jekyll 2.1.0 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8630d257c463ffcf3ee92aad938ebd5975ff8c81
-  data.tar.gz: 9a07f6df12e2bf48b25f987c43d33834a03f49fc
+  metadata.gz: 5510f33edfed966c633c208d23735d3e38c48ff9
+  data.tar.gz: 52f440324622ff8b6ec21b9f3be4e1389ce1f5c4
 SHA512:
-  metadata.gz: 6ea2a31ab0006db1f258c101679ab98c9c401eb7738d18dec74f72c745f231e8fede3dc46a7e4582870b0210d75b407a669203416980fe3316e3ceec9bf0c470
-  data.tar.gz: d081db50caabc6c047916587691e5bac090967327f6508943c754d918f4ae0b9327e53a6b716147c5654e592f9c42bde75065808b5c8009e6b2749335b55976b
+  metadata.gz: 7e9ae32caf9787927f2cfec615b614d523c40948c7b7795a1387bc57b073459483babe3cf52ac1a525813d1c2cf9f0a3f0ee30e20919c91a38316338dda1dccf
+  data.tar.gz: fa070a7a332ad16d5671da91a1e9f739b7911b32baa87e6f882fd1920a4db39de70847d7bf679386a9f5ac027094cbce4e6b58c061a379ba7634d814a5a50dec

data/History.markdown

@@ -10,6 +10,21 @@
 
 ### Site Enhancements
 
+## 2.1.1 / 2014-07-01
+
+### Bug Fixes
+
+  * Patch read vulnerabilities for data & confirm none for layouts (#2563)
+  * Update Maruku dependency to allow use of the latest version (#2576)
+  * Remove conditional assignment from document URL to prevent stale urls (#2575)
+
+### Site Enhancements
+
+  * Add vertical margin to `highlight` to separate code blocks (#2558)
+  * Add `html_pages` to Variables docs (#2567)
+  * Fixed broken link to Permalinks page (#2572)
+  * Update link to Windows installation guide (#2578)
+
 ## 2.1.0 / 2014-06-28
 
 ### Minor Enhancements

data/features/markdown.feature

@@ -45,7 +45,7 @@ Feature: Markdown
     When I run jekyll build
     Then the _site directory should exist
     And I should see "My awesome code" in "_site/index.html"
-    And I should see "<pre><code>\nMy awesome code\n</code></pre>" in "_site/index.html"
+    And I should see "<pre><code>My awesome code</code></pre>" in "_site/index.html"
 
   Scenario: Maruku fenced codeblocks
     Given I have a configuration file with "markdown" set to "maruku"
@@ -64,4 +64,4 @@ Feature: Markdown
     When I run jekyll build
     Then the _site directory should exist
     And I should see "My awesome string" in "_site/index.html"
-    And I should see "<pre class="ruby"><code class="ruby">\nputs &quot;My awesome string&quot;\n</code></pre>" in "_site/index.html"
+    And I should see "<pre class="ruby"><code class="ruby">puts &quot;My awesome string&quot;</code></pre>" in "_site/index.html"

data/features/site_configuration.feature

@@ -273,3 +273,11 @@ Feature: Site configuration
     And I should see "Whatever" in "_site/index.html"
     And the "_site/test.txt" file should exist
     And I should see "this is a test" in "_site/test.txt"
+
+  Scenario: arbitrary file reads via layouts
+    Given I have an "index.html" page with layout "page" that contains "FOO"
+    And I have a "_config.yml" file that contains "layouts: '../../../../../../../../../../../../../../usr/include'"
+    When I run jekyll build
+    Then the _site directory should exist
+    And I should see "FOO" in "_site/index.html"
+    And I should not see " " in "_site/index.html"

data/jekyll.gemspec

@@ -50,7 +50,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency('rr', "~> 1.1")
   s.add_development_dependency('cucumber', "1.3.11")
   s.add_development_dependency('RedCloth', "~> 4.2")
-  s.add_development_dependency('maruku', "0.7.0")
+  s.add_development_dependency('maruku', "~> 0.7.0")
   s.add_development_dependency('rdiscount', "~> 1.6")
   s.add_development_dependency('launchy', "~> 2.3")
   s.add_development_dependency('simplecov', "~> 0.7")

data/lib/jekyll/convertible.rb

@@ -43,7 +43,7 @@ module Jekyll
     # Returns nothing.
     def read_yaml(base, name, opts = {})
       begin
-        self.content = File.read(File.join(base, name),
+        self.content = File.read(Jekyll.sanitized_path(base, name),
                                  merged_file_read_opts(opts))
         if content =~ /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m
           self.content = $POSTMATCH

data/lib/jekyll/document.rb

@@ -127,7 +127,7 @@ module Jekyll
     #
     # Returns the computed URL for the document.
     def url
-      @url ||= URL.new({
+      @url = URL.new({
         template:     url_template,
         placeholders: url_placeholders,
         permalink:    permalink

data/lib/jekyll/site.rb

@@ -195,7 +195,7 @@ module Jekyll
     #
     # Returns nothing
     def read_data(dir)
-      base = File.join(source, dir)
+      base = Jekyll.sanitized_path(source, dir)
       read_data_to(base, self.data)
     end
 
