From 7f80b61aad8ff44a7b6acf6832eac037012f31ac Mon Sep 17 00:00:00 2001 From: Paul Westcott Date: Wed, 11 May 2022 19:06:57 +1000 Subject: [PATCH 01/11] Default to local PlantUML server for security (#412) --- lib/gollum-lib/filter/plantuml.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/gollum-lib/filter/plantuml.rb b/lib/gollum-lib/filter/plantuml.rb index 90583416..e413f21b 100644 --- a/lib/gollum-lib/filter/plantuml.rb +++ b/lib/gollum-lib/filter/plantuml.rb @@ -37,7 +37,7 @@ # class Gollum::Filter::PlantUML < Gollum::Filter - DEFAULT_URL = "http://www.plantuml.com/plantuml/png" + DEFAULT_URL = "http://localhost:8080/plantuml/png" # Configuration class used to change the behaviour of the PlatnUML filter. # From 86d00203bf295b3e5b82823615eda2c46e28dc9a Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Tue, 24 May 2022 16:39:39 +0200 Subject: [PATCH 02/11] Update octicons --- gemspec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gemspec.rb b/gemspec.rb index 16492e7e..cac2b4d7 100644 --- a/gemspec.rb +++ b/gemspec.rb @@ -26,7 +26,7 @@ def specification(version, default_adapter, platform = nil) s.add_dependency 'loofah', '~> 2.3' s.add_dependency 'github-markup', '~> 4.0' s.add_dependency 'gemojione', '~> 4.1' - s.add_dependency 'octicons', '~> 12.0' + s.add_dependency 'octicons', '~> 17.0' s.add_dependency 'twitter-text', '1.14.7' s.add_development_dependency 'org-ruby', '~> 0.9.9' From af3793e366dae35175c1874e3550cba2ae3d0ac9 Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Tue, 13 Sep 2022 10:03:45 +0200 Subject: [PATCH 03/11] Implement default branch detection, move away from master as default. (#424) * Implement default branch detection, move away from master as default. * Depend on rugged_adapter v2.0 * Depend rjgit-adapter v1.0 * Depend on older activesupport on JRuby in development for ruby 2.7 support * Add LATEST_CHANGES.md --- Gemfile | 8 +++++++- LATEST_CHANGES.md | 7 +++++++ gollum-lib_java.gemspec | 2 +- lib/gollum-lib/wiki.rb | 12 ++++++++---- 4 files changed, 23 insertions(+), 6 deletions(-) diff --git a/Gemfile b/Gemfile index b1a64499..8da7c073 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,9 @@ source 'https://rubygems.org' - gemspec :name => 'gollum-lib' +gem 'irb' + +if RUBY_PLATFORM == 'java' then + group :development do + gem 'activesupport', '~> 6.0' + end +end diff --git a/LATEST_CHANGES.md b/LATEST_CHANGES.md index a97b5bad..95bba7af 100644 --- a/LATEST_CHANGES.md +++ b/LATEST_CHANGES.md @@ -1,3 +1,10 @@ +<<<<<<< HEAD # 5.2.4 / 2023-03-22 * Bugfix release: address XSS vulnerability ( @6661620a, @dometto) +======= +# 6.0 + +* Default to local PlantUML server for security. #412. (@manofstick) +* Allow use of default branch name `main` or `master. Resolves https://github.com/gollum/gollum/issues/1813. (@dometto) +>>>>>>> 462ce53 (Implement default branch detection, move away from master as default. (#424)) diff --git a/gollum-lib_java.gemspec b/gollum-lib_java.gemspec index 02e7a28a..8db08747 100644 --- a/gollum-lib_java.gemspec +++ b/gollum-lib_java.gemspec @@ -1,4 +1,4 @@ require File.join(File.dirname(__FILE__), 'gemspec.rb') require File.join(File.dirname(__FILE__), 'lib', 'gollum-lib', 'version.rb') -default_adapter = ['gollum-rjgit_adapter', '~> 0.6'] +default_adapter = ['gollum-rjgit_adapter', '~> 1.0'] Gem::Specification.new &specification(Gollum::Lib::VERSION, default_adapter, "java") diff --git a/lib/gollum-lib/wiki.rb b/lib/gollum-lib/wiki.rb index a0cc8710..920399fb 100644 --- a/lib/gollum-lib/wiki.rb +++ b/lib/gollum-lib/wiki.rb @@ -7,7 +7,7 @@ class Wiki class << self # Sets the default ref for the wiki. - attr_writer :default_ref + attr_writer :default_refs # Sets the default name for commits. attr_writer :default_committer_name @@ -19,8 +19,12 @@ class << self # These defaults can be overridden by options passed directly to initialize() attr_writer :default_options - def default_ref - @default_ref || 'master' + def find_default_ref(repo) + repo.find_branch(self.default_refs) || Gollum::Git.global_default_branch || self.default_refs.first + end + + def default_refs + @default_refs || ['master', 'main'] end def default_committer_name @@ -132,7 +136,7 @@ def initialize(path, options = {}) @access = options.fetch :access, GitAccess.new(path, @page_file_dir, @repo_is_bare) @base_path = options.fetch :base_path, "/" @repo = @access.repo - @ref = options.fetch :ref, self.class.default_ref + @ref = options.fetch :ref, self.class.find_default_ref(@repo) @universal_toc = options.fetch :universal_toc, false @mathjax = options.fetch :mathjax, false @global_tag_lookup = options.fetch :global_tag_lookup, false From b74c62b21cd2aaa0730fc529119f8169a631f193 Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Sun, 27 Nov 2022 20:56:31 +0100 Subject: [PATCH 04/11] Move sanitize filter forwards in the filter chain (#429) --- lib/gollum-lib/filter/macro.rb | 2 +- test/test_macros.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/gollum-lib/filter/macro.rb b/lib/gollum-lib/filter/macro.rb index 2023b3f9..e93e06ec 100644 --- a/lib/gollum-lib/filter/macro.rb +++ b/lib/gollum-lib/filter/macro.rb @@ -55,6 +55,6 @@ def process(data) end end - sanitize(data) + data end end diff --git a/test/test_macros.rb b/test/test_macros.rb index c1375424..ef734975 100644 --- a/test/test_macros.rb +++ b/test/test_macros.rb @@ -200,7 +200,7 @@ def render(opts) assert_match /
)>>', commit_details) assert_not_match / Date: Sun, 27 Nov 2022 21:22:06 +0100 Subject: [PATCH 05/11] Allow defining custom rendering Procs for a format (#433) --- lib/gollum-lib/filter/render.rb | 6 +++++- lib/gollum-lib/markup.rb | 10 ++++++++-- test/test_markup.rb | 11 +++++++++++ 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/lib/gollum-lib/filter/render.rb b/lib/gollum-lib/filter/render.rb index b394826f..560a9bcc 100644 --- a/lib/gollum-lib/filter/render.rb +++ b/lib/gollum-lib/filter/render.rb @@ -6,7 +6,11 @@ def extract(data) working_dir = Pathname.new(@markup.wiki.path).join(@markup.dir) working_dir = working_dir.exist? ? working_dir.to_s : '.' Dir.chdir(working_dir) do - data = GitHub::Markup.render_s(@markup.format, data) + if block = @markup.custom_renderer + data = block.call(data) + else + data = GitHub::Markup.render_s(@markup.format, data) + end end if data.nil? raise "There was an error converting #{@markup.name} to HTML." diff --git a/lib/gollum-lib/markup.rb b/lib/gollum-lib/markup.rb index c39f9ec6..d4189eb0 100644 --- a/lib/gollum-lib/markup.rb +++ b/lib/gollum-lib/markup.rb @@ -61,7 +61,9 @@ def register(ext, name, options = {}, &block) :extensions => new_extension, :reverse_links => options.fetch(:reverse_links, false), :skip_filters => options.fetch(:skip_filters, nil), - :enabled => options.fetch(:enabled, true) } + :enabled => options.fetch(:enabled, true), + :render => options.fetch(:render, nil) + } @extensions.concat(new_extension) end end @@ -102,6 +104,10 @@ def reverse_links? self.class.formats[@format][:reverse_links] end + def custom_renderer + self.class.formats[@format].fetch(:render, nil) + end + # Whether or not a particular filter should be skipped for this format. def skip_filter?(filter) if self.class.formats[@format][:skip_filters].respond_to?(:include?) @@ -119,7 +125,7 @@ def skip_filter?(filter) # filter_chain - the chain to process # # Returns the formatted data - def process_chain(data, filter_chain) + def process_chain(data, filter_chain, &block) # First we extract the data through the chain... filter_chain.each do |filter| data = filter.extract(data) diff --git a/test/test_markup.rb b/test/test_markup.rb index 2ced1fa4..83246dfe 100644 --- a/test/test_markup.rb +++ b/test/test_markup.rb @@ -100,6 +100,7 @@ test 'github-markup knows about gollum markups' do markups_with_render_filter = Gollum::Markup.formats.select do |k, v| + return false if v[:render] case v[:skip_filters] when Array !v[:skip_filters].include?