/.github/workflows/lint.yml

@@ -13,11 +13,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - uses: ruby/setup-ruby@v1
+
+      - name: Set up Ruby
+        uses: yettoapp/actions/setup-languages@main
         with:
-          ruby-version: 3.1.0
-          rubygems: latest
-          bundler-cache: true
-      - run: bundle install
+          ruby: true
+
       - name: Rubocop
         run: bundle exec rake rubocop

data/.github/workflows/publish.yml

@@ -0,0 +1,19 @@
+name: Release
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - "lib/html_pipeline/version.rb"
+
+jobs:
+  ruby:
+    uses: yettoapp/actions/.github/workflows/ruby_gem_release.yml@main
+    secrets:
+      rubygems_api_key: ${{ secrets.RUBYGEMS_API_BOT_KEY }}
+      gh_token: ${{ secrets.GITHUB_TOKEN }}
+    with:
+      gem_name: html-pipeline
+      version_filepath: lib/html_pipeline/version.rb

data/.ruby-version

@@ -0,0 +1 @@
+3.2.1

data/.vscode/settings.json

@@ -0,0 +1,8 @@
+{
+    "[markdown]": {
+        "editor.defaultFormatter": "esbenp.prettier-vscode"
+    },
+    "[ruby]": {
+        "editor.defaultFormatter": "Shopify.ruby-lsp"
+    }
+}

data/Gemfile

@@ -28,7 +28,7 @@ end
 
 group :test do
   gem "commonmarker", "~> 1.0.0.pre7", require: false
-  gem "gemoji", "~> 3.0", require: false
+  gem "gemoji", "~> 4.1", require: false
   gem "gemojione", "~> 4.3", require: false
 
   gem "minitest"
@@ -38,5 +38,5 @@ group :test do
   gem "nokogiri", "~> 1.13"
 
   gem "minitest-focus", "~> 1.1"
-  gem "rouge", "~> 3.1", require: false
+  gem "rouge", "~> 4.1", require: false
 end

data/README.md

@@ -1,23 +1,31 @@
-# HTMLPipeline
+# HTML-Pipeline
 
 > **Note**
-> This README refers to the behavior in the new 3.0.0.pre1 gem.
+> This README refers to the behavior in the new 3.0.0.pre gem.
 
 HTML processing filters and utilities. This module is a small
 framework for defining CSS-based content filters and applying them to user
 provided content.
 
-[Although this project was started at GitHub](https://github.com/blog/1311-html-pipeline-chainable-content-filters), they no longer do. This gem must be considered standalone and independent from GitHub.
-
-- [Installation](#installation)
-- [Usage](#usage)
-  - [More Examples](#more-examples)
-- [Filters](#filters)
-- [Dependencies](#dependencies)
-- [Documentation](#documentation)
-- [Instrumenting](#instrumenting)
-- [Third Party Extensions](#third-party-extensions)
-- [FAQ](#faq)
+[Although this project was started at GitHub](https://github.com/blog/1311-html-pipeline-chainable-content-filters), they no longer use it. This gem must be considered standalone and independent from GitHub.
+
+- [HTML-Pipeline](#html-pipeline)
+  - [Installation](#installation)
+  - [Usage](#usage)
+    - [More Examples](#more-examples)
+  - [Filters](#filters)
+    - [TextFilters](#textfilters)
+    - [ConvertFilter](#convertfilter)
+    - [Sanitization](#sanitization)
+    - [NodeFilters](#nodefilters)
+  - [Dependencies](#dependencies)
+  - [Documentation](#documentation)
+  - [Instrumenting](#instrumenting)
+  - [Third Party Extensions](#third-party-extensions)
+  - [FAQ](#faq)
+    - [1. Why doesn't my pipeline work when there's no root element in the document?](#1-why-doesnt-my-pipeline-work-when-theres-no-root-element-in-the-document)
+    - [2. How do I customize an allowlist for `SanitizationFilter`s?](#2-how-do-i-customize-an-allowlist-for-sanitizationfilters)
+    - [Contributors](#contributors)
 
 ## Installation
 
@@ -231,6 +239,7 @@ end
 For more information on how to write effective `NodeFilter`s, refer to the provided filters, and see the underlying lib, [Selma](https://www.github.com/gjtorikian/selma) for more information.
 
