wikiwiki 0.7.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.ja.md +17 -0
- data/README.md +17 -0
- data/lib/wikiwiki/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 637f781de0cde55bb67c79d67624df9cc4255bac9e35e6b144fc6170d34b1d5d
|
|
4
|
+
data.tar.gz: 3155651131252d9e84260584fb3f7dcd6c21ffd52ac48fe16da2b605ac1948ae
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e5a8ce9a48d65aa95d7334289e5966a72228f9da9adc22799ac7ef63de802f463e882e5aec90e784d35f8411688ec24af6ddd9b9b14702a6988c61fc4d7a1357
|
|
7
|
+
data.tar.gz: 432bc7bfc745d96b4fcb00e296dbb3fb96ebe34a8bd9d6b06042054e633ca12a7863ce6a1d77bb638f81232258b5400102ed04fd02d65a8693735576bd0cea6c
|
data/CHANGELOG.md
CHANGED
data/README.ja.md
CHANGED
|
@@ -130,6 +130,23 @@ wikiwiki page list --verbose
|
|
|
130
130
|
wikiwiki page list --debug
|
|
131
131
|
```
|
|
132
132
|
|
|
133
|
+
**一括ダウンロード時のセキュリティ注意:**
|
|
134
|
+
|
|
135
|
+
APIから取得したページ名や添付ファイル名を使用してページや添付ファイルを一括ダウンロードする自動化処理を行う場合、これらの名前にパストラバーサルシーケンス(例:`../../../etc/passwd`)が含まれている可能性があることに注意してください。ファイルパスとして使用する前に、必ず検証またはサニタイズを行ってください:
|
|
136
|
+
|
|
137
|
+
```bash
|
|
138
|
+
# 悪い例: シェルスクリプトでAPIから取得した名前を直接使用
|
|
139
|
+
for name in $(wikiwiki page list --json | jq -r '.[]'); do
|
|
140
|
+
wikiwiki page get "$name" "$name.txt" # 安全でない: nameに../が含まれる可能性
|
|
141
|
+
done
|
|
142
|
+
|
|
143
|
+
# 良い例: 自動化スクリプト内で名前をサニタイズ
|
|
144
|
+
for name in $(wikiwiki page list --json | jq -r '.[]'); do
|
|
145
|
+
safe_name=$(basename "$name") # ディレクトリ成分を削除
|
|
146
|
+
wikiwiki page get "$name" "$safe_name.txt"
|
|
147
|
+
done
|
|
148
|
+
```
|
|
149
|
+
|
|
133
150
|
### Rubyライブラリ
|
|
134
151
|
|
|
135
152
|
ライブラリを使用する基本的な例:
|
data/README.md
CHANGED
|
@@ -130,6 +130,23 @@ wikiwiki page list --verbose
|
|
|
130
130
|
wikiwiki page list --debug
|
|
131
131
|
```
|
|
132
132
|
|
|
133
|
+
**Security Note for Bulk Downloads:**
|
|
134
|
+
|
|
135
|
+
When automating bulk downloads of pages or attachments using page/attachment names from the API, be aware that these names may contain path traversal sequences (e.g., `../../../etc/passwd`). Always validate or sanitize names before using them as file paths:
|
|
136
|
+
|
|
137
|
+
```bash
|
|
138
|
+
# Bad: Direct use of API-provided names in shell scripts
|
|
139
|
+
for name in $(wikiwiki page list --json | jq -r '.[]'); do
|
|
140
|
+
wikiwiki page get "$name" "$name.txt" # UNSAFE if name contains ../
|
|
141
|
+
done
|
|
142
|
+
|
|
143
|
+
# Good: Sanitize names in your automation script
|
|
144
|
+
for name in $(wikiwiki page list --json | jq -r '.[]'); do
|
|
145
|
+
safe_name=$(basename "$name") # Remove directory components
|
|
146
|
+
wikiwiki page get "$name" "$safe_name.txt"
|
|
147
|
+
done
|
|
148
|
+
```
|
|
149
|
+
|
|
133
150
|
### Ruby Library
|
|
134
151
|
|
|
135
152
|
Basic example using the library:
|
data/lib/wikiwiki/version.rb
CHANGED