@@ -214,7 +214,7 @@ module Jekyll
       end
 
       entries.each do |entry|
-        path = File.join(dir, entry)
+        path = Jekyll.sanitized_path(dir, entry)
         next if File.symlink?(path) && safe
 
         key = sanitize_filename(File.basename(entry, '.*'))

data/lib/jekyll/version.rb

@@ -1,3 +1,3 @@
 module Jekyll
-  VERSION = '2.1.0'
+  VERSION = '2.1.1'
 end

data/site/_includes/css/style.css

@@ -699,6 +699,7 @@ pre, code {
 }
 
 .highlight {
+  margin: 1em 0;
   padding: 10px 0;
   width: 100%;
   overflow: auto;

data/site/_posts/2014-06-28-jekyll-turns-21-i-mean-2-1-0.markdown

@@ -25,3 +25,7 @@ things to look forward to:
 Let's go party!
 
 *Check out the [full changelog](/docs/history/) for more.*
+
+Many thanks to these 37 contributors for the 2.1.0 release:
+
+Alberto Grespan, Alessandro Lorenzi, Alex Medearis, Alfred Xing, Anatol Broder, Ben, Ben Balter, Bud Parr, Chezou, Denilson Figueiredo de Sá, Denilson Sá, Ivan Tse, Jens Nazarenus, Jesse Shawl, Jordon Bedwell, Josh Davis, János Rusiczki, Marc Ransome, Mathieu Bruyen, Matt Rogers, Parker Moore, Pat Hawks, Paul Henry, Peter Rhoades, Philipp Rudloff, Quinn Shanahan, Renaud Martinet, Rob Murray, Rodrigo Dumont, Simon Sarris, Terry, Terry Schmidt, Tomer Cohen, XhmikosR, Yihang Ho, jaybe@jekyll, and mikecole.

data/site/_posts/2014-07-01-jekyll-2-1-1-released.markdown

@@ -0,0 +1,30 @@
+---
+layout: news_item
+title: 'Jekyll 2.1.1 Released'
+date: 2014-07-01 20:16:43 -0400
+author: parkr
+version: 2.1.1
+categories: [release]
+---
+
+This is a minor release for Jekyll 2.1.0. It fixes a couple bugs and
+introduces fixes for a couple security-related issues.
+
+It covers two security vulnerabilities:
+
+1. One in the reading of data
+2. One in the `layouts` setting
+
+They were identified in Jekyll 1.5.1 and has been confirmed as patched
+in this version and the version used by GitHub Pages. If you are in the
+business of building Jekyll sites, please ensure you upgrade to 2.1.1 as
+soon as possible.
+
+For more, check out [`jekyll/jekyll#2563`](https://github.com/jekyll/jekyll/pull/2563).
+
+Additionally, the dependency on Maruku has been loosened and a bug was
+fixed with document URLs.
+
+As always, check out the [full changelog](/docs/history/) for more info!
+
+Happy Jekylling!

data/site/docs/collections.md

@@ -56,7 +56,7 @@ For example, if you have `_my_collection/some_subdir/some_doc.md`,
 it will be rendered using Liquid and the Markdown converter of your
 choice and written out to `<dest>/my_collection/some_subdir/some_doc.html`.
 
-As for posts with [Permalinks](../Permalinks/), document URL can be customized by setting a `permalink` metadata to the collection:
+As for posts with [Permalinks](../permalinks/), document URL can be customized by setting a `permalink` metadata to the collection:
 
 {% highlight yaml %}
 collections:

data/site/docs/datafiles.md

@@ -94,7 +94,8 @@ The organizations can then be accessed via `site.data.orgs`, followed by the fil
 {% highlight html %}
 {% raw %}
 <ul>
-{% for org in site.data.orgs %}
+{% for org_hash in site.data.orgs %}
+{% assign org = org_hash[1] %}
   <li>
     <a href="https://github.com/{{ org.username }}">
       {{ org.name }}

data/site/docs/variables.md

@@ -122,6 +122,30 @@ following is a reference of the available data.
 