 - `AbsoluteSourceFilter`: replace relative image urls with fully qualified versions
+- `AssetProxyFilter`: replace image links with an encoded link to an asset server
 - `EmojiFilter`: converts `:<emoji>:` to [emoji](http://www.emoji-cheat-sheet.com/)
   - (Note: the included `MarkdownFilter` will already convert emoji)
 - `HttpsFilter`: Replacing http urls with https versions

data/html-pipeline.gemspec

@@ -25,7 +25,7 @@ Gem::Specification.new do |gem|
     "rubygems_mfa_required" => "true",
   }
 
-  gem.add_dependency("selma", "~> 0.0.1")
+  gem.add_dependency("selma", "~> 0.1")
   gem.add_dependency("zeitwerk", "~> 2.5")
 
   gem.post_install_message = <<~MSG

data/lib/html_pipeline/convert_filter.rb

@@ -12,6 +12,6 @@ class HTMLPipeline
       def call(text, context: {}, result: {})
         new(context: context, result: result).call(text)
       end
-  end
+    end
   end
 end

data/lib/html_pipeline/filter.rb

@@ -49,7 +49,7 @@ class HTMLPipeline
       def call(input, context: {})
         raise NoMethodError
       end
-  end
+    end
     # Make sure the context has everything we need. Noop: Subclasses can override.
     def validate; end
 

data/lib/html_pipeline/node_filter/absolute_source_filter.rb

@@ -4,6 +4,19 @@ require "uri"
 
 class HTMLPipeline
   class NodeFilter
+    # HTML Filter for replacing relative and root relative image URLs with
+    # fully qualified URLs
+    #
+    # This is useful if an image is root relative but should really be going
+    # through a cdn, or if the content for the page assumes the host is known
+    # i.e. scraped webpages and some RSS feeds.
+    #
+    # Context options:
+    #   :image_base_url - Base URL for image host for root relative src.
+    #   :image_subpage_url - For relative src.
+    #
+    # This filter does not write additional information to the context.
+    # Note: This filter would need to be run before AssetProxyFilter.
     class AbsoluteSourceFilter < NodeFilter
       SELECTOR = Selma::Selector.new(match_element: "img")
 
@@ -11,19 +24,6 @@ class HTMLPipeline
         SELECTOR
       end
 
-      # HTML Filter for replacing relative and root relative image URLs with
-      # fully qualified URLs
-      #
-      # This is useful if an image is root relative but should really be going
-      # through a cdn, or if the content for the page assumes the host is known
-      # i.e. scraped webpages and some RSS feeds.
-      #
-      # Context options:
-      #   :image_base_url - Base URL for image host for root relative src.
-      #   :image_subpage_url - For relative src.
-      #
-      # This filter does not write additional information to the context.
-      # This filter would need to be run before CamoFilter.
       def handle_element(element)
         src = element["src"]
         return if src.nil? || src.empty?

