open_rosa 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/lib/open_rosa/fields/input.rb +36 -0
- data/lib/open_rosa/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fa8424798700327f78994c65dd41b610a16f546c274687304ebf8fc1302010b4
|
|
4
|
+
data.tar.gz: 1e3b616ba25ed4d94aeabaf30ca7b17f3bb7845b7ceefc9025adf0203c995ae6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 50134a6ecccde9da4f9c863739eac0c56e7ba0319dc028f822ecdfec23a85224ce4dbd79243ffe08c00ad577ca8a79c5498cbecd0d537f751c11d39b1a83171c
|
|
7
|
+
data.tar.gz: fbf37c1061b1be0b5df045981a1e7f75e938e5f4f0be777838637e848ceb627b832fa0524057ed3c19df0cfa82f5595a382cb6567c04d789ba7b6de6deb2f057
|
data/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.3.0] - 2026-03-09
|
|
11
|
+
|
|
12
|
+
### Added
|
|
13
|
+
|
|
14
|
+
- Validate `regex()` constraint expressions at form definition time — rejects patterns with unescaped quotes (which break XPath parsing on the device) and patterns that don't compile as valid regular expressions
|
|
15
|
+
|
|
10
16
|
## [0.2.0] - 2026-03-09
|
|
11
17
|
|
|
12
18
|
### Added
|
|
@@ -11,6 +11,10 @@ module OpenRosa
|
|
|
11
11
|
geopoint geotrace geoshape barcode binary intent
|
|
12
12
|
].freeze
|
|
13
13
|
|
|
14
|
+
# Matches regex() calls with single- or double-quoted patterns
|
|
15
|
+
REGEX_CALL = /regex\s*\(/
|
|
16
|
+
REGEX_WITH_PATTERN = /regex\s*\(\s*[^,]+,\s*(?:'((?:[^'\\]|\\.)*)'|"((?:[^"\\]|\\.)*)")\s*\)/
|
|
17
|
+
|
|
14
18
|
def initialize(name, options = {})
|
|
15
19
|
super
|
|
16
20
|
@type = options.fetch(:type, :string)
|
|
@@ -23,10 +27,42 @@ module OpenRosa
|
|
|
23
27
|
private
|
|
24
28
|
|
|
25
29
|
def validate!
|
|
30
|
+
validate_type!
|
|
31
|
+
validate_constraint! if @constraint
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def validate_type!
|
|
26
35
|
return if VALID_TYPES.include?(@type)
|
|
27
36
|
|
|
28
37
|
raise ArgumentError, "type must be one of: #{VALID_TYPES.join(", ")}"
|
|
29
38
|
end
|
|
39
|
+
|
|
40
|
+
def validate_constraint!
|
|
41
|
+
# Extract and validate regex patterns from expressions like: regex(., 'pattern')
|
|
42
|
+
# Patterns are inside quotes in the XPath expression — an unescaped quote
|
|
43
|
+
# breaks the XPath parser on the device. We also verify patterns compile.
|
|
44
|
+
# Ruby's Oniguruma engine is a superset of Java's java.util.regex.Pattern,
|
|
45
|
+
# so a pattern that fails here will also fail on the device.
|
|
46
|
+
matched_patterns = @constraint.scan(REGEX_WITH_PATTERN)
|
|
47
|
+
matched_patterns.each do |single_quoted, double_quoted|
|
|
48
|
+
validate_regex_pattern!(single_quoted || double_quoted)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# If there are more regex() calls than we could parse, a quote is broken
|
|
52
|
+
regex_call_count = @constraint.scan(REGEX_CALL).length
|
|
53
|
+
return unless regex_call_count > matched_patterns.length
|
|
54
|
+
|
|
55
|
+
raise ArgumentError,
|
|
56
|
+
"constraint for '#{name}' contains a regex() with an invalid or " \
|
|
57
|
+
"unquoted pattern — check for unescaped quotes"
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def validate_regex_pattern!(pattern)
|
|
61
|
+
Regexp.new(pattern)
|
|
62
|
+
rescue RegexpError => e
|
|
63
|
+
raise ArgumentError,
|
|
64
|
+
"constraint regex for '#{name}' is not a valid regular expression: #{e.message}"
|
|
65
|
+
end
|
|
30
66
|
end
|
|
31
67
|
end
|
|
32
68
|
end
|
data/lib/open_rosa/version.rb
CHANGED