Compare commits

...

5 Commits

Author SHA1 Message Date
Mike Farah
294a1709ad Bumping version 2024-12-07 17:33:47 +11:00
Mike Farah
342efb23ff Fixed panic on multipling string by very large number #2211 2024-12-07 16:53:40 +11:00
Mike Farah
2201381235 Fixed multiply string by negative number panic #2211 2024-12-07 16:28:59 +11:00
Mike Farah
5273715428 Fixed panic error #2211 2024-12-07 16:20:45 +11:00
Mike Farah
e204677ff8 Fixed no-colors regression #2218 2024-12-07 16:05:58 +11:00
8 changed files with 43 additions and 8 deletions

View File

@ -71,6 +71,10 @@ yq -P -oy sample.json
level := logging.WARNING
stringFormat := `[%{level}] %{color}%{time:15:04:05}%{color:reset} %{message}`
// when NO_COLOR environment variable presents and not an empty string the coloured output should be disabled;
// refer to no-color.org
forceNoColor = forceNoColor || os.Getenv("NO_COLOR") != ""
if verbose && forceNoColor {
level = logging.DEBUG
stringFormat = `[%{level:5.5s}] %{time:15:04:05} %{shortfile:-33s} %{shortfunc:-25s} %{message}`
@ -90,10 +94,6 @@ yq -P -oy sample.json
logging.SetBackend(backend)
yqlib.InitExpressionParser()
// when NO_COLOR environment variable presents and not an empty string the coloured output should be disabled;
// refer to no-color.org
forceNoColor = os.Getenv("NO_COLOR") != ""
return nil
},
}

View File

@ -11,7 +11,7 @@ var (
GitDescribe string
// Version is main version number that is being run at the moment.
Version = "v4.44.5"
Version = "v4.44.6"
// VersionPrerelease is a pre-release marker for the version. If this is "" (empty string)
// then it means that it is a final release. Otherwise, this is a pre-release

View File

@ -153,6 +153,10 @@ func repeatString(lhs *CandidateNode, rhs *CandidateNode) (*CandidateNode, error
count, err := parseInt(intNode.Value)
if err != nil {
return nil, err
} else if count < 0 {
return nil, fmt.Errorf("Cannot repeat string by a negative number (%v)", count)
} else if count > 10000000 {
return nil, fmt.Errorf("Cannot repeat string by more than 100 million (%v)", count)
}
target.Value = strings.Repeat(stringNode.Value, count)

View File

@ -201,6 +201,21 @@ var multiplyOperatorScenarios = []expressionScenario{
fmt.Sprintf("D0, P[], (!!str)::%s\n", strings.Repeat("banana", 4)),
},
},
{
description: "Multiply string X by negative int",
skipDoc: true,
document: `n: -4`,
expression: `"banana" * .n`,
expectedError: "Cannot repeat string by a negative number (-4)",
},
{
description: "Multiply string X by more than 100 million",
// very large string.repeats causes a panic
skipDoc: true,
document: `n: 100000001`,
expression: `"banana" * .n`,
expectedError: "Cannot repeat string by more than 100 million (100000001)",
},
{
description: "Multiply int node X string",
document: `n: 4

View File

@ -264,7 +264,7 @@ func doTraverseMap(newMatches *orderedmap.OrderedMap, node *CandidateNode, wante
// if we don't find a match directly on this node first.
var contents = node.Content
for index := 0; index < len(contents); index = index + 2 {
for index := 0; index+1 < len(contents); index = index + 2 {
key := contents[index]
value := contents[index+1]

View File

@ -35,6 +35,15 @@ steps:
`
var traversePathOperatorScenarios = []expressionScenario{
{
skipDoc: true,
description: "strange map with key but no value",
document: "!!null\n-",
expression: ".x",
expected: []string{
"D0, P[x], (!!null)::null\n",
},
},
{
skipDoc: true,
description: "access merge anchors",

View File

@ -1,3 +1,10 @@
4.44.6:
- Fixed deleting items in array bug #2027, #2172; Thanks @jandubois
- Docker image for armv7 / raspberry pi3, Thanks @brianegge
- Fixed no-colors regression #2218
- Fixed various panic scenarios #2211
- Bumped dependencies
4.44.5:
- Fixing release pipeline

View File

@ -1,5 +1,5 @@
name: yq
version: 'v4.44.5'
version: 'v4.44.6'
summary: A lightweight and portable command-line data file processor
description: |
`yq` uses [jq](https://github.com/stedolan/jq) like syntax but works with yaml, json, xml, csv, properties and TOML files.
@ -24,6 +24,6 @@ parts:
build-environment:
- CGO_ENABLED: 0
source: https://github.com/mikefarah/yq.git
source-tag: v4.44.5
source-tag: v4.44.6
build-snaps:
- go/latest/stable