safemode 1.2.3 → 1.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of safemode might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/safemode/blankslate.rb +2 -2
- data/safemode.gemspec +3 -3
- data/test/test_jail.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6b0988739d29d9191733f5c7574f94afbf78268f
|
|
4
|
+
data.tar.gz: 7cc0f83074a7c6764337deed7e8826e461800e61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c67b8263f08726a76a8b5037661b2160d7a751ded78e810c0e6071f7b5e0bdd43737c793f54cf6b37270924b3c456476b4a2aa6bf9e833ac304e0061d000240a
|
|
7
|
+
data.tar.gz: d43e1823eded45460858e5e20803daa63eaeb2790a76b7a4c5692113bd35e2abbad5340ba8212ecbeb7fab40889c636ab1e973906aa840c56afd15575c4d325b
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.2.
|
|
1
|
+
1.2.4
|
data/lib/safemode/blankslate.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Safemode
|
|
2
2
|
class Blankslate
|
|
3
|
-
@@allow_instance_methods = ['class', '
|
|
4
|
-
@@allow_class_methods = ['methods', 'new', 'name', '
|
|
3
|
+
@@allow_instance_methods = ['class', 'methods', 'respond_to?', 'respond_to_missing?', 'to_s', 'instance_variable_get']
|
|
4
|
+
@@allow_class_methods = ['methods', 'new', 'name', '<', 'ancestors', '=='] # < needed in Rails Object#subclasses_of
|
|
5
5
|
|
|
6
6
|
silently { undef_methods(*instance_methods.map(&:to_s) - @@allow_instance_methods) }
|
|
7
7
|
class << self
|
data/safemode.gemspec
CHANGED
|
@@ -2,16 +2,16 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
-
# stub: safemode 1.2.
|
|
5
|
+
# stub: safemode 1.2.4 ruby lib
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
8
|
s.name = "safemode"
|
|
9
|
-
s.version = "1.2.
|
|
9
|
+
s.version = "1.2.4"
|
|
10
10
|
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.authors = ["Sven Fuchs", "Peter Cooper", "Matthias Viehweger", "Kingsley Hendrickse", "Ohad Levy", "Dmitri Dolguikh"]
|
|
14
|
-
s.date = "2016-
|
|
14
|
+
s.date = "2016-04-14"
|
|
15
15
|
s.description = "A library for safe evaluation of Ruby code based on RubyParser and Ruby2Ruby. Provides Rails ActionView template handlers for ERB and Haml."
|
|
16
16
|
s.email = "ohadlevy@gmail.com"
|
|
17
17
|
s.extra_rdoc_files = [
|
data/test/test_jail.rb
CHANGED
|
@@ -19,7 +19,7 @@ class TestJail < Test::Unit::TestCase
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def test_jail_instances_should_have_limited_methods
|
|
22
|
-
expected = ["class", "
|
|
22
|
+
expected = ["class", "method_missing", "methods", "respond_to?", "respond_to_missing?", "to_jail", "to_s", "instance_variable_get"]
|
|
23
23
|
expected.delete('respond_to_missing?') if RUBY_VERSION > '1.9.3' # respond_to_missing? is private in rubies above 1.9.3
|
|
24
24
|
objects.each do |object|
|
|
25
25
|
assert_equal expected.sort, reject_pretty_methods(object.to_jail.methods.map(&:to_s).sort)
|
|
@@ -27,7 +27,7 @@ class TestJail < Test::Unit::TestCase
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
def test_jail_classes_should_have_limited_methods
|
|
30
|
-
expected = ["new", "methods", "name", "inherited", "method_added",
|
|
30
|
+
expected = ["new", "methods", "name", "inherited", "method_added",
|
|
31
31
|
"allow", "allowed?", "allowed_methods", "init_allowed_methods",
|
|
32
32
|
"<", # < needed in Rails Object#subclasses_of
|
|
33
33
|
"ancestors", "==" # ancestors and == needed in Rails::Generator::Spec#lookup_class
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: safemode
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sven Fuchs
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date: 2016-
|
|
16
|
+
date: 2016-04-14 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: sexp_processor
|