New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a nanoc filter for erubi #1103

Merged
merged 2 commits into from Mar 15, 2017

Conversation

Projects
None yet
2 participants
@Fjan
Contributor

Fjan commented Mar 4, 2017

Add a nanoc filter for Erubi

To do

The test runs but Rubocop flags the use of eval. Erb / Erubis / Erubi all need to use eval, and can never be run on untrusted input, so I would suggest suppressing the warning.

Related issues

nanoc/features#8
#1096

@ddfreyne ddfreyne added this to the 4.7 milestone Mar 4, 2017

@ddfreyne

This comment has been minimized.

Show comment
Hide comment
@ddfreyne

ddfreyne Mar 4, 2017

Member

Update .rubocop to exclude the the Security/Eval check for this file:

Security/Eval:
  Exclude:
    - 'test/**/*.rb'
    - 'spec/**/*.rb'
    - 'lib/nanoc/base/entities/code_snippet.rb'
    - 'lib/nanoc/filters/erubi.rb'
Member

ddfreyne commented Mar 4, 2017

Update .rubocop to exclude the the Security/Eval check for this file:

Security/Eval:
  Exclude:
    - 'test/**/*.rb'
    - 'spec/**/*.rb'
    - 'lib/nanoc/base/entities/code_snippet.rb'
    - 'lib/nanoc/filters/erubi.rb'
@ddfreyne

This comment has been minimized.

Show comment
Hide comment
@ddfreyne

ddfreyne Mar 4, 2017

Member

Looks good! I’ll release this as part of Nanoc 4.7.

Member

ddfreyne commented Mar 4, 2017

Looks good! I’ll release this as part of Nanoc 4.7.

@ddfreyne ddfreyne merged commit f3025e1 into nanoc:master Mar 15, 2017

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
@ddfreyne

This comment has been minimized.

Show comment
Hide comment
@ddfreyne

ddfreyne Mar 15, 2017

Member

@Fjan I forgot to attribute you in the release notes for 4.7, but it’ll be rectified in the 4.7.1 release notes (see e753887). Sorry!

Member

ddfreyne commented Mar 15, 2017

@Fjan I forgot to attribute you in the release notes for 4.7, but it’ll be rectified in the 4.7.1 release notes (see e753887). Sorry!

@Fjan

This comment has been minimized.

Show comment
Hide comment
@Fjan

Fjan Mar 15, 2017

Contributor

Sure, no problem :-)

Contributor

Fjan commented Mar 15, 2017

Sure, no problem :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment