RubyGems - jekyll-l10n - Versions diffs - 1.1.7 → 1.2.0 - Mend

jekyll-l10n 1.1.7 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/jekyll-l10n/constants.rb +2 -2
data/lib/jekyll-l10n/extraction/extractor.rb +4 -1
data/lib/jekyll-l10n/po_file/path_builder.rb +22 -2
data/lib/jekyll-l10n/translation/libre_translator.rb +13 -5
data/lib/jekyll-l10n/utils/site_config_accessor.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8fabedd64ad1b1f3ae8a3813ce39c744d984ee0da55afe603011a9a98a616fab
-  data.tar.gz: 27e480e690413cdae46aa50090afd59d2bf049af56033df41ec896ca0f23b4be
+  metadata.gz: d59b40394ccd291d468bfd045b6b53ffd71204d6b42575f232e7159316c14561
+  data.tar.gz: c3c0bc5a22a1ce203a7623be5217f8477b9d4b57f39918ca221a10f693bbd053
 SHA512:
-  metadata.gz: 30f0108ee4e5ed06671d9011bf801c869000638435e581d5edf94caef53226c4e52158033d2060403b8d1b4efea269bf3dd78b61639a4ecd1130a14fa77ea785
-  data.tar.gz: 48b334740d078f791ac0d3a7b97cb3f0dc19c7b3e1f88ccae2526d864c95100a90cfe9e638f30ecc41e9598e9927c518420683b573bf7d2bd86aa6e38fe90eed
+  metadata.gz: b022fa06243f0d8150be0f53bcbd9861751634fb1d3af4d5cd16ae36bf11cbfb19fd3e86e3af63cad783fea3d21f56338ad4f14cde2fb68165ffe6b9146e12ad
+  data.tar.gz: 74a6fa21f10fe87de0c8f891f9eedb77d36d0df2d50ccd23a794cc20d3a127c183ad6edd35b6284189beb7d0472928ee0bbea8a075fbdfd1abd016586354dbbc

data/lib/jekyll-l10n/constants.rb CHANGED Viewed

@@ -114,8 +114,8 @@ module Jekyll
       # Default behavior when LibreTranslate API returns an error
       # If true, translation stops immediately. If false, continues with remaining entries.
-      # @return [Boolean] true
-      DEFAULT_LIBRETRANSLATE_STOP_ON_ERROR = true
+      # @return [Boolean] false
+      DEFAULT_LIBRETRANSLATE_STOP_ON_ERROR = false
       # Default interval for logging LibreTranslate translation progress
       # Progress is logged every N entries. Set to 0 to disable.

data/lib/jekyll-l10n/extraction/extractor.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require_relative "logger"
 require_relative "html_string_extractor"
 require_relative "../utils/file_operations"
 require_relative "../utils/site_config_accessor"
+require_relative "../utils/error_handler"
 module Jekyll
   module L10n
@@ -99,7 +100,9 @@ module Jekyll
         config = find_libretranslate_config
         return unless config
-        @result_saver.translate_compendia(config)
+        ErrorHandler.handle_with_logging("machine translation") do
+          @result_saver.translate_compendia(config)
+        end
       end
       def process_file(file_path)

data/lib/jekyll-l10n/po_file/path_builder.rb CHANGED Viewed

@@ -12,7 +12,8 @@ module Jekyll
     # Key responsibilities:
     # * Build paths for compendium PO files
     # * Build paths for page-specific PO files
-    # * Handle file path normalization
+    # * Handle file path normalization and validation
+    # * Prevent path traversal attacks
     #
     # @example
     #   compendium = PoPathBuilder.build('_site', '_locales', 'es', nil)
@@ -25,16 +26,35 @@ module Jekyll
       # For compendium (page_path nil): {source}/{locales_dir}/{locale}.po
       # For page-specific: {source}/{locales_dir}/{locale}/{page_path}.po
       #
+      # Validates that page_path doesn't escape the base directory using path
+      # traversal techniques (e.g., ../../../etc/passwd).
+      #
       # @param source [String] Site source directory
       # @param locales_dir [String] Locales directory name (e.g., '_locales')
       # @param locale [String] Locale code (e.g., 'es', 'fr')
       # @param page_path [String, nil] Page path for page-specific file, nil for compendium
       # @return [String] Full path to PO file
+      # @raise [Jekyll::L10n::Errors::PoFileError] if page_path attempts to escape base directory
       def self.build(source, locales_dir, locale, page_path)
         if page_path.nil?
           File.join(source, locales_dir, "#{locale}.po")
         else
-          File.join(source, locales_dir, locale, "#{page_path}.po")
+          # Build the normal path
+          normal_path = File.join(source, locales_dir, locale, "#{page_path}.po")
+          # Validate against path traversal using expanded paths
+          base_path = File.expand_path(File.join(source, locales_dir))
+          expanded_path = File.expand_path(normal_path)
+          # Security: Validate path stays within base directory
+          valid_path = expanded_path.start_with?(base_path + File::SEPARATOR) ||
+            expanded_path == base_path
+          unless valid_path
+            raise Jekyll::L10n::Errors::PoFileError,
+                  "Path traversal attempt detected in page_path: #{page_path}"
+          end
+          normal_path
         end
       end
     end

data/lib/jekyll-l10n/translation/libre_translator.rb CHANGED Viewed

@@ -198,6 +198,18 @@ module Jekyll
       def make_api_request(text, target_locale)
         uri = URI("#{@config.libretranslate_api_url}/translate")
         Jekyll.logger.debug "LibreTranslator", "Requesting #{uri}"
+        request = build_request(uri, text, target_locale)
+        response = http_config.request(request)
+        Jekyll.logger.debug "LibreTranslator", "Response code: #{response.code}"
+        handle_api_response(response)
+      rescue Net::ReadTimeout, Net::OpenTimeout => e
+        raise TranslationError, "API timeout: #{e.message}"
+      rescue Errno::ECONNREFUSED, Errno::ETIMEDOUT, SocketError => e
+        Jekyll.logger.warn "LibreTranslator", "#{e.class.name}: #{e.message}"
+        nil
+      end
+      def build_request(uri, text, target_locale)
         request = Net::HTTP::Post.new(uri, api_headers)
         request.body = {
           :q      => text,
@@ -205,11 +217,7 @@ module Jekyll
           :target => target_locale,
           :format => @config.libretranslate_format,
         }.to_json
-        response = http_config.request(request)
-        Jekyll.logger.debug "LibreTranslator", "Response code: #{response.code}"
-        handle_api_response(response)
-      rescue Net::ReadTimeout, Net::OpenTimeout => e
-        raise TranslationError, "API timeout: #{e.message}"
+        request
       end
       def handle_api_response(response)

data/lib/jekyll-l10n/utils/site_config_accessor.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Jekyll
     class SiteConfigAccessor
       # Extract localization configuration from site.
       #
-      # Accesses the localization_gettext configuration which contains the
+      # Accesses the with_locales_data configuration which contains the
       # locales, extraction settings, and other localization options.
       #
       # @param site [Jekyll::Site, Hash] Jekyll site object or hash double

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: jekyll-l10n
 version: !ruby/object:Gem::Version
-  version: 1.1.7
+  version: 1.2.0
 platform: ruby
 authors:
 - ReleaseBot