Age | Commit message (Collapse) | Author |
|
|
|
In future versions of Psych, the `load` method will be mostly the same
as the `safe_load` method. In other words, the `load` method won't
allow arbitrary object deserialization (which can be used to escalate to
an RCE). People that need to load *trusted* documents can use the
`unsafe_load` method.
This commit introduces the `unsafe_load` method so that people can
incrementally upgrade. For example, if they try to upgrade to 4.0.0 and
something breaks, they can downgrade, audit callsites, change to
`safe_load` or `unsafe_load` as required, and then upgrade to 4.0.0
smoothly.
|
|
feat: allow scalars and sequences to be styled when dumped
|
|
Fix symbolize_name with non-string keys
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Because ruby/psych still uses minitest. minitest didn't support
assert_ractor provided by test suite of ruby/ruby repo.
|
|
Using `compare_by_identity` gives a 4x performance boost on cache hits.
Benchmark in https://github.com/JuanitoFatas/fast-ruby/issues/189
|
|
Config is Ractor-local.
Benchmarking reveals that using `Ractor.local_storage` for storing cache
is similar to accessing a constant (~15% slower).
|
|
|
|
|
|
The only remaining use of this function was to get the internal
message object from an exception's hidden `mesg` instance
variable to allow it to be dumped wiithout converting to a string.
As discussed in #103, this exposes internal implementation details
of CRuby, and ultimately does not provide any real utility to the
user since they can't directly inspect this hidden variable. The
test change here is to reflect CRuby behavior that denies equality
if the internal message objects do not match, as is the case after
the exception has been loaded and now has a simple String value.
The impact to users is that exceptions with special hidden message
objects will convert those objects to String during marshaling
through YAML. I believe this only affects NameError and its
descendants, since users can't set this field directly on their
own exception types.
Fixes #103.
|
|
test/psych/visitors/test_to_ruby.rb
|
|
|
|
test/psych/visitors/test_to_ruby.rb (#2881)
|
|
|
|
Fix ArgumentError with leading and trailing underscores in number str…
|
|
The main issue is that commas aren't allowed in local tags. libyaml
was updated to follow the spec, and our tests were out of date.
See: https://github.com/yaml/libyaml/issues/196
|
|
|
|
|
|
Ruby 2.7 deprecates taint and it no longer has an effect.
The lack of taint support should not cause a problem in
previous Ruby versions.
I'm not sure if the untaint calls in deduplicate are still needed
after the removal of tainting in the parser. If they are not
needed, they should be removed.
|
|
In verbose mode, `test_delegator` in `test/psych/visitors/test_yaml_tree.rb` shows following warning.
https://travis-ci.org/ruby/psych/jobs/562435717#L268
```
/home/travis/build/ruby/psych/test/psych/visitors/test_yaml_tree.rb:10: warning: instance variable @obj not initialized
```
This is because `Psych.load` bypasses #initialize with the #init_with method.
|
|
|
|
|
|
Currently the elements of a hash are revived before any ivar values.
This causes an issue when the `[]=` method references an instance
variable.
|
|
This commit allows exception backtraces to round trip
|
|
Replace keyword argumment whitelist_classes and whitelist_symbols.
with permitted_classes and permitted_symbols.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add test cases for the fallback keyword argument of Psych.load_file
to make sure that a falsy fallback (nil or false) works properly.
|
|
Add test cases for the fallback keyword argument of Psych.load_file
to make sure that the fallback is not used for valid YAML that
represents nil or false.
|
|
This allows the AST to be searched via a predicate method rather than
hardcoding the class name and doing is_a? checks. For example, rather
than:
```
ast.grep(Psych::Nodes::Scalar).each do |node|
# .. do something
end
```
Now you can do:
```
ast.find_all(&:scalar?).each do |node|
# .. do something
end
```
Your code no longer needs to know the exact class used in the AST.
|
|
Add more test cases for the fallback keyword argument of
Psych.load_file; additionally, fix an error in the docs.
|
|
Converting the optional fallback argument to a keyword argument
fixes a problem that is caused by mixing optional arguments and
optional keyword arguments.
Without this change, a hash as fallback value is not handled
correctly: in Psych.load("", nil, {}) the hash is not interpreted
as the fallback value, and the default value for the fallback
argument is used instead.
|
|
related to #333
|
|
|
|
like JSON.parse.
|
|
|