Erubi is a ERB template engine for ruby. It is a simplified fork of Erubis, using the same basic algorithm, with the following differences: * Handles postfix conditionals when using escaping (e.g. <%= foo if bar %>) * Supports frozen_string_literal: true in templates via :freeze option * Works with ruby's --enable-frozen-string-literal option * Automatically freezes strings for template text when ruby optimizes it (on ruby 2.1+) * Escapes ' (apostrophe) when escaping for better XSS protection * Has 6x faster escaping on ruby 2.3+ by using cgi/escape * Has 86% smaller memory footprint * Does no monkey patching (Erubis adds a method to Kernel) * Uses an immutable design (all options passed to the constructor, which returns a frozen object) * Has simpler internals (1 file, <150 lines of code) * Has an open development model (Erubis doesn't have a public source control repository or bug tracker) * Is not dead (Erubis hasn't been updated since 2011) It is not designed with Erubis API compatibility in mind, though most Erubis ERB syntax works, with the following exceptions: * No support for <%=== for debug output
Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.
The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.
Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.
Problem reports, updates or suggestions for this package should be reported with send-pr.