nokogiri 1.10.0.rc1-java → 1.10.1-java

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of nokogiri might be problematic. Click here for more details.

Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +10 -2
  3. data/dependencies.yml +45 -42
  4. data/ext/nokogiri/extconf.rb +4 -0
  5. data/ext/nokogiri/xml_node.c +2 -5
  6. data/ext/nokogiri/xslt_stylesheet.c +1 -1
  7. data/lib/nokogiri/css/xpath_visitor.rb +1 -1
  8. data/lib/nokogiri/nokogiri.jar +0 -0
  9. data/lib/nokogiri/version.rb +1 -1
  10. data/lib/nokogiri/xml/document.rb +1 -1
  11. data/lib/nokogiri/xml/node.rb +2 -2
  12. data/lib/nokogiri/xml/node_set.rb +42 -8
  13. metadata +35 -23
  14. data/patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch +0 -54
  15. data/patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch +0 -50
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a52688656f88bc663e0d4d7b23a0d10dc3d7a112ed33cb9bc676a5188da1f2c4
4
- data.tar.gz: 1333507fdb47aec9332c656f8694f306f434321c20b5b746e49ff11fb5d307db
3
+ metadata.gz: e494bcd53ca9b668b441e9ac7004710eab1157144414a9cf17a225ae7331cd3c
4
+ data.tar.gz: c321b8e32d8b6f3b3603a5176e45e568d1486bf93b503f59666d451b9a112231
5
5
  SHA512:
6
- metadata.gz: 6427e5c2e010a0bc00343d3a7f4056f35c28858d381e4cda7673a1fedb92ec5685440dab6e1a8c74d37aec546f4914639c7e6db342cc2cd4181a7dd3cec6c20a
7
- data.tar.gz: 9db756cac0473c53071b70567b610c83f0d9c192c8d91778d4329be15f85a5c633e0ee3acbf3dd9a6c8046f75587ca2c81c3f9d08bc3e68e934534831407d9bd
6
+ metadata.gz: fec7dedb5e770c7698e078855bda287ce7a400207991dd04db185bf5f3d2f464962fa954f2c23784938bbc70ced8daa2aa7d44ccc47147a224d9fe45a47854a3
7
+ data.tar.gz: 358510c46d46aa1f46388f153a873ff5d238c239e934b6fb24329fae865e7d466f260cfe567e9db063d6307f4f706a9539bdb122c9d670faeb3dab7ddf02a72a
data/README.md CHANGED
@@ -12,14 +12,16 @@ or CSS3 selectors.
12
12
  * http://nokogiri.org
13
13
  * [Installation Help](http://nokogiri.org/tutorials/installing_nokogiri.html)
14
14
  * [Tutorials](http://nokogiri.org)
15
+ * [Cheat Sheet](https://github.com/sparklemotion/nokogiri/wiki/Cheat-sheet)
15
16
  * [GitHub](https://github.com/sparklemotion/nokogiri)
16
17
  * [Mailing List](https://groups.google.com/group/nokogiri-talk)
17
- * [Bug Reports](https://github.com/sparklemotion/nokogiri/issues)
18
18
  * [Chat/Gitter](https://gitter.im/sparklemotion/nokogiri)
19
19
 
20
20
  [![Concourse CI](https://ci.nokogiri.org/api/v1/teams/nokogiri-core/pipelines/nokogiri/jobs/ruby-2.4-system/badge)](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/nokogiri?groups=master)
21
+
21
22
  [![Code Climate](https://codeclimate.com/github/sparklemotion/nokogiri.svg)](https://codeclimate.com/github/sparklemotion/nokogiri)
22
- [![Join the chat at https://gitter.im/sparklemotion/nokogiri](https://badges.gitter.im/sparklemotion/nokogiri.svg)](https://gitter.im/sparklemotion/nokogiri?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
23
+ [![Gem Version](https://badge.fury.io/rb/nokogiri.svg)](https://rubygems.org/gems/nokogiri)
24
+ [![SemVer compatibility](https://api.dependabot.com/badges/compatibility_score?dependency-name=nokogiri&package-manager=bundler&version-scheme=semver)](https://dependabot.com/compatibility-score.html?dependency-name=nokogiri&package-manager=bundler&version-scheme=semver)
23
25
  [![Tidelift dependencies](https://tidelift.com/badges/github/sparklemotion/nokogiri)](https://tidelift.com/subscription/pkg/rubygems-nokogiri?utm_source=rubygems-nokogiri&utm_medium=referral&utm_campaign=readme)
24
26
 
25
27
 
@@ -177,6 +179,12 @@ explicitly setting the encoding to EUC-JP on the parser:
177
179
  bundle exec rake
178
180
  ```
179
181
 
182
+
183
+ ## Code of Conduct
184
+
185
+ We've adopted the Contributor Covenant code of conduct, which you can read in full in [`CODE_OF_CONDUCT.md`](CODE_OF_CONDUCT.md).