(:Render) @@ -114,6 +115,16 @@ end end + test 'formats can define custom rendering block' do + Gollum::Markup.register( + :xyz, "Xyz", :extensions => ['xyz'], + :enabled => true, + :render => proc {|content| content.upcase }, + ) + page = @wiki.write_page('XyzTest', :xyz, 'helloworld', commit_details) + assert_equal 'HELLOWORLD', @wiki.page('XyzTest').formatted_data + end + ######################################################################### # # Links From e5752410ecfb6881aee8eecb8b5f0a0d22b3e3c7 Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Wed, 21 Dec 2022 12:37:45 +0100 Subject: [PATCH 06/11] Receive :note in Committer options hash (#431) --- lib/gollum-lib/committer.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/gollum-lib/committer.rb b/lib/gollum-lib/committer.rb index af200ff4..38d26f20 100644 --- a/lib/gollum-lib/committer.rb +++ b/lib/gollum-lib/committer.rb @@ -18,6 +18,7 @@ class Committer # :message - The String commit message. # :name - The String author full name. # :email - The String email address. + # :note - Optional String containing info about the commit. Not used, but can be accessed from inside the :post_commit Hook. # :parent - Optional Gollum::Git::Commit parent to this update. # :tree - Optional String SHA of the tree to create the # index from. From ea3e12188e26478c6060a382108d0973892dd12f Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Tue, 24 Jan 2023 22:16:07 +0100 Subject: [PATCH 07/11] Preserve relative links for absent pages (#434) * Preserve relative links for absent pages Co-authored-by: bartkamphorst --- lib/gollum-lib/filter/tags.rb | 8 +++++++- lib/gollum-lib/helpers.rb | 6 +++--- test/test_markup.rb | 21 +++++++++++++++++++++ 3 files changed, 31 insertions(+), 4 deletions(-) diff --git a/lib/gollum-lib/filter/tags.rb b/lib/gollum-lib/filter/tags.rb index 2fd9d00e..0808701e 100644 --- a/lib/gollum-lib/filter/tags.rb +++ b/lib/gollum-lib/filter/tags.rb @@ -231,7 +231,13 @@ def process_page_link_tag(link_part, pretty_name = nil) name = page ? path_to_link_text(link) : link end - link = page ? page.escaped_url_path : ERB::Util.url_encode(link).force_encoding('utf-8') + if page + link = page.escaped_url_path + else + link = Pathname.new(link).relative? ? "#{@markup.dir.to_s}/#{link}" : link + link = ERB::Util.url_encode(link).force_encoding('utf-8') + end + generate_link(link, name, extra, presence) end diff --git a/lib/gollum-lib/helpers.rb b/lib/gollum-lib/helpers.rb index 08180550..7870c646 100644 --- a/lib/gollum-lib/helpers.rb +++ b/lib/gollum-lib/helpers.rb @@ -3,12 +3,12 @@ module Gollum module Helpers - # If url starts with a leading slash, trim down its number of leading slashes to 1. Else, return url unchanged. + # Replace url-encoded slashes ('%2F') with slashes + # Clean up double slashes def trim_leading_slashes(url) return nil if url.nil? url.gsub!('%2F', '/') - return '/' + url.gsub(/^\/+/, '') if url[0, 1] == '/' - url + Pathname.new(url).cleanpath.to_s end # Take a link path and turn it into a string for display as link text. diff --git a/test/test_markup.rb b/test/test_markup.rb index 83246dfe..8180a9d8 100644 --- a/test/test_markup.rb +++ b/test/test_markup.rb @@ -227,6 +227,27 @@ assert_match regx, @wiki.page(page.name, sha1).formatted_data assert_match regx, @wiki.page(page.name, sha2).formatted_data end + + test "absent relative page link from subdirectory" do + index = @wiki.repo.index + index.add("subdir/Bilbo-Baggins.md", "a [[Foo|Doesntexist]] b") + index.commit("Add files") + + page = @wiki.page("subdir/Bilbo-Baggins") + output = Gollum::Markup.new(page).render + assert_html_equal %{

a Foo b

}, output + end + + test "absent absolute page link from subdirectory" do + index = @wiki.repo.index + index.add("subdir/Bilbo-Baggins.md", "a [[Foo|/Doesntexist]] b") + index.commit("Add files") + + page = @wiki.page("subdir/Bilbo-Baggins") + output = Gollum::Markup.new(page).render + assert_html_equal %{

a Foo b

