liquid 4.0.3 → 5.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.md +54 -0
- data/README.md +6 -0
- data/lib/liquid/block.rb +31 -14
- data/lib/liquid/block_body.rb +166 -54
- data/lib/liquid/condition.rb +41 -20
- data/lib/liquid/context.rb +107 -52
- data/lib/liquid/document.rb +47 -9
- data/lib/liquid/drop.rb +4 -2
- data/lib/liquid/errors.rb +20 -18
- data/lib/liquid/expression.rb +29 -34
- data/lib/liquid/extensions.rb +2 -0
- data/lib/liquid/file_system.rb +6 -4
- data/lib/liquid/forloop_drop.rb +11 -4
- data/lib/liquid/i18n.rb +5 -3
- data/lib/liquid/interrupts.rb +3 -1
- data/lib/liquid/lexer.rb +30 -23
- data/lib/liquid/locales/en.yml +3 -1
- data/lib/liquid/parse_context.rb +20 -4
- data/lib/liquid/parse_tree_visitor.rb +2 -2
- data/lib/liquid/parser.rb +30 -18
- data/lib/liquid/parser_switching.rb +17 -3
- data/lib/liquid/partial_cache.rb +24 -0
- data/lib/liquid/profiler/hooks.rb +26 -14
- data/lib/liquid/profiler.rb +67 -86
- data/lib/liquid/range_lookup.rb +13 -3
- data/lib/liquid/register.rb +6 -0
- data/lib/liquid/resource_limits.rb +47 -8
- data/lib/liquid/standardfilters.rb +95 -46
- data/lib/liquid/static_registers.rb +44 -0
- data/lib/liquid/strainer_factory.rb +36 -0
- data/lib/liquid/strainer_template.rb +53 -0
- data/lib/liquid/tablerowloop_drop.rb +6 -4
- data/lib/liquid/tag/disableable.rb +22 -0
- data/lib/liquid/tag/disabler.rb +21 -0
- data/lib/liquid/tag.rb +28 -6
- data/lib/liquid/tags/assign.rb +24 -10
- data/lib/liquid/tags/break.rb +8 -3
- data/lib/liquid/tags/capture.rb +11 -8
- data/lib/liquid/tags/case.rb +40 -27
- data/lib/liquid/tags/comment.rb +5 -3
- data/lib/liquid/tags/continue.rb +8 -3
- data/lib/liquid/tags/cycle.rb +25 -14
- data/lib/liquid/tags/decrement.rb +6 -3
- data/lib/liquid/tags/echo.rb +34 -0
- data/lib/liquid/tags/for.rb +68 -44
- data/lib/liquid/tags/if.rb +39 -23
- data/lib/liquid/tags/ifchanged.rb +11 -10
- data/lib/liquid/tags/include.rb +34 -47
- data/lib/liquid/tags/increment.rb +7 -3
- data/lib/liquid/tags/raw.rb +14 -11
- data/lib/liquid/tags/render.rb +84 -0
- data/lib/liquid/tags/table_row.rb +23 -19
- data/lib/liquid/tags/unless.rb +23 -15
- data/lib/liquid/template.rb +53 -72
- data/lib/liquid/template_factory.rb +9 -0
- data/lib/liquid/tokenizer.rb +18 -10
- data/lib/liquid/usage.rb +8 -0
- data/lib/liquid/utils.rb +13 -3
- data/lib/liquid/variable.rb +46 -41
- data/lib/liquid/variable_lookup.rb +11 -6
- data/lib/liquid/version.rb +2 -1
- data/lib/liquid.rb +17 -5
- data/test/integration/assign_test.rb +74 -5
- data/test/integration/blank_test.rb +11 -8
- data/test/integration/block_test.rb +47 -1
- data/test/integration/capture_test.rb +18 -10
- data/test/integration/context_test.rb +609 -5
- data/test/integration/document_test.rb +4 -2
- data/test/integration/drop_test.rb +67 -83
- data/test/integration/error_handling_test.rb +73 -61
- data/test/integration/expression_test.rb +46 -0
- data/test/integration/filter_test.rb +53 -42
- data/test/integration/hash_ordering_test.rb +5 -3
- data/test/integration/output_test.rb +26 -24
- data/test/integration/parsing_quirks_test.rb +19 -7
