root
/
rubyzip
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
961 Commits 5 Branches 33 Tags 3.6 MiB
Commit Graph

961 Commits

Author SHA1 Message Date
John Lees-Miller bb3488723f
Merge pull request #385 from mihyaeru21/remove-commas 
remove some strange commas
 2019-03-21 22:22:32 +02:00
John Lees-Miller 3219d8e5af
Merge pull request #390 from taichi-ishitani/master 
fixed FrozenError caused by frozen-string-literal
 2019-03-21 21:58:17 +02:00
John Lees-Miller 6aecdf9bd5
Merge pull request #388 from d235j/pathname-require 
require pathname where it is used
 2019-03-21 21:32:24 +02:00
John Lees-Miller cc7b18ed9a
Merge pull request #387 from aspiers/add-1.2.2-changelog 
Add Changelog for 1.2.2 (#378)
 2019-03-21 21:27:44 +02:00
taichi 0e6e626d45 fixed CI error 2019-02-28 17:40:12 +09:00
taichi 74f0d4eabb fixed errors caused by frozen-string-literal 2019-02-28 01:23:29 +09:00
David Ryskalczyk a420323c84 require pathname where it is used 2019-02-10 11:51:29 -05:00
Adam Spiers 9eac0d66e8 Add Changelog for 1.2.2 (#378) 
1.2.2 was already released in #376, so unfortunately this is too late
for inclusion in that, but at least future releases will have it.

This is just a list of the titles of all non-merge commits since
1.2.1, so it won't be as concise or readable a summary as for previous
releases, but it's better than nothing, and anyone is welcome to
volunteer to condense it further.

Closes #378.
 2019-01-23 11:08:01 +00:00
Mihyaeru afb1b79efd remove some strange commas 2018-12-04 00:14:32 +09:00
Oleksandr Simonov d07b13a6cf
Merge pull request #376 from jdleesmiller/fix-cve-2018-1000544 
Fix CVE-2018-1000544 and disable symlinks to avoid other security issues
 2018-08-31 19:17:48 +03:00
John Lees-Miller fd81bd523c Bump version to 1.2.2 2018-08-27 09:07:21 +01:00
John Lees-Miller cf35774ed6 Bump version to 1.3.0 2018-08-27 09:02:11 +01:00
John Lees-Miller ffb374c6b1 Bump version to 2.0.0 2018-08-27 08:37:53 +01:00
John Lees-Miller 8a1de58286 Expand from root rather than current working directory 2018-08-26 19:55:26 +01:00
John Lees-Miller 3dd165b494 Disable symlinks and check for path traversal 2018-08-26 14:21:38 +01:00
John Lees-Miller ffebfa3418 Consolidate path traversal tests 2018-08-26 12:13:12 +01:00
John Lees-Miller 9c468f30f3 Add jwilk's path traversal tests 2018-08-26 10:00:35 +01:00
Bart de Water 0586329d3b Trigger CI again 2018-08-26 00:52:10 -04:00
Vipul A M cf7158344c Move jruby to allow failures matrix till crc uint 32 issues are resolved 2018-08-26 00:04:18 -04:00
Bart de Water 8e78311d67 Fix CVE-2018-1000544 symlink path traversal 
Not sure if the exception is the right way to go
 2018-08-23 18:14:48 -04:00
Bart de Water 6e0d23178a Fix CVE-2018-1000544 absolute path traversal 
Small refactor along the way to centralize destination handling when no explicit path is given and a potential malicious one from the zipfile is used
 2018-08-23 18:14:48 -04:00
Oleksandr Simonov e89f6aca44
Fix jruby version 2018-08-22 12:53:52 +03:00
Oleksandr Simonov 6ea4a7171f
Merge pull request #363 from hainesr/fix-dir-glob 
Fix Zip::FileSystem::ZipFsDir#glob
 2018-08-22 12:48:29 +03:00
Robert Haines aa6284db7a When globbing in ZipFSDir, take CWD into account. 2018-04-30 20:06:21 +01:00
Robert Haines 1673da744d Pass glob through from ZipFileNameMapper. 
Just pass the basic glob straight through to the underlying Zip::File
implementation.
 2018-04-30 19:59:02 +01:00
Oleksandr Simonov 8887b70349
Merge pull request #361 from hainesr/quiet-tests 
Turn off all terminal output in all tests.
 2018-04-23 22:18:31 +03:00
Oleksandr Simonov f073f64597
Merge pull request #358 from idoru/handle-gpbit-3 
Handle stored files with general purpose bit 3 set
 2018-04-23 22:18:04 +03:00
Robert Haines cd7bb142a4 Turn off all terminal output in all tests. 
Makes things a lot easier when trying to track down bugs.
 2018-04-04 19:45:54 +01:00
Andrew Meyer c787d94852 Handle stored files with general purpose bit 3 set 
Signed-off-by: Sam Coward <scoward@pivotal.io>
 2018-04-03 16:07:18 -04:00
Oleksandr Simonov 05af1231f4
Merge pull request #353 from pnomolos/pnomolos/fix_stringio 
Added fix for calling 'close' on a StringIO-backed zip file, and specs
 2018-03-30 16:58:27 +03:00
Oleksandr Simonov bdd57e163b
Merge pull request #352 from tricknotes/bump-ruby-versions 
Bump Ruby versions on Travis CI
 2018-03-30 16:57:42 +03:00
Oleksandr Simonov c0a8ad9598
Merge pull request #355 from pnomolos/pnomolos/fix-rubocop-breakage 
Fix regression caused by automatic Rubocop fixes
 2018-03-30 16:57:25 +03:00
Phil ffd0b671b8 Fix regression caused by Rubocop cleanup 
InputStream:

```
if @current_entry && @current_entry.gp_flags & 8 == 8 && @current_entry.crc == 0 \
  && @current_entry.compressed_size == 0 \
  && @current_entry.empty? && !@internal
```

