From ecda5e3a2f9c61fe27e042422cbcb1a13685db6b Mon Sep 17 00:00:00 2001 From: Ryan Alyea Date: Sat, 2 Jan 2021 12:44:34 -0700 Subject: [PATCH] Update README and Version --- README.rdoc | 223 ---------------------------------------- README.textile | 19 +++- lib/redcloth/version.rb | 4 +- 3 files changed, 19 insertions(+), 227 deletions(-) delete mode 100644 README.rdoc diff --git a/README.rdoc b/README.rdoc deleted file mode 100644 index 9d886cbb..00000000 --- a/README.rdoc +++ /dev/null @@ -1,223 +0,0 @@ -= Specifics of this RedCloth fork - -This RedCloth fork fixes CVE-2012-6684 as -{reported by Kousuke Ebihara}(http://co3k.org/blog/redcloth-unfixed-xss-en) -using a {patch by Antonio Terceiro}(http://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/) - -Read on below for the original RedCloth documentation - -= RedCloth - Textile parser for Ruby - -Homepage:: http://redcloth.org -Author:: Jason Garber -Copyright:: (c) 2011 Jason Garber -License:: MIT - -(See http://redcloth.org/textile/ for a Textile reference.) - -= RedCloth - -RedCloth is a Ruby library for converting Textile into HTML. - -== RedCloth needs new maintainers - -The {owner of this gem since 2007}[https://github.com/jgarber] is unable to -keep fixing bugs or work on the next major release, {RedCloth -5}[https://github.com/jgarber/redcloth-parslet]. He's looking for one or more -developers who can: - -Current version - -* Fix any urgent {bugs}[http://jgarber.lighthouseapp.com/projects/13054-redcloth/overview] in RedCloth 4.x. You'll probably need to know Ragel and understand Ruby extensions in C and perhaps Java. -* Precompile the gem for Windows and JRuby or fix broken cross-compilation to automate the process -* Cut releases on the 4.x series. - -Future version - -* Complete {redcloth-parslet}[https://github.com/jgarber/redcloth-parslet], which will be a major release and replace this repository when finished. You need to understand the Parslet DSL, which can be learned in a couple hours. -* Meet or exceed the current level of unit and integration testing. Unit testing of the individual patterns makes it much easier to develop and maintain than the old parser. -* Release RedCloth 5.0 to much fanfare. - -== Installing - -RedCloth can be installed via RubyGems: - - gem install RedCloth - -It will install the appropriate Ruby, JRuby, or Win32 gem. If using JRuby, -version 1.1.5 or greater is required. - -== Compiling - -If you just want to use RedCloth, you do NOT need to build/compile it. It is -compiled from C sources automatically when you install the gem on the ruby -platform. Precompiled binary gems are provided for JRuby and Win32 platforms. - -RedCloth can be compiled with rake compile. Ragel 6.3 or greater is -required. Again, Ragel is NOT needed to simply use RedCloth. - -=== Supported platforms - -By default, the rake compile task builds a native C extension (MRI 1.8 or 1.9) -or Java extension (JRuby 1.3). A pure Ruby version can also be generated, but -it's super slow and Ruby 1.8-only. The JRuby and pure-Ruby extensions don't -support multi-byte characters. Cross-compiling for win32 uses rake-compiler. - -The RedCloth::EXTENSION_LANGUAGE constant indicates in which language your -copy of RedCloth is compiled. - -=== Compiling gems - -To compile MRI, JRuby, and win32 gems, you need rvm and rake-compiler. These -and other dependencies can be installed with bundler. Then rake build:all -takes care of compiling and packaging all gems. - - 1. gem install bundler - 2. bundle install - 3. rake-compiler cross-ruby VERSION=1.8.6-p398 - 4. rake-compiler cross-ruby VERSION=1.9.1-p243 - 5. rake build:all - -== Bugs - -Please submit bugs to http://jgarber.lighthouseapp.com/projects/13054-redcloth/overview - -== Using RedCloth - -RedCloth is simply an extension of the String class that can handle -Textile formatting. Use it like a String and output HTML with its -RedCloth#to_html method. - -Simple use: - text = "This is *my* text." - RedCloth.new(text).to_html - -Multi-line example: - - doc = RedCloth.new <This is a link - -== Images - -To insert an image, put the URL for the image inside exclamation marks. - -Optional: text that immediately follows the URL in (parentheses) will -be used as the Alt text for the image. Images on the web should always -have descriptive Alt text for the benefit of readers using non-graphical -browsers. - -Optional: place a colon followed by a URL immediately after the -closing ! to make the image into a link. - -Example: - - !http://www.textism.com/common/textist.gif(Textist)! - -Will become: - - Textist - -With a link: - - !