- data/test/integration/{render_profiling_test.rb → profiler_test.rb} +84 -25
- data/test/integration/security_test.rb +30 -21
- data/test/integration/standard_filter_test.rb +385 -281
- data/test/integration/tag/disableable_test.rb +59 -0
- data/test/integration/tag_test.rb +45 -0
- data/test/integration/tags/break_tag_test.rb +4 -2
- data/test/integration/tags/continue_tag_test.rb +4 -2
- data/test/integration/tags/echo_test.rb +13 -0
- data/test/integration/tags/for_tag_test.rb +107 -51
- data/test/integration/tags/if_else_tag_test.rb +5 -3
- data/test/integration/tags/include_tag_test.rb +70 -54
- data/test/integration/tags/increment_tag_test.rb +4 -2
- data/test/integration/tags/liquid_tag_test.rb +116 -0
- data/test/integration/tags/raw_tag_test.rb +14 -11
- data/test/integration/tags/render_tag_test.rb +213 -0
- data/test/integration/tags/standard_tag_test.rb +38 -31
- data/test/integration/tags/statements_test.rb +23 -21
- data/test/integration/tags/table_row_test.rb +2 -0
- data/test/integration/tags/unless_else_tag_test.rb +4 -2
- data/test/integration/template_test.rb +132 -124
- data/test/integration/trim_mode_test.rb +78 -44
- data/test/integration/variable_test.rb +74 -32
- data/test/test_helper.rb +113 -22
- data/test/unit/block_unit_test.rb +19 -24
- data/test/unit/condition_unit_test.rb +79 -77
- data/test/unit/file_system_unit_test.rb +6 -4
- data/test/unit/i18n_unit_test.rb +7 -5
- data/test/unit/lexer_unit_test.rb +11 -9
- data/test/{integration → unit}/parse_tree_visitor_test.rb +16 -2
- data/test/unit/parser_unit_test.rb +37 -35
- data/test/unit/partial_cache_unit_test.rb +128 -0
- data/test/unit/regexp_unit_test.rb +17 -15
- data/test/unit/static_registers_unit_test.rb +156 -0
- data/test/unit/strainer_factory_unit_test.rb +100 -0
- data/test/unit/strainer_template_unit_test.rb +82 -0
- data/test/unit/tag_unit_test.rb +5 -3
- data/test/unit/tags/case_tag_unit_test.rb +3 -1
- data/test/unit/tags/for_tag_unit_test.rb +4 -2
- data/test/unit/tags/if_tag_unit_test.rb +3 -1
- data/test/unit/template_factory_unit_test.rb +12 -0
- data/test/unit/template_unit_test.rb +19 -10
- data/test/unit/tokenizer_unit_test.rb +26 -19
- data/test/unit/variable_unit_test.rb +51 -49
- metadata +76 -50
- data/lib/liquid/strainer.rb +0 -66
- data/lib/liquid/truffle.rb +0 -5
- data/test/truffle/truffle_test.rb +0 -9
- data/test/unit/context_unit_test.rb +0 -489
- data/test/unit/strainer_unit_test.rb +0 -164
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require 'test_helper'
|
|
2
4
|
|
|
3
5
|
module SecurityFilter
|
|
@@ -14,65 +16,72 @@ class SecurityTest < Minitest::Test
|
|
|
14
16
|
end
|
|
15
17
|
|
|
16
18
|
def test_no_instance_eval
|
|
17
|
-
text
|
|
19
|
+
text = %( {{ '1+1' | instance_eval }} )
|
|
18
20
|
expected = %( 1+1 )
|
|
19
21
|
|
|
20
|
-
assert_equal
|
|
22
|
+
assert_equal(expected, Template.parse(text).render!(@assigns))
|
|
21
23
|
end
|
|
22
24
|
|
|
23
25
|
def test_no_existing_instance_eval
|
|
24
|
-
text
|
|
26
|
+
text = %( {{ '1+1' | __instance_eval__ }} )
|
|
25
27
|
expected = %( 1+1 )