}, output + end + test "absent page link" do @wiki.write_page("Tolkien", :markdown, "a [[J. R. R. Tolkien]]'s b", commit_details) From b300639a432521fc85147c3fc82ac6de3510cdc3 Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Sun, 12 Mar 2023 19:52:10 +0100 Subject: [PATCH 08/11] Support for git notes (#435) Co-authored-by: Bart Kamphorst --- LATEST_CHANGES.md | 4 ++++ lib/gollum-lib/committer.rb | 1 + test/test_committer.rb | 17 +++++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/LATEST_CHANGES.md b/LATEST_CHANGES.md index 95bba7af..9e15eba8 100644 --- a/LATEST_CHANGES.md +++ b/LATEST_CHANGES.md @@ -7,4 +7,8 @@ * Default to local PlantUML server for security. #412. (@manofstick) * Allow use of default branch name `main` or `master. Resolves https://github.com/gollum/gollum/issues/1813. (@dometto) +<<<<<<< HEAD >>>>>>> 462ce53 (Implement default branch detection, move away from master as default. (#424)) +======= +* Support use of commit notes in Gollum::Committer. (@dometto, @bartkamphorst) +>>>>>>> 8384b51 (Support for git notes (#435)) diff --git a/lib/gollum-lib/committer.rb b/lib/gollum-lib/committer.rb index 38d26f20..103f1293 100644 --- a/lib/gollum-lib/committer.rb +++ b/lib/gollum-lib/committer.rb @@ -129,6 +129,7 @@ def commit @callbacks.each do |cb| cb.call(self, sha1) end + @wiki.repo.commit(sha1).note=@options[:note] if @options[:note] Hook.execute(:post_commit, self, sha1) sha1 end diff --git a/test/test_committer.rb b/test/test_committer.rb index a8118796..439818e0 100644 --- a/test/test_committer.rb +++ b/test/test_committer.rb @@ -135,3 +135,20 @@ @wiki.update_page(page, page.name, format, "# Elrond", commit_details()) end end + +context "Committer with a writable wiki" do + setup do + @path = cloned_testpath("examples/lotr.git") + @wiki = Gollum::Wiki.new(@path) + end + + test "supports notes" do + committer = Gollum::Committer.new(@wiki, note: 'My notes') + committer.commit + assert_equal @wiki.repo.head.commit.note, 'My notes' + end + + teardown do + FileUtils.rm_rf(@path) + end +end \ No newline at end of file From 4c7e28287e194cfbc50e0bb62425dd51b737b79b Mon Sep 17 00:00:00 2001 From: Dawa Ometto Date: Tue, 25 Apr 2023 22:32:07 +0200 Subject: [PATCH 09/11] Ensure boolean Macro arguments are parsed as boolean. Resolves #441 (#447) * Ensure Macro boolean arguments are parsed as boolean. * Drop CI support for Ruby 2.6 * Also drop support for JRuby 9.3, which is compatible with Ruby 2.6 --- LATEST_CHANGES.md | 7 +++++++ lib/gollum-lib/filter/macro.rb | 19 ++++++++++++------- test/test_macros.rb | 7 +++++++ 3 files changed, 26 insertions(+), 7 deletions(-) diff --git a/LATEST_CHANGES.md b/LATEST_CHANGES.md index 9e15eba8..230f14b0 100644 --- a/LATEST_CHANGES.md +++ b/LATEST_CHANGES.md @@ -11,4 +11,11 @@ >>>>>>> 462ce53 (Implement default branch detection, move away from master as default. (#424)) ======= * Support use of commit notes in Gollum::Committer. (@dometto, @bartkamphorst) +<<<<<<< HEAD >>>>>>> 8384b51 (Support for git notes (#435)) +======= + +### Bugfixes + +* Fix the use of boolean arguments in Macros. #441. (@dometto) +>>>>>>> 0db2ff5 (Ensure boolean Macro arguments are parsed as boolean. Resolves #441 (#447)) diff --git a/lib/gollum-lib/filter/macro.rb b/lib/gollum-lib/filter/macro.rb index e93e06ec..5f79ac10 100644 --- a/lib/gollum-lib/filter/macro.rb +++ b/lib/gollum-lib/filter/macro.rb @@ -22,13 +22,18 @@ def extract(data) argstr.scan(/,?\s*(#{arg})\s*/) do |arguments| # Stabstabstab argument = arguments.first - - if argument =~ /^([a-z0-9_]+)="(.*?)"/ - opts[Regexp.last_match[1]] = Regexp.last_match[2] - elsif argument =~ /^"(.*)"$/ - args << Regexp.last_match[1].gsub("\\\"", "\"") - else - args << argument + + case argument + in /^([a-z0-9_]+)="(.*?)"/ + opts[Regexp.last_match[1]] = Regexp.last_match[2] + in /^"(.*)"$/ + args << Regexp.last_match[1].gsub("\\\"", "\"") + in /\s*false\s*/ + args << false + in /\s*true\s*/ + args << true + else + args << argument end end diff --git a/test/test_macros.rb b/test/test_macros.rb index ef734975..24604905 100644 --- a/test/test_macros.rb +++ b/test/test_macros.rb @@ -50,6 +50,13 @@ def render(opts) assert_match /
Navigate this directory<\/div>