186
+
187
+
180
188
  ## License
181
189
 
182
190
  This project is licensed under the terms of the MIT license.
data/dependencies.yml CHANGED
@@ -1,56 +1,59 @@
1
1
  libxml2:
2
- version: "2.9.8"
3
- sha256: "0b74e51595654f958148759cfef0993114ddccccbb6f31aee018f3558e8e2732"
4
- # manually verified checksum:
2
+ version: "2.9.9"
3
+ sha256: "94fb70890143e3c6549f265cee93ec064c80a84c42ad0f23e85ee1fd6540a871"
4
+ # manually verified checksum:
5
5
  #
6
- # $ gpg --verify libxml2-2.9.8.tar.gz.asc ./ports/archives/libxml2-2.9.8.tar.gz
7
- # gpg: Signature made Mon 05 Mar 2018 11:07:45 AM EST using RSA key ID 596BEA5D
8
- # gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>"
9
- # gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>"
10
- # gpg: WARNING: This key is not certified with a trusted signature!
11
- # gpg: There is no indication that the signature belongs to the owner.
12
- # Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F
13
- # Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D
6
+ # $ gpg --verify libxml2-2.9.9.tar.gz.asc ports/archives/libxml2-2.9.9.tar.gz
7
+ # gpg: Signature made Thu 03 Jan 2019 01:14:47 PM EST
8
+ # gpg: using RSA key 15588B26596BEA5D
9
+ # gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown]
10
+ # gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown]
11
+ # gpg: WARNING: This key is not certified with a trusted signature!
12
+ # gpg: There is no indication that the signature belongs to the owner.
13
+ # Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F
14
+ # Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D
14
15
  #
15
- # using this pgp signature:
16
- # -----BEGIN PGP SIGNATURE-----
16
+ # using this pgp signature:
17
17
  #
18
- # iQEcBAABAgAGBQJanWtRAAoJEBVYiyZZa+pdV7oIAJWdFahwt+reN/Zt2RPmjjcr
19
- # eSsY7UV1RXjScnNjTzJT1h2hJ7SnUjCkqjR6VdtKDUIzpuX+S2U83joafJH6mxUb
20
- # yw2nO4RfjYTPxpz5JkvqT7jmgEIaD81BuwcMehqpMpIfiKa2NgO1DSfZxgs8a9E2
21
- # +ehc/kZWuI5gmNGrd84EEWUqpYW/Xx7jy02osioJuU5IMPjzZKNR3maXp9oAKeBc
22
- # S2QNa1ID/pUk3K3M/5nlwNgAtQ7lxQrqhrSma2dsKt/IpL6VXomxuD4Bh1r2MZhX
23
- # uZ456X/xJN8UmPewLZWGBU1MK9wqu3Zx5Qwz64H6UdlYIzXZ2jXj2YWZa6xkxPA=
24
- # =69xn
25
- # -----END PGP SIGNATURE-----
18
+ # -----BEGIN PGP SIGNATURE-----
19
+ #
20
+ # iQEbBAABAgAGBQJcLlEXAAoJEBVYiyZZa+pd1B8H93xeCYNBLx+eX0xe3qS3ReS/
21
+ # YstjkXKUkmDQYwqQ/9Knmv1P6NX64hQL5E1pZX5sXp36giwXXJ5tCK72VRzektzU
22
+ # Kpo+M1/QA9feZQs1GmyKaXYzNwTSJnsdKA9nWqTHZ3bzfdhFSZ0czo94vgY/cz5z
23
+ # 9P3FIgeldj1vi8p2rjXbArMFQyaxHnve9LdxI8hbudNSeUw/FEV6mjtXrlZ7MXqn
24
+ # hmAkah2JwktOStF5tIlddCRqZeUPUX5flBxT95gfskXXlGEhaoGMXcC3izqqJyV2
25
+ # sx5nY7fnXdkwfYsgRUXYWmDmbs8DnFjXH9lux9O4OWglLonaRoAqFPcOzE3aCw==
26
+ # =4qWg
27
+ # -----END PGP SIGNATURE-----
26
28
  #
27
29
 
28
30
  libxslt:
29
- version: "1.1.32"
30
- sha256: "526ecd0abaf4a7789041622c3950c0e7f2c4c8835471515fd77eec684a355460"
31
- # manually verified checksum:
31
+ version: "1.1.33"
32
+ sha256: "8e36605144409df979cab43d835002f63988f3dc94d5d3537c12796db90e38c8"
33
+ # manually verified checksum:
32
34
  #
33
- # $ gpg --verify libxslt-1.1.32.tar.gz.asc libxslt-1.1.32.tar.gz
34
- # gpg: Signature made Thu 02 Nov 2017 04:35:04 PM EDT using RSA key ID 596BEA5D
35
- # gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>"
36
- # gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>"
37
- # gpg: WARNING: This key is not certified with a trusted signature!
