diff options
author | taca <taca@pkgsrc.org> | 2013-09-15 16:31:27 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2013-09-15 16:31:27 +0000 |
commit | aeefbb98782c5f59c1ecf6be74febf980abb77a5 (patch) | |
tree | ffbf1a84ad998f2d5fffce3c84dcd8b9abd6c996 /textproc/ruby-safe_yaml | |
parent | 1f4020b2ff62340500fd221b905a782918b393db (diff) | |
download | pkgsrc-aeefbb98782c5f59c1ecf6be74febf980abb77a5.tar.gz |
Add ruby-safe_yaml package version 0.9.5.
The SafeYAML gem provides an alternative implementation of `YAML.load`
suitable for accepting user input in Ruby applications. Unlike Ruby's
built-in implementation of `YAML.load`, SafeYAML's version will not expose
apps to arbitrary code execution exploits (such as [the ones
discovered](http://www.reddit.com/r/netsec/comments/167c11/serious_vulnerability_in_ruby_on_rails_allowing/)
[in Rails in early
2013](http://www.h-online.com/open/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html)).
If you encounter any issues with SafeYAML, check out the 'Common Issues'
section below. If you don't see anything that addresses the problem you're
experiencing, by all means, [create an
issue](https://github.com/dtao/safe_yaml/issues/new)!
Diffstat (limited to 'textproc/ruby-safe_yaml')
-rw-r--r-- | textproc/ruby-safe_yaml/DESCR | 12 | ||||
-rw-r--r-- | textproc/ruby-safe_yaml/Makefile | 12 | ||||
-rw-r--r-- | textproc/ruby-safe_yaml/PLIST | 47 | ||||
-rw-r--r-- | textproc/ruby-safe_yaml/distinfo | 5 |
4 files changed, 76 insertions, 0 deletions
diff --git a/textproc/ruby-safe_yaml/DESCR b/textproc/ruby-safe_yaml/DESCR new file mode 100644 index 00000000000..6025282a8c1 --- /dev/null +++ b/textproc/ruby-safe_yaml/DESCR @@ -0,0 +1,12 @@ +The SafeYAML gem provides an alternative implementation of `YAML.load` +suitable for accepting user input in Ruby applications. Unlike Ruby's +built-in implementation of `YAML.load`, SafeYAML's version will not expose +apps to arbitrary code execution exploits (such as [the ones +discovered](http://www.reddit.com/r/netsec/comments/167c11/serious_vulnerability_in_ruby_on_rails_allowing/) +[in Rails in early +2013](http://www.h-online.com/open/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html)). + +If you encounter any issues with SafeYAML, check out the 'Common Issues' +section below. If you don't see anything that addresses the problem you're +experiencing, by all means, [create an +issue](https://github.com/dtao/safe_yaml/issues/new)! diff --git a/textproc/ruby-safe_yaml/Makefile b/textproc/ruby-safe_yaml/Makefile new file mode 100644 index 00000000000..9ca27afef79 --- /dev/null +++ b/textproc/ruby-safe_yaml/Makefile @@ -0,0 +1,12 @@ +# $NetBSD: Makefile,v 1.1 2013/09/15 16:31:27 taca Exp $ + +DISTNAME= safe_yaml-0.9.5 +CATEGORIES= textproc + +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= http://dtao.github.com/safe_yaml/ +COMMENT= Parse YAML safely +LICENSE= mit + +.include "../../lang/ruby/gem.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/textproc/ruby-safe_yaml/PLIST b/textproc/ruby-safe_yaml/PLIST new file mode 100644 index 00000000000..8bd117b29cd --- /dev/null +++ b/textproc/ruby-safe_yaml/PLIST @@ -0,0 +1,47 @@ +@comment $NetBSD: PLIST,v 1.1 2013/09/15 16:31:27 taca Exp $ +${GEM_HOME}/cache/${GEM_NAME}.gem +${GEM_LIBDIR}/.gitignore +${GEM_LIBDIR}/.travis.yml +${GEM_LIBDIR}/CHANGES.md +${GEM_LIBDIR}/Gemfile +${GEM_LIBDIR}/LICENSE.txt +${GEM_LIBDIR}/README.md +${GEM_LIBDIR}/Rakefile +${GEM_LIBDIR}/lib/safe_yaml.rb +${GEM_LIBDIR}/lib/safe_yaml/deep.rb +${GEM_LIBDIR}/lib/safe_yaml/parse/date.rb +${GEM_LIBDIR}/lib/safe_yaml/parse/hexadecimal.rb +${GEM_LIBDIR}/lib/safe_yaml/parse/sexagesimal.rb +${GEM_LIBDIR}/lib/safe_yaml/psych_handler.rb +${GEM_LIBDIR}/lib/safe_yaml/psych_resolver.rb +${GEM_LIBDIR}/lib/safe_yaml/resolver.rb +${GEM_LIBDIR}/lib/safe_yaml/safe_to_ruby_visitor.rb +${GEM_LIBDIR}/lib/safe_yaml/syck_hack.rb +${GEM_LIBDIR}/lib/safe_yaml/syck_node_monkeypatch.rb +${GEM_LIBDIR}/lib/safe_yaml/syck_resolver.rb +${GEM_LIBDIR}/lib/safe_yaml/transform.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/to_boolean.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/to_date.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/to_float.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/to_integer.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/to_nil.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/to_symbol.rb +${GEM_LIBDIR}/lib/safe_yaml/transform/transformation_map.rb +${GEM_LIBDIR}/lib/safe_yaml/version.rb +${GEM_LIBDIR}/run_specs_all_ruby_versions.sh +${GEM_LIBDIR}/safe_yaml.gemspec +${GEM_LIBDIR}/spec/exploit.1.9.2.yaml +${GEM_LIBDIR}/spec/exploit.1.9.3.yaml +${GEM_LIBDIR}/spec/psych_resolver_spec.rb +${GEM_LIBDIR}/spec/resolver_specs.rb +${GEM_LIBDIR}/spec/safe_yaml_spec.rb +${GEM_LIBDIR}/spec/spec_helper.rb +${GEM_LIBDIR}/spec/support/exploitable_back_door.rb +${GEM_LIBDIR}/spec/syck_resolver_spec.rb +${GEM_LIBDIR}/spec/transform/base64_spec.rb +${GEM_LIBDIR}/spec/transform/to_date_spec.rb +${GEM_LIBDIR}/spec/transform/to_float_spec.rb +${GEM_LIBDIR}/spec/transform/to_integer_spec.rb +${GEM_LIBDIR}/spec/transform/to_symbol_spec.rb +${GEM_HOME}/specifications/${GEM_NAME}.gemspec +@pkgdir lib/ruby/gems/2.0.0/build_info diff --git a/textproc/ruby-safe_yaml/distinfo b/textproc/ruby-safe_yaml/distinfo new file mode 100644 index 00000000000..c61b397483d --- /dev/null +++ b/textproc/ruby-safe_yaml/distinfo @@ -0,0 +1,5 @@ +$NetBSD: distinfo,v 1.1 2013/09/15 16:31:27 taca Exp $ + +SHA1 (safe_yaml-0.9.5.gem) = e42d24f736a1fa933fec08f9841aef76a5e5fbc7 +RMD160 (safe_yaml-0.9.5.gem) = b3d24405a3a69ca6d8edc0776a606b604cafa0f3 +Size (safe_yaml-0.9.5.gem) = 25600 bytes |