mechanize 2.8.3 → 2.8.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of mechanize might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e9229e4045fc8c47f92c1eb17b082f206016958b1cac91e7d128c4b3c7ac75f2
4
- data.tar.gz: f5ee71b39961cdf4f7ee3c24b98202558b57d96187ecea52996c1257535d82b4
3
+ metadata.gz: d8b4e424716d3f5d8fdc1fe82efca4412eee6b414c0cafee9cdced96023e632d
4
+ data.tar.gz: b4450930235cb304ced9e63cede8fd3abe3bc7c7f38530ef6127be8208de3c93
5
5
  SHA512:
6
- metadata.gz: d31c53a6d1b442f804e95274b16bead40dd93cf76a4b3fd06fb51c2b17971f47f27d5463c96ca10bc55f1cc7e34dabd9ab7e7d3edbb84399fccfb7d49a870779
7
- data.tar.gz: be498201622a3f1584f3060f23824d85e09b8adead0e6d39cf7f87ca433a718f17d4039731d2124eff3032e2ac4ad4542b47d05e5b8421ce640ab2b62c197016
6
+ metadata.gz: cb936d26c46330432cd5d230b5e54b3792de5a2e39d3aa3a09a4904e5cf0f4bd9547c489772f3cd8d989e171022a18943bf4d09f0420038ed36d941978605a4f
7
+ data.tar.gz: 3b8103cfa2759f937b43384ac13ae0b8be9d22505841199fd0acd8fc0f4c4d86e0844571bbcd930da2d55e54f2178bbe222f9876959851ee694988bd5b874668
@@ -16,7 +16,7 @@ jobs:
16
16
  - uses: actions/checkout@v2
17
17
  - uses: ruby/setup-ruby@v1
18
18
  with:
19
- ruby-version: "3.0"
19
+ ruby-version: "3.1"
20
20
  bundler-cache: true
21
21
  - run: bundle exec rake rubocop
22
22
 
@@ -25,7 +25,7 @@ jobs:
25
25
  strategy:
26
26
  fail-fast: false
27
27
  matrix:
28
- ruby-version: ["2.5", "2.6", "2.7", "3.0", "jruby", "truffleruby-head"]
28
+ ruby-version: ["2.5", "2.6", "2.7", "3.0", "3.1", "head", "jruby", "truffleruby-head"]
29
29
 
30
30
  runs-on: ubuntu-latest
31
31
  steps:
@@ -48,6 +48,6 @@ jobs:
48
48
  - uses: actions/checkout@v2
49
49
  - uses: ruby/setup-ruby@v1
50
50
  with:
51
- ruby-version: "3.0"
51
+ ruby-version: "3.1"
52
52
  bundler-cache: true
53
53
  - run: bundle exec rake test
data/CHANGELOG.md CHANGED
@@ -1,5 +1,12 @@
1
1
  # Mechanize CHANGELOG
2
2
 
3
+ ## 2.8.4 / 2022-01-17
4
+
5
+ ### Fix
6
+
7
+ * `Mechanize::CookieJar#load` calls `Psych.safe_load` when using Psych >= 3.1
8
+
9
+
3
10
  ## 2.8.3 / 2021-11-11
4
11
 
5
12
  ### Update
@@ -149,7 +149,7 @@ class Mechanize
149
149
  return super(input, opthash) if opthash[:format] != :yaml
150
150
 
151
151
  begin
152
- data = YAML.load(input) # rubocop:disable Security/YAMLLoad
152
+ data = load_yaml(input)
153
153
  rescue ArgumentError
154
154
  @logger.warn "unloadable YAML cookie data discarded" if @logger
155
155
  return self
@@ -174,6 +174,18 @@ class Mechanize
174
174
  return self
175
175
  end
176
176
  end
177
+
178
+ private
179
+
180
+ if YAML.name == "Psych" && Gem::Requirement.new(">= 3.1").satisfied_by?(Gem::Version.new(Psych::VERSION))
181
+ def load_yaml(yaml)
182
+ YAML.safe_load(yaml, aliases: true, permitted_classes: ["Mechanize::Cookie", "Time"])
183
+ end
184
+ else
185
+ def load_yaml(yaml)
186
+ YAML.load(yaml) # rubocop:disable Security/YAMLLoad
187
+ end
188
+ end
177
189
  end
178
190
 
179
191
  class ::HTTP::CookieJar
@@ -1,4 +1,4 @@
1
1
  # frozen_string_literal: true
2
2
  class Mechanize
3
- VERSION = "2.8.3"
3
+ VERSION = "2.8.4"
4
4
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mechanize
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.8.3
4
+ version: 2.8.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Hodel
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2021-11-11 00:00:00.000000000 Z
15
+ date: 2022-01-17 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: addressable
@@ -502,7 +502,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
502
502
  - !ruby/object:Gem::Version
503
503
  version: '0'
504
504
  requirements: []
505
- rubygems_version: 3.2.22
505
+ rubygems_version: 3.3.5
506
506
  signing_key:
507
507
  specification_version: 4
508
508
  summary: The Mechanize library is used for automating interaction with websites