38
- # gpg: There is no indication that the signature belongs to the owner.
39
- # Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F
40
- # Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D
35
+ # $ gpg --verify libxslt-1.1.33.tar.gz.asc ports/archives/libxslt-1.1.33.tar.gz
36
+ # gpg: Signature made Thu 03 Jan 2019 01:30:49 PM EST
37
+ # gpg: using RSA key 15588B26596BEA5D
38
+ # gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown]
39
+ # gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown]
40
+ # gpg: WARNING: This key is not certified with a trusted signature!
41
+ # gpg: There is no indication that the signature belongs to the owner.
42
+ # Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F
43
+ # Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D
41
44
  #
42
- # using this pgp signature:
45
+ # using this pgp signature:
43
46
  #
44
- # -----BEGIN PGP SIGNATURE-----
47
+ # -----BEGIN PGP SIGNATURE-----
45
48
  #
46
- # iQEcBAABAgAGBQJZ+4F4AAoJEBVYiyZZa+pdy1IIAMX1DpzYGdnv6GCPSKeZ0woD
47
- # sHmSkygJep0/sUQD1cYunNsNZnGDgWhnsLAvHOn3opJgsiaZhmhJ8Uo7QNlT+ni1
48
- # AvRFgQoSXLWSF5kkun4u7RvnpDI6jYfCuYSwb9SO4EAYFAQQJXQaKCeFq71gad+p
49
- # XGHJFAy2TqUVLNZ5I1mQz/oBeDsJ7RzHpYqaBxsLDqrCzRQ9ai23q+dFGS3jvLBr
50
- # 0gXw0MK73ceOwW12L5aLj4erNbATWmMFMDYZZwftysv3bgx2YfiOoZUTzufrB/Bc
51
- # MG8hP76aYBwIKNbhiDFGa2qdHGZGF7YQ4mi1/ZDX1K1G2tKKeEYxscM13JwiGb8=
52
- # =NuQO
53
- # -----END PGP SIGNATURE-----
49
+ # iQEcBAABAgAGBQJcLlTZAAoJEBVYiyZZa+pd9NkIAIf6ei2iSpR/0QOyS71esDq8
50
+ # 407PcUXd/yUjDANm4Uvm7kKK+SbbfBxFIPva4g984Noe1zYMfjK3u3iNs6jykySf
51
+ # mN5eo2wNCxsZnqjbnsLgQvn5VCQpPInTddTuGUxgqJyvnR7p785L1oA2EStSPMP4
52
+ # BGZ9dZGlbreK35WzgrhUi0VN5egJW2fpMsw7rTPvfwK+90gXL0DEm8v3WlA7fCDL
53
+ # QsvuPm7jPOXxdt5bYrVP8wpNMTJIGqV6jxh7Vvl6kiGLldUjCyoCh0AGXLror0Gs
54
+ # sAMlRKJNodpcCYkIWxzjLt74sUciKNrPLHZlXJcclZMONen1GWnVDcv83Tt9n6w=
55
+ # =iAm8
56
+ # -----END PGP SIGNATURE-----
54
57
  #
55
58
 
56
59
  zlib:
data/ext/nokogiri/extconf.rb CHANGED
@@ -392,6 +392,10 @@ when arg_config('--clean')
392
392
  do_clean
393
393
  end
394
394
 
395
+ if darwin?
