Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-erubi for openSUSE:Factory checked in at 2024-06-24 20:51:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-erubi (Old) and /work/SRC/openSUSE:Factory/.rubygem-erubi.new.18349 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-erubi" Mon Jun 24 20:51:02 2024 rev:9 rq:1182777 version:1.13.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-erubi/rubygem-erubi.changes 2023-11-05 12:18:35.648697395 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-erubi.new.18349/rubygem-erubi.changes 2024-06-24 20:51:59.065438338 +0200 @@ -1,0 +2,10 @@ +Fri Jun 21 09:48:26 UTC 2024 - Dan Čermák <dan.cermak@posteo.net> + +- === 1.13.0 (2024-06-13) + +* Define Erubi.h as a module function (jeremyevans) + +* Add erubi/capture_block, supporting capturing block output via standard <%= and <%== tags (jeremyevans) + + +------------------------------------------------------------------- Old: ---- erubi-1.12.0.gem New: ---- erubi-1.13.0.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-erubi.spec ++++++ --- /var/tmp/diff_new_pack.PXnFCR/_old 2024-06-24 20:51:59.789464804 +0200 +++ /var/tmp/diff_new_pack.PXnFCR/_new 2024-06-24 20:51:59.789464804 +0200 @@ -1,7 +1,7 @@ # # spec file for package rubygem-erubi # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-erubi -Version: 1.12.0 +Version: 1.13.0 Release: 0 %define mod_name erubi %define mod_full_name %{mod_name}-%{version} ++++++ erubi-1.12.0.gem -> erubi-1.13.0.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG new/CHANGELOG --- old/CHANGELOG 2022-12-22 20:28:09.000000000 +0100 +++ new/CHANGELOG 2024-06-13 19:28:03.000000000 +0200 @@ -1,3 +1,9 @@ +=== 1.13.0 (2024-06-13) + +* Define Erubi.h as a module function (jeremyevans) + +* Add erubi/capture_block, supporting capturing block output via standard <%= and <%== tags (jeremyevans) + === 1.12.0 (2022-12-22) * Use erb/escape for faster html escaping if available (jeremyevans) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.rdoc new/README.rdoc --- old/README.rdoc 2022-12-22 20:28:09.000000000 +0100 +++ new/README.rdoc 2024-06-13 19:28:03.000000000 +0200 @@ -8,7 +8,7 @@ * Works with ruby's <tt>--enable-frozen-string-literal</tt> option * Automatically freezes strings for template text when ruby optimizes it (on ruby 2.1+) * Escapes <tt>'</tt> (apostrophe) when escaping for better XSS protection -* Has 6x faster escaping on ruby 2.3+ by using cgi/escape +* Has 15x-6x faster escaping by using erb/escape or cgi/escape * Has 81% smaller memory footprint (calculated using +ObjectSpace.memsize_of_all+) * Does no monkey patching (Erubis adds a method to Kernel) * Uses an immutable design (all options passed to the constructor, which returns a frozen object) @@ -42,33 +42,75 @@ == Capturing Erubi does not support capturing block output into the template by default. -However, it comes with an +erubi/capture_end+ file that supports capturing -via <tt><%|=</tt> and <tt><%|==</tt> tags which are closed with a -<tt><%|</tt> tag: +It currently ships with two implementations that allow it. - <%|= form do %> +=== Erubi::CaptureBlockEngine + +The recommended implementation can be required via +erubi/capture_block+, +which allows capturing to work with normal <tt><%=</tt> and <tt><%==</tt> +tags. + + <%= form do %> <input> - <%| end %> + <% end %> + +When using the capture_block support, capture methods should just return +the text it emit into the template, and call +capture+ on the buffer value. +Since the buffer variable is a local variable and not an instance variable +by default, you'll probably want to set the +:bufvar+ variable when using +the capture_block support to an instance variable, and have any methods +used call capture on that instance variable. Example: -This offers similar functionality to that offered by Rails' <tt><%=</tt> -tags, but without the corner cases with that approach (which are due to -attempting to parse ruby code via a regexp). Similar to the <tt><%=</tt> -and <tt><%==</tt> tags, <tt><%|=</tt> captures by default and -<tt><%|==</tt> captures and escapes by default, but this can be reversed -via the +:escape_capture+ or +:escape+ options. + def form(&block) + "<form>#{@_buf.capture(&block)}</form>" + end -To use the capture_end support with tilt: + puts eval(Erubi::CaptureBlockEngine.new(<<-END, bufvar: '@_buf', trim: false).src) + before + <%= form do %> + inside + <% end %> + after + END + + # Output: + # before + # <form> + # inside + # </form> + # after + +To use the capture_block support with tilt: require 'tilt' - require 'erubi/capture_end' - Tilt.new("filename.erb", :engine_class=>Erubi::CaptureEndEngine).render + require 'erubi/capture_block' + Tilt.new("filename.erb", :engine_class=>Erubi::CaptureBlockEngine).render + +Note that the capture_block support, while very compatible with the default +support, is not 100% compatible. One area where behavior differs is when +using multiple statements inside <tt><%=</tt> and <tt><%==</tt> tags: + + <%= 1; 2 %> + +The default support will output 2, but the capture_block support will output +1. + +=== Erubi::CaptureEndEngine + +An alternative capture implementation can be required via +erubi/capture_end+, +which supports it via <tt><%|=</tt> and <tt><%|==</tt> tags which are +closed with a <tt><%|</tt> tag: + + <%|= form do %> + <input> + <%| end %> + +It is only recommended to use +erubi/capture_end+ for backwards +compatibilty. -When using the capture_end support, any methods (such as +form+ in the example -above) should return the (potentially modified) buffer. Since the buffer -variable is a local variable and not an instance variable by default, you'll -probably want to set the +:bufvar+ variable when using the capture_end -support to an instance variable, and have any methods used access that -instance variable. Example: +When using the capture_end support, capture methods (such as +form+ in the example +above) should return the (potentially modified) buffer. Similar to the +capture_block support, using an instance variable is recommended. Example: def form @_buf << "<form>" @@ -77,7 +119,7 @@ @_buf end - puts eval(Erubi::CaptureEndEngine.new(<<-END, :bufvar=>:@_buf).src) + puts eval(Erubi::CaptureEndEngine.new(<<-END, bufvar: '@_buf').src) before <%|= form do %> inside diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Rakefile new/Rakefile --- old/Rakefile 2022-12-22 20:28:09.000000000 +0100 +++ new/Rakefile 2024-06-13 19:28:03.000000000 +0200 @@ -16,7 +16,7 @@ RDOC_DEFAULT_OPTS = ["--line-numbers", "--inline-source", '--title', 'Erubi: Small ERB Implementation'] begin - gem 'hanna-nouveau' + gem 'hanna' RDOC_DEFAULT_OPTS.concat(['-f', 'hanna']) rescue Gem::LoadError end Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/erubi/capture_block.rb new/lib/erubi/capture_block.rb --- old/lib/erubi/capture_block.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/erubi/capture_block.rb 2024-06-13 19:28:03.000000000 +0200 @@ -0,0 +1,91 @@ +# frozen_string_literal: true + +require 'erubi' + +module Erubi + # An engine class that supports capturing blocks via the <tt><%=</tt> and <tt><%==</tt> tags: + # + # <%= upcase_form do %> + # <%= 'foo' %> + # <% end %> + # + # Where +upcase_form+ is defined like: + # + # def upcase_form(&block) + # "<form>#{@bufvar.capture(&block).upcase}</form>" + # end + # + # With output being: + # + # <form> + # FOO + # </form> + # + # This requires using a string subclass as the buffer value, provided by the + # CaptureBlockEngine::Buffer