/common/textist.gif(Textist)!:http://textism.com - -Will become: - - Textist - -== Defining Acronyms - -HTML allows authors to define acronyms via the tag. The definition appears as a -tool tip when a cursor hovers over the acronym. A crucial aid to clear writing, -this should be used at least once for each acronym in documents where they appear. - -To quickly define an acronym in Textile, place the full text in (parentheses) -immediately following the acronym. - -Example: - - ACLU(American Civil Liberties Union) - -Will become: - - ACLU - -== Adding Tables - -In Textile, simple tables can be added by separating each column by -a pipe. - - |a|simple|table|row| - |And|Another|table|row| - -Styles are applied with curly braces. - - table{border:1px solid black}. - {background:#ddd;color:red}. |a|red|row| diff --git a/README.textile b/README.textile index 1b373852..79556ac6 100644 --- a/README.textile +++ b/README.textile @@ -9,9 +9,24 @@ License:: MIT (See http://redcloth.org/textile/ for a Textile reference.) +h2. Latest Updates + +Holy crap, it's 2021? + +* Updated version to 0.9.0.alpha1. The minor version bump is due to minor breaking changes listed below. +* Cherry-picked every major update from RedCloth until this post, which RedCloth has not been updated since 2018. (Nothing wrong with that. Don't fix what ain't broke.) I did not port the RSpec, gem-building, or other new meta elements. But the base engine is still the same so there's no need because the gem-building at least originally was for building on Windows and Java which BBRedCloth does not support. +* Includes CVE-2012-6684. Although I highly, *highly* recommend using an html sanitizer on top of this because Textile lets you some EVIL things in CSS. +* YouTube and Vimeo support was removed. It used the super old flash version anyway. +* Removed the swear filter, it wasn't perfect. +* All tests pass. NOTE: Malformed BBCode currently produces non-ideal but valid and secure HTML code. Don't mess up your BBCode and it's all fine. +* Confirmed working on Ruby 3.0.0 +* If you are using BBRedCloth, simply including the pre-packaged gem file is fine. Due to the reliance on Ragel, you cannot just include a Github project. +** Since I have not yet ported the build system, you need the last version of echoe gem and Ruby 1.9.3 to actually build the gem using @rake package@. Sorry, not sorry. You can still build Ruby 1.9.3 on macOS Big Sur if you remove or use the super insecure old OpenSSL 1.0.2t, so it's not like super-hard. +** Once you have the .gem file, later version of Ruby such as 3.0.0 can then build the native extension normally like any gem. + h2. BBRedCloth -BBRedCloth is a Ruby library for converting Textile into HTML. While fundamentally based on RedCloth, it also contains the ability to convert +BBRedCloth is a Ruby library for converting Textile into HTML. While fundamentally based on RedCloth, it also contains the ability to convert standard "BBCode" also, which is useful for forums which use this style of markup since, well... forever. As a drop-in replacement for RedCloth, it plays well such that Textile and BBCode can work side-by-side without much effort for the implementer. h2. Installing @@ -26,7 +41,7 @@ It will install the appropriate Ruby gem. JRuby is not supported, nor is the pur If you wish to use BBRedCloth in your Rails 3 project, just add the following to your Gemfile: 
-gem 'BBRedCloth', :require=>"RedCloth"
+gem 'BBRedCloth', require:'redcloth'
== Compiling diff --git a/lib/redcloth/version.rb b/lib/redcloth/version.rb index 9cfece99..f0c86025 100644 --- a/lib/redcloth/version.rb +++ b/lib/redcloth/version.rb @@ -1,8 +1,8 @@ module RedCloth module VERSION MAJOR = 0 - MINOR = 8 - TINY = 9 + MINOR = 9 + TINY = 0 RELEASE_CANDIDATE = 'alpha1' STRING = [MAJOR, MINOR, TINY, RELEASE_CANDIDATE].join('.')