Age | Commit message (Collapse) | Author |
|
|
|
Safely deserialize stringified array
|
|
|
|
This ports PUP-8974, and the related follow-up maintenance commits from
the Puppet repo.
The augeas provider used Kernel#eval to convert stringified arrays to Ruby
arrays. For example, it extracted the array part of the "clause" below:
onlyif => 'values HostKey == ["/etc/ssh/ssh_host_rsa_key"]'
and called Kernel#eval with '["/etc/ssh/ssh_host_rsa_key"]'. Using eval is
bad because it executes arbitrary code.
This commit changes the provider to convert the comma delimited string to
a Ruby array. This mostly maintains the functionality of the original
Kernel#eval (minus running arbitrary code) except for no longer handling
the \M-x, \M-\C-x, \M-\cx, \c\M-x, \c?, and \C-? escape sequences in
double-quoted strings, and \u{nnnn ...} is more lenient about whitespace.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add default nodeset for ubuntu 16.04
|
|
Previously we were using eval to convert stringified arrays from the
manifest into a ruby array. Use JSON instead, and ensure values are
double quoted as required by JSON.
|
|
Update rubocop rules and Gemfile
|
|
|
|
See https://github.com/rubocop-hq/ruby-style-guide/commit/df933c0f9b3a805c00e5ef81889992b1aec787a7
|
|
|
|
Also remove shebang line, as they are not executable via ruby.
|
|
Add exclusions for:
Layout/IndentHeredoc,
Metrics/BlockNesting:
Metrics/LineLength:
Style/AccessorMethodName:
Style/DoubleNegation:
Style/MultipleComparison:
Style/NumericPredicate:
Style/PredicateName:
Style/SignalException:
Style/VariableName:
SignalException is disabled because Puppet::Type#fail overrides Kernel#fail,
and we really do want fail and not raise.
|
|
Add tmpfile helper
|
|
|
|
|
|
|