396
+ ENV['CFLAGS'] = "#{ENV['CFLAGS']} -I /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/libxml2"
397
+ end
398
+
395
399
  if openbsd? && !using_system_libraries?
396
400
  if `#{ENV['CC'] || '/usr/bin/cc'} -v 2>&1` !~ /clang/
397
401
  ENV['CC'] ||= find_executable('egcc') or
data/ext/nokogiri/xml_node.c CHANGED
@@ -51,10 +51,6 @@ static void relink_namespace(xmlNodePtr reparented)
51
51
 
52
52
  ns = xmlSearchNs(reparented->doc, reparented, prefix);
53
53
 
54
- if (ns == NULL && reparented->parent) {
55
- ns = xmlSearchNs(reparented->doc, reparented->parent, prefix);
56
- }
57
-
58
54
  if (ns != NULL) {
59
55
  xmlNodeSetName(reparented, name);
60
56
  xmlSetNs(reparented, ns);
@@ -1133,7 +1129,8 @@ static VALUE set_native_content(VALUE self, VALUE content)
1133
1129
  * call-seq:
1134
1130
  * content
1135
1131
  *
1136
- * Returns the content for this Node
1132
+ * Returns the plaintext content for this Node. Note that entities will always
1133
+ * be expanded in the returned string.
1137
1134
  */
1138
1135
  static VALUE get_native_content(VALUE self)
1139
1136
  {
data/ext/nokogiri/xslt_stylesheet.c CHANGED
@@ -165,7 +165,7 @@ static VALUE transform(int argc, VALUE* argv, VALUE self)
165
165
 
166
166
  errstr = rb_str_new(0, 0);
167
167
  xsltSetGenericErrorFunc((void *)errstr, xslt_generic_error_handler);
168
- xmlSetGenericErrorFunc(NULL, (xmlGenericErrorFunc)&swallow_superfluous_xml_errors);
168
+ xmlSetGenericErrorFunc((void *)errstr, xslt_generic_error_handler);
169
169
 
170
170
  result = xsltApplyStylesheet(wrapper->ss, xml, params);
171
171
  free(params);
data/lib/nokogiri/css/xpath_visitor.rb CHANGED
@@ -51,7 +51,7 @@ module Nokogiri
51
51
  when /^comment\(/
52
52
  "comment()"
53
53
  when /^has\(/
54
- node.value[1].accept(self)
54
+ ".//#{node.value[1].accept(self)}"
55
55
  else
56
56
  args = ['.'] + node.value[1..-1]
57
57
  "#{node.value.first}#{args.join(', ')})"
data/lib/nokogiri/nokogiri.jar CHANGED
Binary file
data/lib/nokogiri/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Nokogiri
2
2
  # The version of Nokogiri you are using
3
- VERSION = '1.10.0.rc1'
3
+ VERSION = '1.10.1'
4
4
 
5
5
  class VersionInfo # :nodoc:
6
6
  def jruby?
data/lib/nokogiri/xml/document.rb CHANGED
@@ -41,7 +41,7 @@ module Nokogiri
41
41
  #
42
42
  # Nokogiri.XML() is a convenience method which will call this method.
43
43
  #
44
- def self.parse string_or_io, url = nil, encoding = nil, options = ParseOptions::DEFAULT_XML, &block
44
+ def self.parse string_or_io, url = nil, encoding = nil, options = ParseOptions::DEFAULT_XML
45
45
  options = Nokogiri::XML::ParseOptions.new(options) if Integer === options
46
46
  # Give the options to the user
47
47
  yield options if block_given?
data/lib/nokogiri/xml/node.rb CHANGED
@@ -495,7 +495,7 @@ module Nokogiri
495
495
  end
496
496
 
497
497
  ###
498
- # Returns a Hash of {prefix => value} for all namespaces on this
498
+ # Returns a Hash of +{prefix => value}+ for all namespaces on this
499
499
  # node and its ancestors.
500
500
  #
501
501
  # This method returns the same namespaces as #namespace_scopes.
@@ -807,7 +807,7 @@ module Nokogiri
807
807
  # Do xinclude substitution on the subtree below node. If given a block, a
808
808
  # Nokogiri::XML::ParseOptions object initialized from +options+, will be
809
809
  # passed to it, allowing more convenient modification of the parser options.
810
- def do_xinclude options = XML::ParseOptions::DEFAULT_XML, &block
810
+ def do_xinclude options = XML::ParseOptions::DEFAULT_XML
811
811
  options = Nokogiri::XML::ParseOptions.new(options) if Integer === options
812
812
 
813
813
  # give options to user
data/lib/nokogiri/xml/node_set.rb CHANGED
@@ -44,7 +44,7 @@ module Nokogiri
44
44
 
45
45
  ###
46
46
  # Returns the index of the first node in self that is == to +node+ or meets the given block. Returns nil if no match is found.
