mini_magick 5.1.2 → 5.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -0
- data/lib/mini_magick/configuration.rb +11 -0
- data/lib/mini_magick/shell.rb +2 -2
- data/lib/mini_magick/tool.rb +4 -5
- data/lib/mini_magick/version.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da1546dc65a1492ca64c0747715e0e6b9b3b641541beac9edd6689a2e9544b8b
|
|
4
|
+
data.tar.gz: b03c897214f43f4d106d90b7fcea2d90ae1b9395afbefcf3810fd2af21fe5095
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 666e1178b7a89dedcae4de7220c1a41eb812f8a5a1b14143f669a1337deb26271a94ff7cc6698258617b2584dc93129e021b763365039939d83b7b85b47aa8f5
|
|
7
|
+
data.tar.gz: 6db3e4657d4e1db3c368b435ef256ba33becf7b164bea29154faeb209bd168f7c370b2ec915920c2ef1e1f61fde0da43b1753cacc6b829a9365039364b262902
|
data/README.md
CHANGED
|
@@ -241,6 +241,7 @@ MiniMagick.configure do |config|
|
|
|
241
241
|
config.logger = Logger.new($stdout) # where to log IM commands
|
|
242
242
|
config.cli_prefix = nil # add prefix to all IM commands
|
|
243
243
|
config.cli_env = {} # environment variables to set for IM commands
|
|
244
|
+
config.restricted_env = false # when true, block IM commands from accessing system environment variables other than those in cli_env
|
|
244
245
|
end
|
|
245
246
|
```
|
|
246
247
|
|
|
@@ -32,6 +32,16 @@ module MiniMagick
|
|
|
32
32
|
#
|
|
33
33
|
attr_accessor :cli_env
|
|
34
34
|
|
|
35
|
+
##
|
|
36
|
+
# If set to true, Open3 will restrict system calls to access only
|
|
37
|
+
# environment variables defined in :cli_env, plus HOME, PATH, and LANG
|
|
38
|
+
# since those are required for such system calls. It will not pass on any
|
|
39
|
+
# other environment variables from the system.
|
|
40
|
+
#
|
|
41
|
+
# @return [Boolean]
|
|
42
|
+
#
|
|
43
|
+
attr_accessor :restricted_env
|
|
44
|
+
|
|
35
45
|
##
|
|
36
46
|
# If you don't want commands to take too long, you can set a timeout (in
|
|
37
47
|
# seconds).
|
|
@@ -73,6 +83,7 @@ module MiniMagick
|
|
|
73
83
|
base.logger = Logger.new($stdout).tap { |l| l.level = Logger::INFO }
|
|
74
84
|
base.warnings = true
|
|
75
85
|
base.cli_env = {}.freeze
|
|
86
|
+
base.restricted_env = false
|
|
76
87
|
base.graphicsmagick = false
|
|
77
88
|
end
|
|
78
89
|
|
data/lib/mini_magick/shell.rb
CHANGED
|
@@ -27,12 +27,12 @@ module MiniMagick
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
def execute(command, stdin: "", timeout: MiniMagick.timeout)
|
|
30
|
-
env = {}
|
|
30
|
+
env = MiniMagick.restricted_env ? ENV.slice("HOME", "PATH", "LANG") : {}
|
|
31
31
|
env.merge!(MiniMagick.cli_env)
|
|
32
32
|
env["MAGICK_TIME_LIMIT"] = timeout.to_s if timeout
|
|
33
33
|
|
|
34
34
|
stdout, stderr, status = log(command.join(" ")) do
|
|
35
|
-
Open3.capture3(env, *command, stdin_data: stdin)
|
|
35
|
+
Open3.capture3(env, *command, stdin_data: stdin, unsetenv_others: MiniMagick.restricted_env)
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
[stdout, stderr, status&.exitstatus]
|
data/lib/mini_magick/tool.rb
CHANGED
|
@@ -121,11 +121,10 @@ module MiniMagick
|
|
|
121
121
|
# identify.executable #=> ["firejail", "--force", "magick", "identify"]
|
|
122
122
|
#
|
|
123
123
|
def executable
|
|
124
|
-
exe =
|
|
125
|
-
exe
|
|
126
|
-
exe
|
|
127
|
-
exe
|
|
128
|
-
exe
|
|
124
|
+
exe = Array(MiniMagick.cli_prefix)
|
|
125
|
+
exe << "magick" if MiniMagick.imagemagick7? && name != "magick"
|
|
126
|
+
exe << "gm" if MiniMagick.graphicsmagick
|
|
127
|
+
exe << name
|
|
129
128
|
end
|
|
130
129
|
|
|
131
130
|
##
|
data/lib/mini_magick/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mini_magick
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Corey Johnson
|
|
@@ -12,7 +12,7 @@ authors:
|
|
|
12
12
|
- Janko Marohnić
|
|
13
13
|
bindir: bin
|
|
14
14
|
cert_chain: []
|
|
15
|
-
date: 2025-02-
|
|
15
|
+
date: 2025-02-22 00:00:00.000000000 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: logger
|