lucide-ruby 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/lucide_ruby/tasks/lucide.rake +4 -2
  3. data/lib/lucide_ruby/version.rb +1 -1
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 43905c8c9c553118b094f0e378f32018a9109ac864761932683bac42049bd755
4
- data.tar.gz: 3f98fbe02ba6bd9e37755744dbb99e056a47a9890ae4a113bcd0c837fea0a679
3
+ metadata.gz: a0902f5bb59b803ef15f608817956033ac3aeafac4fd53f0e7105fcd1eca4d3c
4
+ data.tar.gz: eeb5517c4c477eb52e30e27ec7f61505aa95209a268c7665eee7333255e35ae5
5
5
  SHA512:
6
- metadata.gz: 571ecdc5dd9d53c52f1068b09b5bd79caff92f3330413846bacf8c85dc277484952647d743b927a3029f66d8555636802a020ed88ddb2c05b0cf0b7a16142c28
7
- data.tar.gz: c158de5c5b643f144d63d9c46bddd7d3f6aaaa75384cdd6109a8da8864137d60a1a05b599ae4e988d6aaac946d0b836952152e224b1088b3e66ea7b5190ce8e9
6
+ metadata.gz: ab36d567831359a48f01fe529ae40a339eb66ecaf87ad81460cd96842a3adffb915e5efe9e67a79d6025d053ceed018cc4cc2cd422b8135526050a517d24dde7
7
+ data.tar.gz: 8dbbe1a534e7e56801b2176c725146d090e99328d62fea3bcd9f24b906082a814823ac969f3264e9586696cd53a1d5d4460e2975c38b2fd739104cc43bda47fd
data/lib/lucide_ruby/tasks/lucide.rake CHANGED
@@ -142,12 +142,14 @@ def make_request(uri)
142
142
  end
143
143
 
144
144
  def extract_zip(zip_path, extract_path)
145
+ real_extract_path = File.realpath(extract_path)
146
+
145
147
  Zip::File.open(zip_path) do |zip_file|
146
148
  zip_file.each do |entry|
147
- entry_path = File.join(extract_path, entry.name)
149
+ entry_path = File.expand_path(entry.name, real_extract_path)
148
150
 
149
151
  # Prevent zip slip
150
- unless entry_path.start_with?(File.realpath(extract_path))
152
+ unless entry_path.start_with?(real_extract_path)
151
153
  raise LucideRuby::SyncError, "Zip slip detected: #{entry.name}"
152
154
  end
153
155
 
data/lib/lucide_ruby/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module LucideRuby
4
- VERSION = "0.1.4"
4
+ VERSION = "0.1.5"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lucide-ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.4
4
+ version: 0.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - lucide-ruby contributors