From 9fe612ce15fd0d1c008e7dd0dcc1059c5b5d5afb Mon Sep 17 00:00:00 2001 From: Tony Bowden Date: Mon, 25 Jul 2016 17:12:50 +0100 Subject: [PATCH 1/2] Require nokogiri 1.6.7 onwards https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7499 --- Gemfile | 2 +- Gemfile.lock | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index f1bf5f44f..078ebd0fe 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ gem 'sinatra', github: 'sinatra/sinatra' gem 'dotenv' gem 'json' gem 'puma' -gem 'nokogiri' +gem 'nokogiri', '>= 1.6.7' gem 'octokit' gem 'redcarpet' gem 'rack-test' diff --git a/Gemfile.lock b/Gemfile.lock index 756aea72e..cd1a9e0e0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -25,12 +25,14 @@ GEM iso_country_codes (0.7.1) json (1.8.2) method_source (0.8.2) - mini_portile (0.5.3) + mini_portile2 (2.1.0) multipart-post (2.0.0) - nokogiri (1.6.1) - mini_portile (~> 0.5.0) + nokogiri (1.6.8) + mini_portile2 (~> 2.1.0) + pkg-config (~> 1.1.7) octokit (3.8.0) sawyer (~> 0.6.0, >= 0.5.3) + pkg-config (1.1.7) pry (0.10.1) coderay (~> 1.1.0) method_source (~> 0.8.1) @@ -59,7 +61,7 @@ DEPENDENCIES everypolitician-popolo! iso_country_codes json - nokogiri + nokogiri (>= 1.6.7) octokit pry puma From 1fb594f8d0f2bd7f0c44ddb5fe15ada72d3ec451 Mon Sep 17 00:00:00 2001 From: Tony Bowden Date: Thu, 28 Jul 2016 16:57:04 +0100 Subject: [PATCH 2/2] Fix broken page title on Wikidata pages These are currently passing the entire Legislature object, which stringifies to the JSON representation, rather than the name: Explicitly pass the name, so we don't get that spewage. --- app.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app.rb b/app.rb index d751e343b..3b8a0cab0 100644 --- a/app.rb +++ b/app.rb @@ -82,7 +82,7 @@ def soft_redirect(url, page_title) last_sha = @house[:sha] popolo_file = EveryPolitician::GithubFile.new(@house[:popolo], last_sha) @popolo = JSON.parse(popolo_file.raw, symbolize_names: true) - @page_title = "EveryPolitician: #{@country[:name]} — #{@house}" + @page_title = "EveryPolitician: #{@country[:name]} — #{@house[:name]}" erb :wikidata_match end