       </p></td>
     </tr>
+    <tr>
+      <td><p><code>site.html_pages</code></p></td>
+      <td><p>
+
+        A list of all HTML Pages.
+
+      </p></td>
+    </tr>
+    <tr>
+      <td><p><code>site.collections</code></p></td>
+      <td><p>
+
+        A list of all the collections.
+
+      </p></td>
+    </tr>
+    <tr>
+      <td><p><code>site.data</code></p></td>
+      <td><p>
+
+        A list containing the data loaded from the YAML files located in the <code>_data</code> directory.
+
+      </p></td>
+    </tr>
     <tr>
       <td><p><code>site.documents</code></p></td>
       <td><p>

data/site/docs/windows.md

@@ -29,7 +29,7 @@ the site generation process. It can be done with the following command:
 $ chcp 65001
 {% endhighlight %}
 
-[windows-installation]: https://github.com/juthilo/run-jekyll-on-windows
+[windows-installation]: http://jekyll-windows.juthilo.com/
 
 ## Auto-regeneration
 

data/test/source/_slides/example-slide-3.html

@@ -0,0 +1,5 @@
+---
+  title: Override permalink
+  layout: slide
+  permalink: /slide/3/
+---

data/test/test_document.rb

@@ -165,6 +165,28 @@ class TestDocument < Test::Unit::TestCase
     end
   end
 
+  context "a document in a collection with a custom permalink" do
+    setup do
+      @site = Site.new(Jekyll.configuration({
+        "collections" => ["slides"],
+        "source"      => source_dir,
+        "destination" => dest_dir
+      }))
+      @site.process
+      @document = @site.collections["slides"].docs[2]
+      @dest_file = dest_dir("slide/3/index.html")
+    end
+
+    should "know its permalink" do
+      assert_equal "/slide/3/", @document.permalink
+    end
+
+    should "produce the right URL" do
+      assert_equal "/slide/3/", @document.url
+    end
+  end
+
+
   context " a document part of a rendered collection" do
   end
 

data/test/test_tags.rb

@@ -75,13 +75,13 @@ CONTENT
 
       tag = Jekyll::Tags::HighlightBlock.new('highlight', 'ruby linenos=table cssclass=hl', ["test", "{% endhighlight %}", "\n"])
       assert_equal({ :cssclass => 'hl', :linenos => 'table' }, tag.instance_variable_get(:@options))
-      
+
       tag = Jekyll::Tags::HighlightBlock.new('highlight', 'ruby linenos=table cssclass=hl hl_linenos=3', ["test", "{% endhighlight %}", "\n"])
       assert_equal({ :cssclass => 'hl', :linenos => 'table', :hl_linenos => '3' }, tag.instance_variable_get(:@options))
-      
+
       tag = Jekyll::Tags::HighlightBlock.new('highlight', 'ruby linenos=table cssclass=hl hl_linenos="3 5 6"', ["test", "{% endhighlight %}", "\n"])
       assert_equal({ :cssclass => 'hl', :linenos => 'table', :hl_linenos => ['3', '5', '6'] }, tag.instance_variable_get(:@options))
-      
+
       tag = Jekyll::Tags::HighlightBlock.new('highlight', 'Ruby ', ["test", "{% endhighlight %}", "\n"])
       assert_equal "ruby", tag.instance_variable_get(:@lang), "lexers should be case insensitive"
     end
@@ -420,9 +420,8 @@ CONTENT
         )
       end
 
-      # todo: if #112 is merged into maruku, update to remove the newlines inside code block
       should "render fenced code blocks" do
-        assert_match %r{<pre class=\"ruby\"><code class=\"ruby\">\nputs &quot;Hello world&quot;\n</code></pre>}, @result.strip
+        assert_match %r{<pre class=\"ruby\"><code class=\"ruby\">puts &quot;Hello world&quot;</code></pre>}, @result.strip
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jekyll
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.1.1
 platform: ruby
 authors:
 - Tom Preston-Werner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-29 00:00:00.000000000 Z
+date: 2014-07-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: liquid
@@ -308,14 +308,14 @@ dependencies:
   name: maruku
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.0
 - !ruby/object:Gem::Dependency
@@ -602,6 +602,7 @@ files:
 - site/_posts/2014-05-08-jekyll-2-0-3-released.markdown
 - site/_posts/2014-06-04-jekyll-stickers-1-dollar-stickermule.markdown
 - site/_posts/2014-06-28-jekyll-turns-21-i-mean-2-1-0.markdown
+- site/_posts/2014-07-01-jekyll-2-1-1-released.markdown
 - site/css/screen.css
 - site/docs/assets.md
 - site/docs/collections.md
@@ -727,6 +728,7 @@ files:
 - test/source/_sass/_grid.scss
 - test/source/_slides/example-slide-1.html
 - test/source/_slides/example-slide-2.html
+- test/source/_slides/example-slide-3.html
 - test/source/_with.dots/all.dots/2.4.0.md
 - test/source/_with.dots/file.with.dots.md
 - test/source/about.html
@@ -897,6 +899,7 @@ test_files:
 - test/source/_sass/_grid.scss
 - test/source/_slides/example-slide-1.html
 - test/source/_slides/example-slide-2.html
+- test/source/_slides/example-slide-3.html
 - test/source/_with.dots/all.dots/2.4.0.md
 - test/source/_with.dots/file.with.dots.md
 - test/source/about.html