Ruby gems - redcarpet - Versions diffs - 3.5.0 → 3.5.1 - Diffend - OSS supply chain security and management platform

redcarpet 3.5.0 → 3.5.1

Files changed (6) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0ab6ed54cafc5edbbd785307a772251508fe1a8c9d739e7b28a6f1b89e162dfb
-  data.tar.gz: b6a8579180b8933a1181be7aeaf4e544e1161499dac1f4fb1c5f34f61585b971
+  metadata.gz: 3e6ea78031a1e40620168cd57fcbfae06bec5bafabc8f6e600adc552a4fe5b40
+  data.tar.gz: 658dd33e836daa11effa88e0491d09387963ea349751efd278e9fbdac7026066
 SHA512:
-  metadata.gz: bc2a7f4ceab2736677752bde915f9090cabad682cfc71fc680958852d71ae18bc902d8a71ba47453adf689b41e87413bee3d766a8470d333654b6808f5b96b09
-  data.tar.gz: e2fb9c0596683da9b2b6c24597a58ebe2b62e958c1f21173a733d0344b6e671b78fedfc2171d7b5c3a1b945a7e0d355329a2d60aeadfe79616dc730d22904816
+  metadata.gz: b17b0208c25d4e8566fb4a154d0f66e778b702abcf58d1d1227fa2510be421c7496e20fd6402066adba3485778e935b46aff73fd412802eedb89e44470a7ad94
+  data.tar.gz: 1e1c8dd559979b8bd5f4de2d20e1127b2a964c03a267133c3d9a3703f71bce44a2f4dc2efdb0dc0cc331e0ab779bfad23e9b62af0ffc4ee9078896376bd86865

data/ext/redcarpet/html.c CHANGED

@@ -255,8 +255,15 @@ rndr_quote(struct buf *ob, const struct buf *text, void *opaque)
 	if (!text || !text->size)
 		return 0;
+	struct html_renderopt *options = opaque;
 	BUFPUTSL(ob, "<q>");
-	bufput(ob, text->data, text->size);
+	if (options->flags & HTML_ESCAPE)
+		escape_html(ob, text->data, text->size);
+	else
+		bufput(ob, text->data, text->size);
 	BUFPUTSL(ob, "</q>");
 	return 1;

data/lib/redcarpet.rb CHANGED

@@ -2,7 +2,7 @@ require 'redcarpet.so'
 require 'redcarpet/compat'
 module Redcarpet
-  VERSION = '3.5.0'
+  VERSION = '3.5.1'
   class Markdown
     attr_reader :renderer

data/redcarpet.gemspec CHANGED

@@ -1,10 +1,10 @@
 # encoding: utf-8
 Gem::Specification.new do |s|
   s.name = 'redcarpet'
-  s.version = '3.5.0'
+  s.version = '3.5.1'
   s.summary = "Markdown that smells nice"
   s.description = 'A fast, safe and extensible Markdown to (X)HTML parser'
-  s.date = '2019-07-29'
+  s.date = '2020-12-15'
   s.email = 'vicent@github.com'
   s.homepage = 'http://github.com/vmg/redcarpet'
   s.authors = ["Natacha Porté", "Vicent Martí"]

data/test/markdown_test.rb CHANGED

@@ -220,6 +220,16 @@ class MarkdownTest < Redcarpet::TestCase
     assert_equal '<p>this is a <q>quote</q></p>', output
   end
+  def test_quote_flag_honors_escape_html
+    text = 'We are not "<svg/onload=pwned>"'
+    output_enabled  = render(text, with: [:quote, :escape_html])
+    output_disabled = render(text, with: [:quote])
+    assert_equal "<p>We are not <q>&lt;svg/onload=pwned&gt;</q></p>", output_enabled
+    assert_equal "<p>We are not <q><svg/onload=pwned></q></p>", output_disabled
+  end
   def test_that_fenced_flag_works
     text = <<-fenced.strip_heredoc
       This is a simple test

metadata CHANGED

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: redcarpet
 version: !ruby/object:Gem::Version
-  version: 3.5.0
+  version: 3.5.1
 platform: ruby
 authors:
 - Natacha Porté
 - Vicent Martí
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-07-29 00:00:00.000000000 Z
+date: 2020-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -111,7 +111,7 @@ homepage: http://github.com/vmg/redcarpet
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -126,8 +126,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Markdown that smells nice
 test_files: