Commit Graph

1581 Commits

Author SHA1 Message Date
Mike Farah
948399f163 Man page wip 2021-10-15 09:59:08 +11:00
Mike Farah
0436b77d91 Man page wip 2021-10-15 09:51:42 +11:00
Mike Farah
4ce9433468 Removed leadingContentPreProcessing flag - header preprocessing is stable 2021-10-15 08:53:00 +11:00
Peter Matseykanets
dd259b4957 Make deepMatch report in linear time
The current implementation of the deepMatch() has the exponential runtime.
Given the long enough input and the pattern with multiple wildcards
it takes a while if ever to complete which can potentially be used
maliciously to cause a denial of service (cpu and memory consumption).

E.g. running this in the root of this repository
time yq eval '.jobs.publishDocker.steps.[] | select (.run == "****outputs")' .github/workflows/release.yml
gives on my laptop
25.11s user 0.06s system 99% cpu 25.182 total

Whereas the updated implementation gives
0.01s user 0.01s system 36% cpu 0.049 total

There are numerous similar CVEs reported for glob evaluation in
different shells/ftp-servers/libraries.

The replacement implementation with the linear runtime is shamelessly taken
verbatim from the briliant article by Russ Cox https://research.swtch.com/glob
2021-10-14 18:45:25 +11:00
Chris Kerr
2da2001651 Update README with recently added / changed options
In particular, remove reference to the deprecated `--tojson` option.
2021-10-14 18:40:58 +11:00
Mike Farah
d363963f98 Bump version 2021-10-11 14:50:17 +11:00
Mike Farah
ed4d888bfa Speed up multiply 2021-10-11 14:46:46 +11:00
Mike Farah
79bc1f95cb Slight performance improvement to context.ChildContext 2021-10-11 12:56:27 +11:00
Mike Farah
4a4aae00af Sped up explode operator 2021-10-11 10:41:15 +11:00
Mike Farah
839f795710 Fixed select bug (#958) 2021-10-07 15:04:36 +11:00
Emmanuel Bourg
e87808683a Skip the tests if the nocheck Debian build option is specified 2021-10-07 13:44:16 +11:00
Emmanuel Bourg
bec30e910f Fix a typo in root.go 2021-10-07 13:43:57 +11:00
Mike Farah
b8aeb76f29 Bump version 2021-10-02 15:14:45 +10:00
Mike Farah
989b11764d Updating to go 1.17 to fix CVE #944 2021-10-02 15:12:57 +10:00
Mike Farah
e052ff8025 New release with docker build fixes 2021-09-20 11:58:21 +10:00
Mike Farah
111c1a0e4a Fixed docker timeout - simplify docker builds 2021-09-20 11:57:05 +10:00
Mike Farah
222bfd3d17 Bumping version 2021-09-20 10:40:27 +10:00
Mike Farah
4123669efe Help text tweak 2021-09-20 09:57:41 +10:00
Mike Farah
7caefc8521 minor readme cleanup 2021-09-20 09:55:35 +10:00
Roberto Mier Escandon
91018683bf Bump deb to version 4.13.0 2021-09-17 08:44:13 +10:00
Mike Farah
282d047dc2 Added STDIN example to the top 2021-09-17 08:38:10 +10:00
Mike Farah
b68e6adce9 Added STDIN example to the top 2021-09-17 08:37:28 +10:00
Mike Farah
43e40a6dda Updating with documentation 2021-09-16 10:55:26 +10:00
Mike Farah
2292f0ffb4 Fixed with semicolon space issue 2021-09-15 22:24:03 +10:00
Mike Farah
3339562aa2 Bumping version 2021-09-15 15:19:19 +10:00
Mike Farah
2db8140d7f Added contains operator 2021-09-15 15:18:10 +10:00
Mike Farah
5f154eb1b6 Update release notes 2021-09-12 21:59:57 +10:00
Mike Farah
084a0f6f1e Merge branch 'subtract' 2021-09-12 21:59:07 +10:00
Mike Farah
457c977e61 Update release notes 2021-09-12 21:53:50 +10:00
Mike Farah
6002604251 Added with operator 2021-09-12 21:52:02 +10:00
Mike Farah
0c3334d838 Draft release notes 2021-09-12 17:01:11 +10:00
Mike Farah
b2ee131a4c Updated var to work like jq #934 2021-09-12 16:55:55 +10:00
Mike Farah
1cfbbde796 Added missing closing bracket error check 2021-09-12 15:49:50 +10:00
YABATANIEN, Murichaduke
25ba763b08 supports multiline output 2021-09-12 13:09:54 +10:00
Mike Farah
13c42db238 Adding subtraction support for arrays 2021-09-07 16:58:34 +10:00
Mike Farah
6ba8dc75a6 Bumping version 2021-09-05 11:11:51 +10:00
Mike Farah
3543a2dbdc Fixed union infinite loop #930 2021-09-05 11:07:40 +10:00
Mike Farah
8941573c1a Fixing alternative op bug #930 2021-09-02 15:36:23 +10:00
Mike Farah
eea2c97cd8 Can process hex numbers 2021-09-02 15:26:44 +10:00
Mike Farah
f848e334ee Clarifying readme 2021-08-27 12:30:22 +10:00
Mike Farah
b72d225092 Bumping version 2021-08-27 09:33:57 +10:00
Mike Farah
cb95ab1494 Fixed merge comment issue #919 2021-08-26 16:31:26 +10:00
Mike Farah
063d40de25 Fixing pipeline 2021-08-25 10:09:44 +10:00
Mike Farah
fe12407c93 Bumping version 2021-08-20 16:03:59 +10:00
Mike Farah
d18aa3e9e0 Added shorthand output formats 2021-08-20 15:46:33 +10:00
Mike Farah
10d4eb3381 Updated to use -o for output format 2021-08-20 13:35:57 +10:00
Mike Farah
043e9128d7 Pretty Print tests 2021-08-20 12:23:35 +10:00
Mike Farah
43f47c4ed9 wip - pretty print 1.1 compat mode 2021-08-20 12:23:35 +10:00
Mike Farah
4ba96d902b Fixed document header/footer comment handling when merging 2021-08-17 09:54:12 +10:00
Mike Farah
d2e89f7c72 Updated README to include instructions on docker 2021-08-15 21:22:39 +10:00