RubyGems - config - Versions diffs - 5.6.0 → 5.6.1 - Mend

config 5.6.0 → 5.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -1
data/lib/config/sources/yaml_source.rb +1 -1
data/lib/config/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ba3d20a75f8fe4b14d5008d1ea8dd9f6b01799ed09e82f30afd76700a2cbd6ff
-  data.tar.gz: 3db4af3557979eafa3d95d20aeea1d58aa33a54a4070ca8e3888594d58b16263
+  metadata.gz: d2cd615486e9e4f65f2c542ad5112f0bedbf744a6413f15d157a62c6b2b798a0
+  data.tar.gz: 492dc3f5194934a08586b3a3f2b24bf5c1d7572ea2a97aafc0a0bd882a806d43
 SHA512:
-  metadata.gz: 07f599553b96a80beee9931af461695444f1e48210984cb5da2da56c8bf9f61065f11f4e0af6af8b03fe136169535cb2dcfc7556a61e6aefbe4699fcf8090afa
-  data.tar.gz: 1d1337a4c3121d3481edbb3066d9468262c85be7f102b7af0a845b15ea3b550d13876f7382ae4e55cce97d6386f596a40d1e2bf675d91ab5b5ea71799f5e6b46
+  metadata.gz: 16737e3afd9def484dc34d92661acef67452274841bb7ae74cb68992b8e857a5735b5d6692cdc31a42d460fb623385eef0aed5ff7c364d4f49226aa1ae5259f8
+  data.tar.gz: b6fa89e593d1997d29c56be704a148ea9591dbf11e723980966af4bfc109c9a3aa16e1c3192d865e43f5188bae815bab5e5012ee14e686e809ece99d2b358a6b

data/CHANGELOG.md CHANGED Viewed

@@ -1,8 +1,12 @@
 # Changelog
+## 5.6.1
+* fix(security): replace IO.read with File.read [#378](https://github.com/rubyconfig/config/pull/378)
 ## 5.6.0
-* Added `extra_sources` in initializer  ([#366](https://github.com/rubyconfig/config/pull/366))
+* Added `extra_sources` in initializer ([#366](https://github.com/rubyconfig/config/pull/366))
 ## 5.5.2

data/lib/config/sources/yaml_source.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module Config
       # returns a config hash from the YML file
       def load
         if @path and File.exist?(@path)
-          file_contents = IO.read(@path)
+          file_contents = File.read(@path)
           file_contents = ERB.new(file_contents).result if evaluate_erb
           result = YAML.respond_to?(:unsafe_load) ? YAML.unsafe_load(file_contents) : YAML.load(file_contents)
         end

data/lib/config/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Config
-  VERSION = '5.6.0'.freeze
+  VERSION = '5.6.1'.freeze
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: config
 version: !ruby/object:Gem::Version
-  version: 5.6.0
+  version: 5.6.1
 platform: ruby
 authors:
 - Piotr Kuczynski