From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marius Bakke Subject: Re: [PATCH] gnu: Add ruby-safe-yaml Date: Mon, 21 Nov 2016 18:59:12 +0100 Message-ID: <87ziks7lzj.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> References: Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:42487) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c8ssB-0004uC-Uq for guix-devel@gnu.org; Mon, 21 Nov 2016 12:59:21 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c8ss7-0003q3-3r for guix-devel@gnu.org; Mon, 21 Nov 2016 12:59:20 -0500 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:57053) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1c8ss6-0003pV-T9 for guix-devel@gnu.org; Mon, 21 Nov 2016 12:59:15 -0500 In-Reply-To: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Frederick Muriithi , guix-devel@gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Frederick Muriithi writes: > gnu/packages/ruby.scm (ruby-safe-yaml): Add new variable > > Tests deactivated due to missing rake task. Submitted a patch to > upstream maintainer, so hopefully future versions will run tests > successfully Cool! If there are tests, and a patch exists for enabling them as a rake task, I think we should include it, with a link to the upstream issue. Could you send an updated patch that enables the tests? And thanks! :) > > --=20 > Frederick M. Muriithi > From 271945b9de385fe7ddcc74bf2555f40096c4099a Mon Sep 17 00:00:00 2001 > From: Muriithi Frederick Muriuki > Date: Mon, 21 Nov 2016 19:24:19 +0300 > Subject: [PATCH] gnu: Add ruby-safe-yaml > > * gnu/packages/ruby.scm (ruby-safe-yaml): New variable. > --- > gnu/packages/ruby.scm | 28 ++++++++++++++++++++++++++++ > 1 file changed, 28 insertions(+) > > diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm > index d8c36be..e939190 100644 > --- a/gnu/packages/ruby.scm > +++ b/gnu/packages/ruby.scm > @@ -4247,3 +4247,31 @@ of the more insecure basic authentication scheme.") > them more powerful") > (home-page "https://github.com/intridea/hashie") > (license license:expat))) > + > +(define-public ruby-safe-yaml > + (package > + (name "ruby-safe-yaml") > + (version "1.0.4") > + (source > + (origin > + (method url-fetch) > + (uri (rubygems-uri "safe_yaml" version)) > + (sha256 > + (base32 > + "1hly915584hyi9q9vgd968x2nsi5yag9jyf5kq60lwzi5scr7094")))) > + (build-system ruby-build-system) > + (arguments > + ;; Missing rake task 'test' > + ;; Submitted patch to upstream maintainer > + `(#:tests? #f)) > + (native-inputs > + `(("ruby-rspec" ,ruby-rspec) > + ("ruby-hashie" ,ruby-hashie))) > + (synopsis "Parse YAML safely") > + (description "The SafeYAML gem provides an alternative > +implementation of YAML.load suitable for accepting user input > +in Ruby applications. Unlike Ruby's built-in implementation of > +YAML.load, SafeYAML's version will not expose apps to arbitrary > +code execution exploits") > + (home-page "https://github.com/dtao/safe_yaml") > + (license license:expat))) > --=20 > 2.1.4 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJYMzXwAAoJEKKgbfKjOlT6zN4IAJGkS2mvmM8HGkjn9vTElKTw osgS8sz4AWGs99w1eO/NgSDsRAgGdINisa+QBbtlMCmQ7ZtqxPPMVNysOgCWx2xN 2G0ehabS1UJ/Sl1FHrjYL1JzsKehUVBBpLFUzTCsjpYJfQ006tGXF1dHn5Pz5Ywh VNQ+aXnHGjNfHPaupetw+lnHkDQzIOFkraQabXsHtXs2ITtDqLJFp28FZpmecEd0 qLLQDMj9Pq0cYYmtGzyE1coikpi2zIE9TKqPywuh+TKegoUxYXhcuqG+t3gtEfjv lyf/5KpYGqFPX3FAQteCcCnXGG0euy2ohSyl8N4V4Z4B8LiHNZqzwkbYCu3GqKg= =pYGN -----END PGP SIGNATURE----- --=-=-=--