You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@whimsical.apache.org by sebb <se...@gmail.com> on 2017/06/08 11:08:20 UTC
Re: [whimsy] branch master updated: Use lowercase.
On 8 June 2017 at 11:47, <jo...@apache.org> wrote:
> This is an automated email from the ASF dual-hosted git repository.
>
> johndament pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/whimsy.git
>
>
> The following commit(s) were added to refs/heads/master by this push:
> new 0a0c61f Use lowercase.
> 0a0c61f is described below
>
> commit 0a0c61f9543d359969b1d4913aea4540d2705e8d
> Author: John D. Ament <jo...@apache.org>
> AuthorDate: Thu Jun 8 06:47:45 2017 -0400
>
> Use lowercase.
> ---
> lib/whimsy/asf/podlings.rb | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/whimsy/asf/podlings.rb b/lib/whimsy/asf/podlings.rb
> index 1a3aae2..3fe2683 100644
> --- a/lib/whimsy/asf/podlings.rb
> +++ b/lib/whimsy/asf/podlings.rb
> @@ -209,7 +209,7 @@ module ASF
> end
>
> def podlingStatus
> - @resource.untaint if @resource =~ /\A\w+\Z/
> + @resource.untaint if @resource =~ /\a\w+\z/
Does \a mean anything?
Why not use
@resource.untaint if @resource =~ /^\w+$/
> incubator_content = ASF::SVN['asf/incubator/public/trunk/content']
> resource_yml = "#{incubator_content}/podlings/#{@resource}.yml"
> if File.exist?(resource_yml)
>
> --
> To stop receiving notification emails like this one, please contact
> ['"commits@whimsical.apache.org" <co...@whimsical.apache.org>'].
Re: [whimsy] branch master updated: Use lowercase.
Posted by "John D. Ament" <jo...@apache.org>.
On Thu, Jun 8, 2017 at 7:33 AM Sam Ruby <ru...@intertwingly.net> wrote:
> On Thu, Jun 8, 2017 at 7:22 AM, sebb <se...@gmail.com> wrote:
> > On 8 June 2017 at 12:12, Shane Curcuru <as...@shanecurcuru.org> wrote:
> >> sebb wrote on 6/8/17 7:08 AM:
> >>> On 8 June 2017 at 11:47, <jo...@apache.org> wrote:
> >>>> This is an automated email from the ASF dual-hosted git repository.
> >> ...snip...
> >>
> >>>> def podlingStatus
> >>>> - @resource.untaint if @resource =~ /\A\w+\Z/
> >>>> + @resource.untaint if @resource =~ /\a\w+\z/
> >>>
> >>> Does \a mean anything?
> >>>
> >>> Why not use
> >>>
> >>> @resource.untaint if @resource =~ /^\w+$/
> >>
> >> Actually, most ruby sites I've read learning ruby regex say:
> >>
> >> "Use \A and \z to match the start and end of the string"
> >>
> >>
> https://stackoverflow.com/questions/577653/difference-between-a-z-and-in-ruby-regular-expressions
> >>
> >> I don't know what \a means for ruby's regex, but I find Rubular helpful:
> >>
> >> http://rubular.com/
> >
> > Sorry, I was misled by my Perl background, where the default is for ^
> > $ to match whole strings.
>
> Even in Perl, ^ is start of line. So a string of the form
> ../../../../etc/passwd^nvalid would match. Probably wouldn't have
> made a difference in this case, but it is a good practice to get into.
>
>
FWIW, I don't believe this regex is matching one way or another. I can
only test in prod as there seems to be a missing step for an SMTP server.
I'll dig into that a bit more.
> - Sam Ruby
>
> > https://perldoc.perl.org/perlre.html#Metacharacters
> >
> > But the RE won't match all the resources currently in use ... e.g.
> 'empire-db'
> >
> > '-' is not included in \w.
> >
> >>
> >> --
> >>
> >> - Shane
> >> https://www.apache.org/foundation/marks/resources
>
Re: [whimsy] branch master updated: Use lowercase.
Posted by sebb <se...@gmail.com>.
On 8 June 2017 at 12:33, Sam Ruby <ru...@intertwingly.net> wrote:
> On Thu, Jun 8, 2017 at 7:22 AM, sebb <se...@gmail.com> wrote:
>> On 8 June 2017 at 12:12, Shane Curcuru <as...@shanecurcuru.org> wrote:
>>> sebb wrote on 6/8/17 7:08 AM:
>>>> On 8 June 2017 at 11:47, <jo...@apache.org> wrote:
>>>>> This is an automated email from the ASF dual-hosted git repository.
>>> ...snip...
>>>
>>>>> def podlingStatus
>>>>> - @resource.untaint if @resource =~ /\A\w+\Z/
>>>>> + @resource.untaint if @resource =~ /\a\w+\z/
>>>>
>>>> Does \a mean anything?
>>>>
>>>> Why not use
>>>>
>>>> @resource.untaint if @resource =~ /^\w+$/
>>>
>>> Actually, most ruby sites I've read learning ruby regex say:
>>>
>>> "Use \A and \z to match the start and end of the string"
>>>
>>> https://stackoverflow.com/questions/577653/difference-between-a-z-and-in-ruby-regular-expressions
>>>
>>> I don't know what \a means for ruby's regex, but I find Rubular helpful:
>>>
>>> http://rubular.com/
>>
>> Sorry, I was misled by my Perl background, where the default is for ^
>> $ to match whole strings.
