Commit graph

5 commits

Author SHA1 Message Date
taca
e6f48740a9 textproc/ruby-safe_yaml: add pkg_alternatives support
Bump PKGREVISION.
2018-03-21 13:56:43 +00:00
agc
2eddae48e5 Add SHA512 digests for distfiles for textproc category
Problems found locating distfiles:
	Package cabocha: missing distfile cabocha-0.68.tar.bz2
	Package convertlit: missing distfile clit18src.zip
	Package php-enchant: missing distfile php-enchant/enchant-1.1.0.tgz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-04 01:59:17 +00:00
taca
0b8cf82b08 Update ruby-safe_yaml to 1.0.4.
1.0.2
-----

- added warning when using Psych + an older version of libyaml
2015-03-13 16:19:35 +00:00
taca
3fb170fb3e Update ruby-safe_yaml to 1.0.1
0.9.7

* made handling of document frontmatter more robust
* added more descriptive message to the warning for omitting the :safe option

0.9.6

* fixed handling of files with trailing content (after closing ---)

For more detail, please refer <https://github.com/dtao/safe_yaml/commits/master>.
2014-03-14 18:27:35 +00:00
taca
a50db733b3 Add ruby-safe_yaml package version 0.9.5.
The SafeYAML gem provides an alternative implementation of `YAML.load`
suitable for accepting user input in Ruby applications.  Unlike Ruby's
built-in implementation of `YAML.load`, SafeYAML's version will not expose
apps to arbitrary code execution exploits (such as [the ones
discovered](http://www.reddit.com/r/netsec/comments/167c11/serious_vulnerability_in_ruby_on_rails_allowing/)
[in Rails in early
2013](http://www.h-online.com/open/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html)).

If you encounter any issues with SafeYAML, check out the 'Common Issues'
section below.  If you don't see anything that addresses the problem you're
experiencing, by all means,  [create an
issue](https://github.com/dtao/safe_yaml/issues/new)!
2013-09-15 16:31:27 +00:00