47
- def index(node = nil, &block)
47
+ def index(node = nil)
48
48
  if node
49
49
  warn "given block not used" if block_given?
50
50
  each_with_index { |member, j| return j if member == node }
@@ -171,16 +171,50 @@ module Nokogiri
171
171
  end
172
172
 
173
173
  ###
174
- # Set the attribute +key+ to +value+ or the return value of +blk+
175
- # on all Node objects in the NodeSet.
176
- def attr key, value = nil, &blk
177
- unless Hash === key || key && (value || blk)
178
- return first.attribute(key)
174
+ # Set attributes on each Node in the NodeSet, or get an
175
+ # attribute from the first Node in the NodeSet.
176
+ #
177
+ # To get an attribute from the first Node in a NodeSet:
178
+ #
179
+ # node_set.attr("href") # => "https://www.nokogiri.org"
180
+ #
181
+ # Note that an empty NodeSet will return nil when +#attr+ is called as a getter.
182
+ #
183
+ # To set an attribute on each node, +key+ can either be an
184
+ # attribute name, or a Hash of attribute names and values. When
185
+ # called as a setter, +#attr+ returns the NodeSet.
186
+ #
187
+ # If +key+ is an attribute name, then either +value+ or +block+
188
+ # must be passed.
189
+ #
190
+ # If +key+ is a Hash then attributes will be set for each
191
+ # key/value pair:
192
+ #
193
+ # node_set.attr("href" => "https://www.nokogiri.org", "class" => "member")
194
+ #
195
+ # If +value+ is passed, it will be used as the attribute value
196
+ # for all nodes:
197
+ #
198
+ # node_set.attr("href", "https://www.nokogiri.org")
199
+ #
200
+ # If +block+ is passed, it will be called on each Node object in
201
+ # the NodeSet and the return value used as the attribute value
202
+ # for that node:
203
+ #
204
+ # node_set.attr("class") { |node| node.name }
205
+ #
206
+ def attr key, value = nil, &block
207
+ unless key.is_a?(Hash) || (key && (value || block))
208
+ return first ? first.attribute(key) : nil
179
209
  end
180
210
 
181
211
  hash = key.is_a?(Hash) ? key : { key => value }
182
212
 
183
- hash.each { |k,v| each { |el| el[k] = v || blk[el] } }
213
+ hash.each do |k,v|
214
+ each do |node|
215
+ node[k] = v || block.call(node)
216
+ end
217
+ end
184
218
 
185
219
  self
186
220
  end
@@ -197,7 +231,7 @@ module Nokogiri
197
231
 
198
232
  ###
199
233
  # Iterate over each node, yielding to +block+
200
- def each(&block)
234
+ def each
201
235
  return to_enum unless block_given?
202
236
 
203
237
  0.upto(length - 1) do |x|
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nokogiri
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.10.0.rc1
4
+ version: 1.10.1
5
5
  platform: java
6
6
  authors:
7
7
  - Aaron Patterson
@@ -14,8 +14,22 @@ authors:
14
14
  autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
- date: 2019-01-03 00:00:00.000000000 Z
17
+ date: 2019-01-13 00:00:00.000000000 Z
18
18
  dependencies:
19
+ - !ruby/object:Gem::Dependency
20
+ requirement: !ruby/object:Gem::Requirement
21
+ requirements:
22
+ - - "~>"
23
+ - !ruby/object:Gem::Version
24
+ version: '0.15'
25
+ name: concourse
26
+ prerelease: false
27
+ type: :development
28
+ version_requirements: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - "~>"
31
+ - !ruby/object:Gem::Version
32
+ version: '0.15'
19
33
  - !ruby/object:Gem::Dependency
20
34
  requirement: !ruby/object:Gem::Requirement
21
35
  requirements:
@@ -77,7 +91,7 @@ dependencies:
77
91
  requirements:
78
92
  - - "~>"
79
93
  - !ruby/object:Gem::Version
80
- version: 5.8.4
94
+ version: '5.8'
81
95
  name: minitest
82
96
  prerelease: false
83
97
  type: :development
@@ -85,63 +99,63 @@ dependencies:
85
99
  requirements:
86
100
  - - "~>"
87
101
  - !ruby/object:Gem::Version
88
- version: 5.8.4
102
+ version: '5.8'
89
103
  - !ruby/object:Gem::Dependency
90
104
  requirement: !ruby/object:Gem::Requirement
91
105
  requirements:
92
106
  - - "~>"
93
107
  - !ruby/object:Gem::Version
94
- version: '12.0'
95
- name: rake
108
+ version: 1.4.14
109
+ name: racc
96
110
  prerelease: false
97
111
  type: :development
98
112
  version_requirements: !ruby/object:Gem::Requirement
99
113
  requirements:
100
114
  - - "~>"
101
115
  - !ruby/object:Gem::Version
102
- version: '12.0'
116
+ version: 1.4.14
103
117
  - !ruby/object:Gem::Dependency
104
118
  requirement: !ruby/object:Gem::Requirement
105
119
  requirements:
106
120
  - - "~>"
107
121
  - !ruby/object:Gem::Version
108
- version: 1.0.3
109
- name: rake-compiler
122
+ version: '12.0'
123
+ name: rake
110
124
  prerelease: false
111
125
  type: :development
112
126
  version_requirements: !ruby/object:Gem::Requirement
113
127
  requirements:
114
128
  - - "~>"
115
129
  - !ruby/object:Gem::Version
116
- version: 1.0.3
130
+ version: '12.0'
117
131
  - !ruby/object:Gem::Dependency
118
132
  requirement: !ruby/object:Gem::Requirement
119
133
  requirements:
120
134
  - - "~>"
121
135
  - !ruby/object:Gem::Version
122
- version: 0.7.0
123
- name: rake-compiler-dock
136
+ version: 1.0.3
137
+ name: rake-compiler
124
138
  prerelease: false
125
139
  type: :development
126
140
  version_requirements: !ruby/object:Gem::Requirement
127
141
  requirements:
128
142
  - - "~>"
129
143
  - !ruby/object:Gem::Version
130
- version: 0.7.0
144
+ version: 1.0.3
131
145
  - !ruby/object:Gem::Dependency
132
146
  requirement: !ruby/object:Gem::Requirement
133
147
  requirements:
134
148
  - - "~>"
135
149
  - !ruby/object:Gem::Version
136
- version: 1.4.14
137
- name: racc
150
+ version: 0.7.0
151
+ name: rake-compiler-dock
138
152
  prerelease: false
139
153
  type: :development
140
154
  version_requirements: !ruby/object:Gem::Requirement
141
155
  requirements:
142
156
  - - "~>"
143
157
  - !ruby/object:Gem::Version
144
- version: 1.4.14
158
+ version: 0.7.0
145
159
  - !ruby/object:Gem::Dependency
146
160
  requirement: !ruby/object:Gem::Requirement
147
161
  requirements:
@@ -161,15 +175,15 @@ dependencies:
161
175
  requirements:
162
176
  - - "~>"
163
177
  - !ruby/object:Gem::Version
164
- version: '0.15'
165
- name: concourse
178
+ version: '0.16'
179
+ name: simplecov
166
180
  prerelease: false
167
181
  type: :development
168
182
  version_requirements: !ruby/object:Gem::Requirement
169
183
  requirements:
170
184
  - - "~>"
171
185
  - !ruby/object:Gem::Version
172
- version: '0.15'
186
+ version: '0.16'
173
187
  - !ruby/object:Gem::Dependency
174
188
  requirement: !ruby/object:Gem::Requirement
175
189
  requirements:
@@ -495,8 +509,6 @@ files:
495
509
  - lib/xml-apis.jar
496
510
  - lib/xsd/xmlparser/nokogiri.rb
497
511
  - patches/libxml2/0001-Revert-Do-not-URI-escape-in-server-side-includes.patch
498
- - patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch
499
- - patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch
500
512
  homepage:
501
513
  licenses:
502
514
  - MIT
@@ -514,9 +526,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
514
526
  version: 2.3.0
515
527
  required_rubygems_version: !ruby/object:Gem::Requirement
516
528
  requirements:
517
- - - ">"
529
+ - - ">="
518
530
  - !ruby/object:Gem::Version
519
- version: 1.3.1
531
+ version: '0'
520
532
  requirements: []
521
533
  rubyforge_project:
522
534
  rubygems_version: 2.7.6
data/patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch DELETED
@@ -1,54 +0,0 @@
1
- From a436374994c47b12d5de1b8b1d191a098fa23594 Mon Sep 17 00:00:00 2001
2
- From: Nick Wellnhofer <wellnhofer@aevum.de>
3
- Date: Mon, 30 Jul 2018 12:54:38 +0200
4
- Subject: [PATCH] Fix nullptr deref with XPath logic ops
5
-
6
- If the XPath stack is corrupted, for example by a misbehaving extension
7
- function, the "and" and "or" XPath operators could dereference NULL
8
- pointers. Check that the XPath stack isn't empty and optimize the
9
- logic operators slightly.
