Update ruby-yard to 0.9.20, fixing CVE-2019-14369.
# 0.9.20 - June 27th, 2019
[0.9.20]: https://github.com/lsegal/yard/compare/v0.9.19...v0.9.20
- Fix parsing of stringified Symbols in Ruby source (#1256).
- Fix path traversal vulnerability in `yard server`. This bug would allow
unsanitized HTTP requests to access arbitrary files on the machine of a
`yard server` host under certain conditions. Thanks to CuongMX from
Viettel Cyber Security for discovering this vulnerability.
# 0.9.19 - April 2nd, 2019
[0.9.19]: https://github.com/lsegal/yard/compare/v0.9.16...v0.9.19
- Fixed bug in browser back button (#1071, #1228)
- Fixed handling of ArgumentError in ExtraFileObject (#1198)
- Fixed double return tag displaying on boolean methods (#1226)
- Removed unused `Module#namespace_name` function (#1229)
- Fixed parsing order of README files. YARD will now prefer README over
README.md over README.x.md or README-x.md (and the like). READMEs will now
also be ordered by filename; the first README is still chosen unless
`--readme` is provided.
- Updated AsciiDoc markup support to use non-deprecated calls.
Unsorted entries in PLIST files have generated a pkglint warning for at
least 12 years. Somewhat more recently, pkglint has learned to sort
PLIST files automatically. Since pkglint 5.4.23, the sorting is only
done in obvious, simple cases. These have been applied by running:
pkglint -Cnone,PLIST -Wnone,plist-sort -r -F
Release v0.9.9 2017/04/23
* Added gem uninstall hooks to remove YARD documentation files. (#1083)
* Added support for C++ namespaces. (#809)
* Fixed issue where loading a .html page via an anchor would not scroll to
the anchor section. (#1082)
* Hide some Ruby warnings.
* Improve progress indicator icons in terminal.
# 0.9.8 - January 13th, 2017
- Fixed installed gems not being correctly found in `yard server` and by plugins.
- Fixed tokenization of `%w(...)` array syntax.
# 0.9.7 - January 9th, 2017
- Fix resolution of absolute object paths with ambiguous names. (#1029)
# 0.9.6 - January 7th, 2017
- Removed official support for Ruby 1.x (1.8/1.9). YARD can still be installed
in these versions, but support is not guaranteed. Simple bug fixes may still
be considered via pull request only. Issues without code will be automatically
closed.
- Added {YARD::Tags::Tag#explain_types} returning a plain English summary
of the type specification of a given tag. Also adds {YARD::Tags::TypesExplainer}
as an implementation class for the method.
- Added support for automatic linking of constants and method calls of
Ruby syntax highlighted source code in generated HTML. Also adds the
{YARD::Parser::Ruby::TokenResolver} implementation class to iterate over
tokenized code with extra resolved object information.
- Added support for compound constant assignments (`A::B::C = true`).
- Added `LibraryVersion#yardoc_file_for_SOURCE` callback method for sources with
a pre-determined yardoc file location. Implement this method instead of
manually setting `library.yardoc_file = ...` in your load method (you can
still assign the attribute manually).
- Use RubyGems 2.x+ API to query gems when available instead of using backport.
# 0.9.5 - July 22nd, 2016
- `yard doc` will now generate `.yardoc/processing` and `.yardoc/complete` files
to allow other tools to properly detect when YARD is in the middle of parsing
source files, and when it has completed writing the database.
- Added support for on-demand generation of LibraryVersion objects using the
`:disk` source type. LibraryVersion objects pointing to a .yardoc database
directory will now auto-generate if there is a `source_path` attached.
- Added warning for macros attached to non-method objects.
- Fixed a few more parsing errors.
# 0.8.7.6
- Support using `@option` tag on keyword arg splat parameter. (#729)
- Add `.stats_options` for `YardocTask`. (#800, #801)
# 0.8.7.5 - October 26, 2014
- Fix linking of methods in top level namespace in method listing. (#776)
- Support using C macros in function declarations. (#810)
- YARD will no longer group comment blocks starting on the same column if they
are preceded by code. (#798)
- Handle anonymous lambda calls in toplevel scope. (#774)
- Support I18n in `@overload` tags. (#794)
- Support `yard stats` for objects with no file property. (#792)
- Support for named arguments in Ruby >= 2.1. (#785)
- Exclude README backup files from YARD generation. (#790)
- Turned on the lax spacing option in Redcarpet to comply with the
Markdown standard.
- Escape HTML in YARD server search placeholder template.
- Fix issue with `private_class_method` support. (#760, #767)
- Enable tables support by default in Redcarpet Markdown provider. (#765)
YARD is a documentation generation tool for the Ruby programming language. It
enables the user to generate consistent, usable documentation that can be
exported to a number of formats very easily, and also supports extending for
custom Ruby constructs such as custom class level definitions.