>
> Even in Perl, ^ is start of line. So a string of the form
> ../../../../etc/passwd^nvalid would match. Probably wouldn't have
> made a difference in this case, but it is a good practice to get into.
Not in my Perl:
perl -e 'print(qq(../../../../etc/passwd\nvalid) =~ /^\w+$/)' => nil
The behaviour changes if you add the /m qualifier:
perl -e 'print(qq(../../../../etc/passwd\nvalid) =~ /^\w+$/m)' => 1
See
https://perldoc.perl.org/perlre.html#Metacharacters
> - Sam Ruby
>
>> https://perldoc.perl.org/perlre.html#Metacharacters
>>
>> But the RE won't match all the resources currently in use ... e.g. 'empire-db'
>>
>> '-' is not included in \w.
>>
>>>
>>> --
>>>
>>> - Shane
>>> https://www.apache.org/foundation/marks/resources
Re: [whimsy] branch master updated: Use lowercase.
Posted by Sam Ruby <ru...@intertwingly.net>.
On Thu, Jun 8, 2017 at 7:22 AM, sebb <se...@gmail.com> wrote:
> On 8 June 2017 at 12:12, Shane Curcuru <as...@shanecurcuru.org> wrote:
>> sebb wrote on 6/8/17 7:08 AM:
>>> On 8 June 2017 at 11:47, <jo...@apache.org> wrote:
>>>> This is an automated email from the ASF dual-hosted git repository.
>> ...snip...
>>
>>>> def podlingStatus
>>>> - @resource.untaint if @resource =~ /\A\w+\Z/
>>>> + @resource.untaint if @resource =~ /\a\w+\z/
>>>
>>> Does \a mean anything?
>>>
>>> Why not use
>>>
>>> @resource.untaint if @resource =~ /^\w+$/
>>
>> Actually, most ruby sites I've read learning ruby regex say:
>>
>> "Use \A and \z to match the start and end of the string"
>>
>> https://stackoverflow.com/questions/577653/difference-between-a-z-and-in-ruby-regular-expressions
>>
>> I don't know what \a means for ruby's regex, but I find Rubular helpful:
>>
>> http://rubular.com/
>
> Sorry, I was misled by my Perl background, where the default is for ^
> $ to match whole strings.
Even in Perl, ^ is start of line. So a string of the form
../../../../etc/passwd^nvalid would match. Probably wouldn't have
made a difference in this case, but it is a good practice to get into.
- Sam Ruby
> https://perldoc.perl.org/perlre.html#Metacharacters
>
> But the RE won't match all the resources currently in use ... e.g. 'empire-db'
>
> '-' is not included in \w.
>
>>
>> --
>>
>> - Shane
>> https://www.apache.org/foundation/marks/resources
Re: [whimsy] branch master updated: Use lowercase.
Posted by sebb <se...@gmail.com>.
On 8 June 2017 at 12:12, Shane Curcuru <as...@shanecurcuru.org> wrote:
> sebb wrote on 6/8/17 7:08 AM:
>> On 8 June 2017 at 11:47, <jo...@apache.org> wrote:
>>> This is an automated email from the ASF dual-hosted git repository.
> ...snip...
>
>>> def podlingStatus
>>> - @resource.untaint if @resource =~ /\A\w+\Z/
>>> + @resource.untaint if @resource =~ /\a\w+\z/
>>
>> Does \a mean anything?
>>
>> Why not use
>>
>> @resource.untaint if @resource =~ /^\w+$/
>
> Actually, most ruby sites I've read learning ruby regex say:
>
> "Use \A and \z to match the start and end of the string"
>
> https://stackoverflow.com/questions/577653/difference-between-a-z-and-in-ruby-regular-expressions
>
> I don't know what \a means for ruby's regex, but I find Rubular helpful:
>
> http://rubular.com/
Sorry, I was misled by my Perl background, where the default is for ^
$ to match whole strings.
https://perldoc.perl.org/perlre.html#Metacharacters
But the RE won't match all the resources currently in use ... e.g. 'empire-db'
'-' is not included in \w.
>
> --
>
> - Shane
> https://www.apache.org/foundation/marks/resources
Re: [whimsy] branch master updated: Use lowercase.
Posted by Shane Curcuru <as...@shanecurcuru.org>.
sebb wrote on 6/8/17 7:08 AM:
> On 8 June 2017 at 11:47, <jo...@apache.org> wrote:
>> This is an automated email from the ASF dual-hosted git repository.
...snip...
>> def podlingStatus
>> - @resource.untaint if @resource =~ /\A\w+\Z/
>> + @resource.untaint if @resource =~ /\a\w+\z/
>
> Does \a mean anything?
>
> Why not use
>
> @resource.untaint if @resource =~ /^\w+$/
Actually, most ruby sites I've read learning ruby regex say:
"Use \A and \z to match the start and end of the string"
https://stackoverflow.com/questions/577653/difference-between-a-z-and-in-ruby-regular-expressions
I don't know what \a means for ruby's regex, but I find Rubular helpful:
http://rubular.com/
--
- Shane
https://www.apache.org/foundation/marks/resources