packages/rubygem-yard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:6da38ddadb8a60ea2f9e002119c0bc696c2ab5bd
Branches Tags
packages:main
...
compare: packages:612a05c59e46fc55ed32ef87a7df932eabbc3510
Branches Tags
packages:main

10 Commits
6da38ddadb ... 612a05c59e

Author SHA1 Message Date
openeuler-ci-bot
612a05c59e
!11 Fix CVE-2024-27285 
From: @starlet-dx 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001
 2024-02-29 03:14:27 +00:00
starlet-dx
3ba85b2ab0 Fix CVE-2024-27285 2024-02-29 10:37:42 +08:00
openeuler-ci-bot
39d219c004
!10 Update to 0.9.34 
From: @lyn1001 
Reviewed-by: @caodongxia 
Signed-off-by: @caodongxia
 2023-08-01 08:10:08 +00:00
lyn1001
a987f04375 update to 0.9.34 2023-08-01 15:46:52 +08:00
openeuler-ci-bot
02c2a27f61
!9 update to 0.9.28 
From: @caodongxia 
Reviewed-by: @small_leek 
Signed-off-by: @small_leek
 2023-01-30 00:58:25 +00:00
caodongxia
4029f65e73 update to 0.9.28 2023-01-17 17:23:53 +08:00
openeuler-ci-bot
fd6f2d9a60
!8 [sync] PR-7: Fix build error for Ruby 3 
From: @openeuler-sync-bot 
Reviewed-by: @shinwell_hu 
Signed-off-by: @shinwell_hu
 2022-03-30 08:30:17 +00:00
lyn1001
3c748f00e3 Fix build error for Ruby 3 
(cherry picked from commit 0ce0d75737012970ef81b0abad61e8ba80f86885)
 2022-03-22 19:50:16 +08:00
openeuler-ci-bot
1a82c10d41 !2 CVE-2019-1020001 
From: @houyingchao
Reviewed-by: @programmer12,@small_leek
Signed-off-by: @small_leek
 2021-07-26 11:59:13 +00:00
houyingchao
83e2b32de4 CVE-2019-1020001 2021-07-26 19:08:39 +08:00
5 changed files with 64 additions and 17 deletions
Show Stats Expand all files Collapse all files

27
CVE-2024-27285.patch Normal file
View File

@ -0,0 +1,27 @@
From d78fc393d603c4fc35975969296ed381146a29d4 Mon Sep 17 00:00:00 2001
From: Aviv Keller <38299977+RedYetiDev@users.noreply.github.com>
Date: Wed, 28 Feb 2024 12:57:39 -0500
Subject: [PATCH] Update frames.erb
---
templates/default/fulldoc/html/frames.erb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/templates/default/fulldoc/html/frames.erb b/templates/default/fulldoc/html/frames.erb
index e803bcd6c..994aee97e 100644
--- a/templates/default/fulldoc/html/frames.erb
+++ b/templates/default/fulldoc/html/frames.erb
@@ -5,10 +5,10 @@
<title><%= options.title %></title>
</head>
<script type="text/javascript">
- var match = unescape(window.location.hash).match(/^#!(.+)/);
+ var match = decodeURIComponent(window.location.hash).match(/^#!(.+)/);
var name = match ? match[1] : '<%= url_for_main %>';
- name = name.replace(/^(\w+):\/\//, '').replace(/^\/\//, '');
- window.top.location = name;
+ name = name.replace(/^((\w*):)?[\/\\]*/gm, '').trim();
+ window.top.location.replace(name)
</script>
<noscript>
<h1>Oops!</h1>

54
rubygem-yard.spec
View File

@ -1,13 +1,19 @@
%global gem_name yard %global gem_name yard
Name: rubygem-%{gem_name} Name: rubygem-%{gem_name}
Version: 0.9.12 Version: 0.9.34
Release: 1 Release: 2
Summary: Documentation tool for consistent and usable documentation in Ruby Summary: Documentation tool for consistent and usable documentation in Ruby
License: MIT and (BSD or Ruby) License: MIT and (BSD or Ruby)
URL: http://yardoc.org URL: http://yardoc.org
Source0: https://rubygems.org/gems/yard-%{version}.gem Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem
BuildRequires: ruby(release) rubygems-devel ruby rubygem(RedCloth) rubygem(bundler) # git clone http://github.com/lsegal/yard
BuildRequires: rubygem(rspec) rubygem(redcarpet) rubygem(rack) # cd yard && git archive -v -o yard-0.9.34-spec.txz v0.9.34 spec/
Source1: %{gem_name}-%{version}-spec.txz
# https://github.com/lsegal/yard/commit/d78fc393d603c4fc35975969296ed381146a29d4
Patch0: CVE-2024-27285.patch
BuildRequires: ruby(release) rubygems-devel ruby rubygem(RedCloth) rubygem(asciidoctor) rubygem(bundler)
BuildRequires: rubygem(rspec) rubygem(redcarpet) rubygem(rack) rubygem(webrick)
BuildArch: noarch BuildArch: noarch
%description %description
YARD is a documentation generation tool for the Ruby programming language. YARD is a documentation generation tool for the Ruby programming language.
@ -23,7 +29,8 @@ BuildArch: noarch
Documentation for %{name}. Documentation for %{name}.
%prep %prep
%setup -q -n %{gem_name}-%{version} %setup -q -n %{gem_name}-%{version} -b1
%patch0 -p1
%build %build
gem build ../%{gem_name}-%{version}.gemspec gem build ../%{gem_name}-%{version}.gemspec
@ -36,15 +43,15 @@ cp -a .%{gem_dir}/* \
mkdir -p %{buildroot}%{_bindir} mkdir -p %{buildroot}%{_bindir}
cp -a .%{_bindir}/* \ cp -a .%{_bindir}/* \
%{buildroot}%{_bindir}/ %{buildroot}%{_bindir}/
find %{buildroot}%{gem_instdir} -type f | xargs chmod a-x find %{buildroot}%{gem_instdir}/bin -type f | xargs chmod 0755
find %{buildroot}%{gem_instdir}/bin -type f | xargs chmod a+x
%check %check
pushd .%{gem_instdir} pushd .%{gem_instdir}
sed -i '/bundler\/setup/ s/^/#/' spec/spec_helper.rb cp -r %{_builddir}/spec .
sed -i '/allow(File)\.to receive(:exist?).with(\/\\\.yardopts$\/)/ i\ allow(File).to receive(:exist?).and_return(true)' spec/cli/server_spec.rb
sed -i '/expect(File)\.to receive(:file?).with(%r{\/\\\.yard\/yri_cache$})\.and_return(false)/ i\ allow(File).to receive(:file?).and_return(false)' spec/cli/yri_spec.rb sed -i spec/cli/diff_spec.rb -e '\@"searches for .gem file"@s|\([ \t]it \)|\txit |'
rspec -rspec_helper spec
rspec -r spec_helper spec
popd popd
%files %files
@ -52,11 +59,12 @@ popd
%{_bindir}/yard %{_bindir}/yard
%{_bindir}/yardoc %{_bindir}/yardoc
%{_bindir}/yri %{_bindir}/yri
%exclude %{gem_instdir}/.yardopts %exclude %{gem_instdir}/.*
%license %{gem_instdir}/LEGAL %license %{gem_instdir}/LEGAL
%license %{gem_instdir}/LICENSE %license %{gem_instdir}/LICENSE
%{gem_instdir}/bin %{gem_instdir}/bin
%{gem_libdir} %{gem_libdir}
%{gem_instdir}/po
%{gem_instdir}/templates %{gem_instdir}/templates
%exclude %{gem_cache} %exclude %{gem_cache}
%{gem_spec} %{gem_spec}
@ -65,12 +73,24 @@ popd
%doc %{gem_docdir} %doc %{gem_docdir}
%doc %{gem_instdir}/CHANGELOG.md %doc %{gem_instdir}/CHANGELOG.md
%doc %{gem_instdir}/README.md %doc %{gem_instdir}/README.md
%{gem_instdir}/Rakefile %{gem_plugin}
%{gem_instdir}/benchmarks
%doc %{gem_instdir}/docs %doc %{gem_instdir}/docs
%{gem_instdir}/spec
%{gem_instdir}/%{gem_name}.gemspec
%changelog %changelog
* Thu Feb 29 2024 yaoxin <yao_xin001@hoperun.com> - 0.9.34-2
- Fix CVE-2024-27285
* Tue Aug 1 2023 liyanan <thistleslyn@163.com> - 0.9.34-1
- Update to 0.9.34
* Tue Jan 17 2023 caodongxia <caodongxia@h-partners.com> - 0.9.28-1
- update to 0.9.28
* Sat Jan 22 2022 liyanan <liyanan32@huawei.com> - 0.9.26-2
- Fix build error for Ruby 3
* Mon Jul 26 2021 houyingchao <houyingchao@huawei.com> - 0.9.26-1
- Upgrade to 0.9.26
* Sat Aug 8 2020 yanan li <liyanan032@huawei.com> - 0.9.12-1 * Sat Aug 8 2020 yanan li <liyanan032@huawei.com> - 0.9.12-1
- Package init - Package init

BIN
yard-0.9.12.gem
View File

Binary file not shown.

BIN
yard-0.9.34-spec.txz Normal file
View File

Binary file not shown.

BIN
yard-0.9.34.gem Normal file
View File

Binary file not shown.