safe_yaml 0.9.3 → 0.9.4

Sign up to get free protection for your applications and to get access to all the features.
data/CHANGES.md CHANGED
@@ -1,3 +1,13 @@
1
+ 0.9.4
2
+ -----
3
+
4
+ - corrected handling of symbols
5
+
6
+ 0.9.3
7
+ -----
8
+
9
+ - fixed permissions :(
10
+
1
11
  0.9.2
2
12
  -----
3
13
 
@@ -1,12 +1,16 @@
1
1
  module SafeYAML
2
2
  class Transform
3
3
  class ToSymbol
4
- MATCHER = /\A:"?(\w+)"?\Z/.freeze
4
+ def transform?(value, options=SafeYAML::OPTIONS)
5
+ if options[:deserialize_symbols] && value =~ /\A:./
6
+ if value =~ /\A:(["'])(.*)\1\Z/
7
+ return true, $2.sub(/^:/, "").to_sym
8
+ else
9
+ return true, value.sub(/^:/, "").to_sym
10
+ end
11
+ end
5
12
 
6
- def transform?(value, options=nil)
7
- options ||= SafeYAML::OPTIONS
8
- return false unless options[:deserialize_symbols] && MATCHER.match(value)
9
- return true, $1.to_sym
13
+ return false
10
14
  end
11
15
  end
12
16
  end
@@ -1,3 +1,3 @@
1
1
  module SafeYAML
2
- VERSION = "0.9.3"
2
+ VERSION = "0.9.4"
3
3
  end
@@ -27,6 +27,14 @@ describe SafeYAML::Transform::ToSymbol do
27
27
  with_symbol_deserialization { subject.transform?(':"foo"')[0].should be_true }
28
28
  end
29
29
 
30
+ it "returns true when the value matches a valid String+Symbol with 's" do
31
+ with_symbol_deserialization { subject.transform?(":'foo'")[0].should be_true }
32
+ end
33
+
34
+ it "returns true when the value has special characters and is wrapped in a String" do
35
+ with_symbol_deserialization { subject.transform?(':"foo.bar"')[0].should be_true }
36
+ end
37
+
30
38
  it "returns false when symbol deserialization is disabled" do
31
39
  without_symbol_deserialization { subject.transform?(":foo").should be_false }
32
40
  end
@@ -40,10 +48,4 @@ describe SafeYAML::Transform::ToSymbol do
40
48
  subject.transform?("NOT A SYMBOL\n:foo").should be_false
41
49
  end
42
50
  end
43
-
44
- it "returns false when the symbol does not end the line" do
45
- with_symbol_deserialization do
46
- subject.transform?(":foo\nNOT A SYMBOL").should be_false
47
- end
48
- end
49
51
  end
metadata CHANGED
@@ -1,14 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: safe_yaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.3
4
+ version: 0.9.4
5
+ prerelease:
5
6
  platform: ruby
6
7
  authors:
7
8
  - Dan Tao
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2013-06-06 00:00:00.000000000 Z
12
+ date: 2013-07-09 00:00:00.000000000 Z
12
13
  dependencies: []
13
14
  description: Parse YAML safely, without that pesky arbitrary object deserialization
14
15
  vulnerability
@@ -63,26 +64,27 @@ files:
63
64
  homepage: http://dtao.github.com/safe_yaml/
64
65
  licenses:
65
66
  - MIT
66
- metadata: {}
67
67
  post_install_message:
68
68
  rdoc_options: []
69
69
  require_paths:
70
70
  - lib
71
71
  required_ruby_version: !ruby/object:Gem::Requirement
72
+ none: false
72
73
  requirements:
73
74
  - - ! '>='
74
75
  - !ruby/object:Gem::Version
75
76
  version: 1.8.7
76
77
  required_rubygems_version: !ruby/object:Gem::Requirement
78
+ none: false
77
79
  requirements:
78
80
  - - ! '>='
79
81
  - !ruby/object:Gem::Version
80
82
  version: '0'
81
83
  requirements: []
82
84
  rubyforge_project:
83
- rubygems_version: 2.0.3
85
+ rubygems_version: 1.8.25
84
86
  signing_key:
85
- specification_version: 4
87
+ specification_version: 3
86
88
  summary: SameYAML provides an alternative implementation of YAML.load suitable for
87
89
  accepting user input in Ruby applications.
88
90
  test_files:
checksums.yaml DELETED
@@ -1,15 +0,0 @@
1
- ---
2
- !binary "U0hBMQ==":
3
- metadata.gz: !binary |-
4
- NzIwZmQ5ODg1ODZjY2Q1YzMyNGFlNjE1N2QyZjczNDExMWQyZGNlNg==
5
- data.tar.gz: !binary |-
6
- OGU2MzA2YTgzZDVkYTY2NGM3NjMyNGQ3ZTUwOTFjN2M0ODMxYzdjMg==
7
- !binary "U0hBNTEy":
8
- metadata.gz: !binary |-
9
- NDAzMDU0MWU3OTRhMjdmYzIzMmI1OWM4YzNiYTU5OGFkNDlkNDA4OGI3ZWIx
10
- NDU4OWRlNmMxMDM0NWE3YjMxYmQxYjczMTZhNDNlYjZlZTRiZDRiZTg0NWQz
11
- MmFiMzA1YjRkODY0NDIwOTAyYTQ1NjE0OTc5NjEwMjFmMDlkYzI=
12
- data.tar.gz: !binary |-
13
- NmEzYWQ5MjA1ZTNlZTAyOTdlYWFjYTU0NzNkZDJjMWEyZTgxODJlZTg1ZWQ3
14
- MjY4YTAwYzU4ZTI0ZjJkNzZlZmQ4ZWM2ZGViYzI1MDRiZTI5Y2EyZDI2NDAx
15
- ZGNjYjViNjkyYmMyNzgxZTc5ZDA4MzNmODVkODA4NGFlNzJkZGI=