class. + # + # This engine does not support the :escapefunc option. To change the escaping function, + # use a subclass of CaptureBlockEngine::Buffer and override the #| method. + # + # This engine does not support the :chain_appends option, and ignores it if present. + class CaptureBlockEngine < Engine + class Buffer < ::String + + # Convert argument to string when concatening + def <<(v) + concat(v.to_s) + end + + # Escape argument using Erubi.h then then concatenate it to the receiver. + def |(v) + concat(h(v)) + end + + # Temporarily clear the receiver before yielding to the block, yield the + # given args to the block, return any data captured by the receiver, and + # restore the original data the receiver contained before returning. + def capture(*args) + prev = dup + replace("") # 1.8 support! + yield(*args) + dup + ensure + replace(prev) + end + + private + + if RUBY_VERSION >= '2' + define_method(:h, ::Erubi.instance_method(:h)) + # :nocov: + else + def h(v) + ::Erubi.h(v) + end + end + # :nocov: + end + + def initialize(input, properties={}) + properties = Hash[properties] + properties[:bufval] ||= '::Erubi::CaptureBlockEngine::Buffer.new' + properties[:chain_appends] = false + super + end + + private + + def add_expression_result(code) + add_expression_op(' <<= ', code) + end + + def add_expression_result_escaped(code) + add_expression_op(' |= ', code) + end + + def add_expression_op(op, code) + check = /\A\s*\z/.send(MATCH_METHOD, code) ? "''" : '' + with_buffer{@src << op << check << code} + end + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/erubi.rb new/lib/erubi.rb --- old/lib/erubi.rb 2022-12-22 20:28:09.000000000 +0100 +++ new/lib/erubi.rb 2024-06-13 19:28:03.000000000 +0200 @@ -1,7 +1,7 @@ # frozen_string_literal: true module Erubi - VERSION = '1.12.0' + VERSION = '1.13.0' # :nocov: if RUBY_VERSION >= '1.9' @@ -19,37 +19,34 @@ begin require 'erb/escape' - # :nocov: - define_singleton_method(:h, ERB::Escape.instance_method(:html_escape)) - # :nocov: + define_method(:h, ERB::Escape.instance_method(:html_escape)) + # :nocov: rescue LoadError begin require 'cgi/escape' - # :nocov: unless CGI.respond_to?(:escapeHTML) # work around for JRuby 9.1 CGI = Object.new CGI.extend(defined?(::CGI::Escape) ? ::CGI::Escape : ::CGI::Util) end - # :nocov: # Escape characters with their HTML/XML equivalents. - def self.h(value) + def h(value) CGI.escapeHTML(value.to_s) end rescue LoadError - # :nocov: ESCAPE_TABLE = {'&' => '&'.freeze, '<' => '<'.freeze, '>' => '>'.freeze, '"' => '"'.freeze, "'" => '''.freeze}.freeze if RUBY_VERSION >= '1.9' - def self.h(value) + def h(value) value.to_s.gsub(/[&<>"']/, ESCAPE_TABLE) end else - def self.h(value) + def h(value) value.to_s.gsub(/[&<>"']/){|s| ESCAPE_TABLE[s]} end end - # :nocov: end end + # :nocov: + module_function :h class Engine # The default regular expression used for scanning. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2022-12-22 20:28:09.000000000 +0100 +++ new/metadata 2024-06-13 19:28:03.000000000 +0200 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: erubi version: !ruby/object:Gem::Version - version: 1.12.0 + version: 1.13.0 platform: ruby authors: - Jeremy Evans @@ -9,7 +9,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2022-12-22 00:00:00.000000000 Z +date: 2024-06-13 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: minitest @@ -53,6 +53,7 @@ - README.rdoc - Rakefile - lib/erubi.rb +- lib/erubi/capture_block.rb - lib/erubi/capture_end.rb homepage: https://github.com/jeremyevans/erubi licenses: @@ -84,7 +85,7 @@ - !ruby/object:Gem::Version version: '0' requirements: [] -rubygems_version: 3.3.26 +rubygems_version: 3.5.9 signing_key: specification_version: 4 summary: Small ERB Implementation