lib/hash_delegator.rb in markdown_exec-2.0.4 vs lib/hash_delegator.rb in markdown_exec-2.0.5

@@ -230,20 +230,50 @@
 
   def remove_file_without_standard_errors(path)
     FileUtils.rm_f(path)
   end
 
-  # Evaluates the given string as Ruby code and rescues any StandardErrors.
+  # Evaluates the given string as Ruby code within a safe context.
   # If an error occurs, it calls the error_handler method with 'safeval'.
   # @param str [String] The string to be evaluated.
   # @return [Object] The result of evaluating the string.
   def safeval(str)
-    eval(str)
+    # # Restricting to evaluate only expressions
+    # unless str.match?(/\A\s*\w+\s*[\+\-\*\/\=\%\&\|\<\>\!]+\s*\w+\s*\z/)
+    #   error_handler('safeval') # 'Invalid expression'
+    #   return
+    # end
+
+    # # Whitelisting allowed operations
+    # allowed_methods = %w[+ - * / == != < > <= >= && || % & |]
+    # unless allowed_methods.any? { |op| str.include?(op) }
+    #   error_handler('safeval', 'Operation not allowed')
+    #   return
+    # end
+
+    # # Sanitize input (example: removing potentially harmful characters)
+    # str = str.gsub(/[^0-9\+\-\*\/\(\)\<\>\!\=\%\&\|]/, '')
+
+    # Evaluate the sanitized string
+    result = nil
+    binding.eval("result = #{str}")
+
+    result
   rescue StandardError # catches NameError, StandardError
     error_handler('safeval')
   end
 
+  # # Evaluates the given string as Ruby code and rescues any StandardErrors.
+  # # If an error occurs, it calls the error_handler method with 'safeval'.
+  # # @param str [String] The string to be evaluated.
+  # # @return [Object] The result of evaluating the string.
+  # def safeval(str)
+  #   eval(str)
+  # rescue StandardError # catches NameError, StandardError
+  #   error_handler('safeval')
+  # end
+
   def set_file_permissions(file_path, chmod_value)
     File.chmod(chmod_value, file_path)
   end
 
   # Creates a TTY prompt with custom settings. Specifically, it disables the default 'cross' symbol and
@@ -1319,10 +1349,22 @@
                   { expr: filespec })
       puts @delegate_object[:prompt_enter_filespec]
       PathUtils.resolve_path_or_substitute(gets.chomp, filespec)
     end
 
+    # def read_block_name(line)
+    #   bm = extract_named_captures_from_option(line, @delegate_object[:block_name_match])
+    #   name = bm[:title]
+
+    #   if @delegate_object[:block_name_nick_match].present? && line =~ Regexp.new(@delegate_object[:block_name_nick_match])
+    #     name = $~[0]
+    #   else
+    #     name = bm && bm[1] ? bm[:title] : name
+    #   end
+    #   name
+    # end
+
     # Handle expression with wildcard characters
     # allow user to select or enter
     def save_filespec_wildcard_expansion(filespec)
       files = find_files(filespec)
       case files.count
@@ -1811,10 +1853,26 @@
           next_load_file: next_document_filename == @delegate_object[:filename] ? LoadFile::Reuse : LoadFile::Load
         )
       end
     end
 
+    # Check if the delegate object responds to a given method.
+    # @param method_name [Symbol] The name of the method to check.
+    # @param include_private [Boolean] Whether to include private methods in the check.
+    # @return [Boolean] true if the delegate object responds to the method, false otherwise.
+    def respond_to?(method_name, include_private = false)
+      if super
+        true
+      elsif @delegate_object.respond_to?(method_name, include_private)
+        true
+      elsif method_name.to_s.end_with?('=') && @delegate_object.respond_to?(:[]=, include_private)
+        true
+      else
+        @delegate_object.respond_to?(method_name, include_private)
+      end
+    end
+
     def runtime_exception(exception_sym, name, items)
       if @delegate_object[exception_sym] != 0
         data = { name: name, detail: items.join(', ') }
         warn(
           format(
@@ -2118,25 +2176,25 @@
       warn selected.to_yaml.sub(/^(?:---\n)?/, "Block:\n")
     end
 
     # Presents a TTY prompt to select an option or exit, returns metadata including option and selected
     def select_option_with_metadata(prompt_text, names, opts = {})
-
       ## configure to environment
       #
       unless opts[:select_page_height].positive?
         require 'io/console'
         opts[:per_page] = opts[:select_page_height] = [IO.console.winsize[0] - 3, 4].max
       end
 
+      # crashes if all menu options are disabled
       selection = @prompt.select(prompt_text,
                                  names,
                                  opts.merge(filter: true))
       item = names.find do |item|
-        if item.instance_of?(String)
-          item == selection
-        else
+        if item.instance_of?(Hash)
           item[:dname] == selection
+        else
+          item == selection
         end
       end
       item = { dname: item } if item.instance_of?(String)
       unless item
         HashDelegator.error_handler('select_option_with_metadata', error: 'menu item not found')