10
-
11
- Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
12
-
13
- Also see
14
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
15
- https://bugzilla.redhat.com/show_bug.cgi?id=1595985
16
-
17
- This is CVE-2018-14404.
18
-
19
- Thanks to Guy Inbar for the report.
20
- ---
21
- xpath.c | 10 ++++------
22
- 1 file changed, 4 insertions(+), 6 deletions(-)
23
-
24
- diff --git a/xpath.c b/xpath.c
25
- index 3fae0bf..5e3bb9f 100644
26
- --- a/xpath.c
27
- +++ b/xpath.c
28
- @@ -13234,9 +13234,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
29
- return(0);
30
- }
31
- xmlXPathBooleanFunction(ctxt, 1);
32
- - arg1 = valuePop(ctxt);
33
- - arg1->boolval &= arg2->boolval;
34
- - valuePush(ctxt, arg1);
35
- + if (ctxt->value != NULL)
36
- + ctxt->value->boolval &= arg2->boolval;
37
- xmlXPathReleaseObject(ctxt->context, arg2);
38
- return (total);
39
- case XPATH_OP_OR:
40
- @@ -13252,9 +13251,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
41
- return(0);
42
- }
43
- xmlXPathBooleanFunction(ctxt, 1);
44
- - arg1 = valuePop(ctxt);
45
- - arg1->boolval |= arg2->boolval;
46
- - valuePush(ctxt, arg1);
47
- + if (ctxt->value != NULL)
48
- + ctxt->value->boolval |= arg2->boolval;
49
- xmlXPathReleaseObject(ctxt->context, arg2);
50
- return (total);
51
- case XPATH_OP_EQUAL:
52
- --
53
- 2.17.1
54
-
data/patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch DELETED
@@ -1,50 +0,0 @@
1
- From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
2
- From: Nick Wellnhofer <wellnhofer@aevum.de>
3
- Date: Mon, 30 Jul 2018 13:14:11 +0200
4
- Subject: [PATCH] Fix infinite loop in LZMA decompression
5
- MIME-Version: 1.0
6
- Content-Type: text/plain; charset=UTF-8
7
- Content-Transfer-Encoding: 8bit
8
-
9
- Check the liblzma error code more thoroughly to avoid infinite loops.
10
-
11
- Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
12
- Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
13
-
14
- This is CVE-2018-9251 and CVE-2018-14567.
15
-
16
- Thanks to Dongliang Mu and Simon Wörner for the reports.
17
- ---
18
- xzlib.c | 9 +++++++++
19
- 1 file changed, 9 insertions(+)
20
-
21
- diff --git a/xzlib.c b/xzlib.c
22
- index a839169..0ba88cf 100644
23
- --- a/xzlib.c
24
- +++ b/xzlib.c
25
- @@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
26
- "internal error: inflate stream corrupt");
27
- return -1;
28
- }
29
- + /*
30
- + * FIXME: Remapping a couple of error codes and falling through
31
- + * to the LZMA error handling looks fragile.
32
- + */
33
- if (ret == Z_MEM_ERROR)
34
- ret = LZMA_MEM_ERROR;
35
- if (ret == Z_DATA_ERROR)
36
- @@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
37
- xz_error(state, LZMA_PROG_ERROR, "compression error");
38
- return -1;
39
- }
40
- + if ((state->how != GZIP) &&
41
- + (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
42
- + xz_error(state, ret, "lzma error");
43
- + return -1;
44
- + }
45
- } while (strm->avail_out && ret != LZMA_STREAM_END);
46
-
47
- /* update available output and crc check value */
48
- --
49
- 2.17.1
50
-