`Zip::Entry#empty?` doesn't exist, but an automatic Rubocop check thought it should be converted from `size == 0`.

Unfortunately, this is tricky to write a test for as it only fails under some very specific conditions.
 2018-02-23 13:22:57 -08:00
Phil 792266dbf3 Added fix for calling 'close' on a StringIO-backed zip file, and specs 2018-02-21 11:48:56 -08:00
Ryunosuke Sato 888ca88bee Bump Ruby versions on Travis CI 2018-01-18 12:13:18 +09:00
Oleksandr Simonov 2f80da6289
Merge pull request #350 from olleolleolle/patch-1 
Travis: Workaround a rbx-3 autoload issue  WIP
 2018-01-11 21:20:08 +02:00
Olle Jonsson 6c2bddbb26
Travis: Typo 2017-12-09 15:42:14 +01:00
Olle Jonsson 50b01d0144
Travis: Workaround a rbx-3 autoload issue 
- see https://github.com/bundler/bundler/issues/6163
 2017-12-09 15:41:33 +01:00
Oleksandr Simonov ae9d8fb2ea
Merge pull request #345 from olleolleolle/patch-1 
README: Use a blockquote to make text readable
 2017-12-07 15:23:23 +02:00
Oleksandr Simonov 2f6b47dc28
Merge pull request #346 from olleolleolle/patch-2 
Travis: JRuby code coverage possible using the --debug flag, drop a failing JDK variant, use Rubinius rbx-3
 2017-12-07 15:22:26 +02:00
Olle Jonsson ea98fa1bc8
Merge branch 'master' into patch-2 2017-12-07 11:32:41 +01:00
Oleksandr Simonov 2f6bc8ec39
Merge pull request #347 from swamp09/ci_against 
CI against Ruby 2.2.8, 2.3.5, and 2.4.2
 2017-12-06 19:11:31 +02:00
swamp09 5ac27073b8 CI against Ruby 2.2.8, 2.3.5, and 2.4.2 2017-12-05 23:45:47 +09:00
Olle Jonsson 75cd0dca68
Travis: typo 2017-11-28 16:02:38 +01:00
Olle Jonsson 849e774443
Travis: Try using rbx-3 2017-11-28 15:53:14 +01:00
Olle Jonsson cbdea2a331
Travis: update RubyGems 2017-11-28 15:23:30 +01:00
Olle Jonsson e65bc45123
Travis: drop oraclejdk-7 2017-11-28 15:20:51 +01:00
Olle Jonsson e19a5c15b6
Travis: use JRUBY_OPTS="--debug" 2017-11-28 15:19:33 +01:00
Olle Jonsson 43f01f4631
Travis: use pre-installed Travis rubies 
- these are newer
 - rvm does gem update --system built-in
 2017-11-28 15:12:39 +01:00
Olle Jonsson a27204fef9
README: Use a blockquote to make text readable 2017-11-28 14:59:23 +01:00