|
|
26
28
|
|
|
27
|
-
assert_equal
|
|
29
|
+
assert_equal(expected, Template.parse(text).render!(@assigns))
|
|
28
30
|
end
|
|
29
31
|
|
|
30
32
|
def test_no_instance_eval_after_mixing_in_new_filter
|
|
31
|
-
text
|
|
33
|
+
text = %( {{ '1+1' | instance_eval }} )
|
|
32
34
|
expected = %( 1+1 )
|
|
33
35
|
|
|
34
|
-
assert_equal
|
|
36
|
+
assert_equal(expected, Template.parse(text).render!(@assigns))
|
|
35
37
|
end
|
|
36
38
|
|
|
37
39
|
def test_no_instance_eval_later_in_chain
|
|
38
|
-
text
|
|
40
|
+
text = %( {{ '1+1' | add_one | instance_eval }} )
|
|
39
41
|
expected = %( 1+1 + 1 )
|
|
40
42
|
|
|
41
|
-
assert_equal
|
|
43
|
+
assert_equal(expected, Template.parse(text).render!(@assigns, filters: SecurityFilter))
|
|
42
44
|
end
|
|
43
45
|
|
|
44
|
-
def
|
|
46
|
+
def test_does_not_permanently_add_filters_to_symbol_table
|
|
45
47
|
current_symbols = Symbol.all_symbols
|
|
46
48
|
|
|
47
|
-
|
|
49
|
+
# MRI imprecisely marks objects found on the C stack, which can result
|
|
50
|
+
# in uninitialized memory being marked. This can even result in the test failing
|
|
51
|
+
# deterministically for a given compilation of ruby. Using a separate thread will
|
|
52
|
+
# keep these writes of the symbol pointer on a separate stack that will be garbage
|
|
53
|
+
# collected after Thread#join.
|
|
54
|
+
Thread.new do
|
|
55
|
+
test = %( {{ "some_string" | a_bad_filter }} )
|
|
56
|
+
Template.parse(test).render!
|
|
57
|
+
nil
|
|
58
|
+
end.join
|
|
48
59
|
|
|
49
|
-
|
|
50
|
-
assert_equal [], (Symbol.all_symbols - current_symbols)
|
|
60
|
+
GC.start
|
|
51
61
|
|
|
52
|
-
|
|
53
|
-
assert_equal [], (Symbol.all_symbols - current_symbols)
|
|
62
|
+
assert_equal([], (Symbol.all_symbols - current_symbols))
|
|
54
63
|
end
|
|
55
64
|
|
|
56
65
|
def test_does_not_add_drop_methods_to_symbol_table
|
|
57
66
|
current_symbols = Symbol.all_symbols
|
|
58
67
|
|
|
59
68
|
assigns = { 'drop' => Drop.new }
|
|
60
|
-
assert_equal
|
|
61
|
-
assert_equal
|
|
62
|
-
assert_equal
|
|
69
|
+
assert_equal("", Template.parse("{{ drop.custom_method_1 }}", assigns).render!)
|
|
70
|
+
assert_equal("", Template.parse("{{ drop.custom_method_2 }}", assigns).render!)
|
|
71
|
+
assert_equal("", Template.parse("{{ drop.custom_method_3 }}", assigns).render!)
|
|
63
72
|
|
|
64
|
-
assert_equal
|
|
73
|
+
assert_equal([], (Symbol.all_symbols - current_symbols))
|
|
65
74
|
end
|
|
66
75
|
|
|
67
76
|
def test_max_depth_nested_blocks_does_not_raise_exception
|
|
68
77
|
depth = Liquid::Block::MAX_DEPTH
|
|
69
|
-
code
|
|
70
|
-
assert_equal
|
|
78
|
+
code = "{% if true %}" * depth + "rendered" + "{% endif %}" * depth
|
|
79
|
+
assert_equal("rendered", Template.parse(code).render!)
|
|
71
80
|
end
|
|
72
81
|
|
|
73
82
|
def test_more_than_max_depth_nested_blocks_raises_exception
|
|
74
83
|
depth = Liquid::Block::MAX_DEPTH + 1
|
|
75
|
-
code
|
|
84
|
+
code = "{% if true %}" * depth + "rendered" + "{% endif %}" * depth
|
|
76
85
|
assert_raises(Liquid::StackLevelError) do
|
|
77
86
|
Template.parse(code).render!
|
|
78
87
|
end
|