data/lib/html_pipeline/node_filter/asset_proxy_filter.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+require "openssl"
+
+class HTMLPipeline
+  class NodeFilter
+    # Proxy images/assets to another server, such as
+    # [cactus/go-camo](https://github.com/cactus/go-camo#).
+    # Reduces mixed content warnings as well as hiding the customer's
+    # IP address when requesting images.
+    # Copies the original img `src` to `data-canonical-src` then replaces the
+    # `src` with a new url to the proxy server.
+    #
+    # Based on https://github.com/gjtorikian/html-pipeline/blob/v2.14.3/lib/html/pipeline/camo_filter.rb
+    class AssetProxyFilter < NodeFilter
+      SELECTOR = Selma::Selector.new(match_element: "img")
+
+      def selector
+        SELECTOR
+      end
+
+      def handle_element(element)
+        original_src = element["src"]
+        return unless original_src
+
+        begin
+          uri = URI.parse(original_src)
+        rescue StandardError
+          return
+        end
+
+        return if uri.host.nil? && !original_src.start_with?("///")
+        return if asset_host_allowed?(uri.host)
+
+        element["src"] = asset_proxy_url(original_src)
+        element["data-canonical-src"] = original_src
+      end
+
+      def validate
+        needs(:asset_proxy, :asset_proxy_secret_key)
+      end
+
+      def asset_host_allowed?(host)
+        context[:asset_proxy_domain_regexp] ? context[:asset_proxy_domain_regexp].match?(host) : false
+      end
+
+      class << self
+        # This helps setup the context. It's not needed if you're always providing
+        # all the necessary keys in the context. One example would be to override
+        # this and pull the settings from a set of global application settings.
+        def transform_context(context, proxy_settings = {})
+          context[:asset_proxy] = proxy_settings[:url] if proxy_settings[:url]
+          context[:asset_proxy_secret_key] = proxy_settings[:secret_key] if proxy_settings[:secret_key]
+
+          allowlist = determine_allowlist(proxy_settings)
+          context[:asset_proxy_domain_regexp] ||= compile_allowlist(allowlist)
+
+          context
+        end
+
+        def compile_allowlist(domain_list)
+          return if domain_list.empty?
+
+          escaped = domain_list.map { |domain| Regexp.escape(domain).gsub("\\*", ".*?") }
+          Regexp.new("^(#{escaped.join("|")})$", Regexp::IGNORECASE)
+        end
+
+        def determine_allowlist(proxy_settings)
+          proxy_settings[:allowlist] || []
+        end
+      end
+
+      private def asset_proxy_url(url)
+        "#{context[:asset_proxy]}/#{asset_url_hash(url)}/#{hexencode(url)}"
+      end
+
+      private def asset_url_hash(url)
+        OpenSSL::HMAC.hexdigest("sha1", context[:asset_proxy_secret_key], url)
+      end
+
+      private def hexencode(str)
+        str.unpack1("H*")
+      end
+    end
+  end
+end

data/lib/html_pipeline/node_filter/mention_filter.rb

@@ -38,7 +38,7 @@ class HTMLPipeline
             yield match, login
           end
         end
-    end
+      end
       # Hash that contains all of the mention patterns used by the pipeline
       MENTION_PATTERNS = Hash.new do |hash, key|
         hash[key] = %r{

data/lib/html_pipeline/node_filter/team_mention_filter.rb

@@ -35,7 +35,7 @@ class HTMLPipeline
             yield match, org, team
           end
         end
-    end
+      end
 
       # Default pattern used to extract team names from text. The value can be
       # overridden by providing the team_pattern variable in the context. To

data/lib/html_pipeline/sanitization_filter.rb

@@ -183,6 +183,6 @@ class HTMLPipeline
         sanitization_config = Selma::Sanitizer.new(config)
         Selma::Rewriter.new(sanitizer: sanitization_config).rewrite(html)
       end
-  end
+    end
   end
 end

data/lib/html_pipeline/text_filter.rb

@@ -16,6 +16,6 @@ class HTMLPipeline
       def call(input, context: {}, result: {})
         new(input, context: context, result: result).call
       end
-  end
+    end
   end
 end

data/lib/html_pipeline/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 class HTMLPipeline
-  VERSION = "3.0.0.pre3"
+  VERSION = "3.0.0.pre5"
 end

data/lib/html_pipeline.rb

@@ -81,7 +81,7 @@ class HTMLPipeline
     def define_dependency_loaded_method(name, value)
       self.class.define_method(:"#{name}_loaded?", -> { value })
     end
-end
+  end
   # Public: Returns an Array of Filter objects for this Pipeline.
   attr_reader :text_filters, :node_filters
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: html-pipeline
 version: !ruby/object:Gem::Version
-  version: 3.0.0.pre3
+  version: 3.0.0.pre5
 platform: ruby
 authors:
 - Garen J. Torikian
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-02-15 00:00:00.000000000 Z
+date: 2023-06-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: selma
@@ -16,14 +16,15 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.1
+        version: '0.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.1
+        version: '0.1'
+  force_ruby_platform: false
 - !ruby/object:Gem::Dependency
   name: zeitwerk
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +39,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.5'
+  force_ruby_platform: false
 description: HTML processing filters and utilities
 email:
 - gjtorikian@gmail.com
@@ -48,11 +50,13 @@ files:
 - ".github/FUNDING.yml"
 - ".github/dependabot.yml"
 - ".github/workflows/automerge.yml"
+- ".github/workflows/ci.yml"
 - ".github/workflows/lint.yml"
-- ".github/workflows/tag_and_release.yml"
-- ".github/workflows/test.yml"
+- ".github/workflows/publish.yml"
 - ".gitignore"
 - ".rubocop.yml"
+- ".ruby-version"
+- ".vscode/settings.json"
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
@@ -67,6 +71,7 @@ files:
 - lib/html_pipeline/filter.rb
 - lib/html_pipeline/node_filter.rb
 - lib/html_pipeline/node_filter/absolute_source_filter.rb
+- lib/html_pipeline/node_filter/asset_proxy_filter.rb
 - lib/html_pipeline/node_filter/emoji_filter.rb
 - lib/html_pipeline/node_filter/https_filter.rb
 - lib/html_pipeline/node_filter/image_max_width_filter.rb
@@ -106,7 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 3.3.22
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.4.13
 signing_key: 
 specification_version: 4
 summary: Helpers for processing content through a chain of filters

data/.github/workflows/tag_and_release.yml

@@ -1,70 +0,0 @@
-name: Tag and Release
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - main
-    paths:
-      - "lib/html_pipeline/version.rb"
-
-jobs:
-  release:
-    env:
-      GEM_NAME: html-pipeline
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      GEM_HOST_API_KEY: ${{ secrets.RUBYGEMS_API_BOT_KEY }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Set up Ruby 3.1
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: 3.1
-          bundler-cache: true
-
-      - name: Configure Git
-        run: |
-          git config --local user.email "actions@github.com"
-          git config --local user.name "Actions Auto Build"
-
-      - name: Get current version
-        id: version-label
-        run: |
-          VERSION=$(grep VERSION lib/html_pipeline/version.rb | head -n 1 | cut -d'"' -f2)
-          echo "version=${VERSION}" >> $GITHUB_OUTPUT
-
-      - name: Create tag
-        run: |
-          git tag -a v${{ steps.version-label.outputs.version }} -m "Release v${{ steps.version-label.outputs.version }}"
-          git push origin --tags
-
-      - name: Generate CHANGELOG.md
-        id: changelog
-        run: script/generate_changelog
-
-      - name: Commit & Push Changelog
-        run: |
-          git config --local user.email "actions@github.com"
-          git config --local user.name "Actions Auto Build"
-          git add -f CHANGELOG.md
-          git commit -m "docs: update changelog" || true
-          git push
-
-      - name: Publish release
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          gh release create v${{ steps.version-label.outputs.version }} --generate-notes
-
-      - name: Publish to RubyGems
-        run: |
-          mkdir -p $HOME/.gem
-          touch $HOME/.gem/credentials
-          chmod 0600 $HOME/.gem/credentials
-          printf -- "---\n:rubygems_api_key: ${RUBYGEMS_API_BOT_KEY}\n" > $HOME/.gem/credentials
-          bundle exec rake package
-          for gem in pkg/html-pipeline-${{ steps.version-label.outputs.version }}*.gem ; do
-            gem push "$gem" --host https://rubygems.org
-          done

data/.github/workflows/test.yml

@@ -1,33 +0,0 @@
-name: Tests
-
-on:
-  pull_request:
-
-permissions:
-  contents: read
-
-jobs:
-  test:
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby-version:
-          - 3.1.0
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Set up Ruby ${{ matrix.ruby-version }}
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.ruby-version }}
-          rubygems: latest
-          bundler-cache: true
-
-      - name: Install dependencies
-        run: bundle install
-
-      - name: Run tests
-        run: bundle exec rake test