psych 3.2.0 → 3.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8d2864bd6b2ce0aa8d9c7a1793c6531d582ce5591f61fa77a5147b495a0eacff
4
- data.tar.gz: fb30e5a5a677c813e058366c8ee1339c986c65f9bc51f69e94771d31199ae7e8
3
+ metadata.gz: 33ed655876a483c54babe4a2262f347f87833bcbdd2bb611712935b97f0aa13d
4
+ data.tar.gz: 7659d9c4c3dc37cc6dc87c82da975d41ac37156cea5baa5361727550110af5f3
5
5
  SHA512:
6
- metadata.gz: 7c2fcf1411c11ff9e7479b79564fc1114c76f12a7b6c6a9ad983f8d565691bcc5b012f0db28529974f1fd274929452b99366af885d094b596da625568149a456
7
- data.tar.gz: 433269e6942d6b1e8812bee88844816aafe7b67c2e58ad51ecf4ddfa45e3c8a99f7265b0a7bb48e4dfc758142fa6503c1b17a2e35036c4bad56dc28fe73414f5
6
+ metadata.gz: e23390eaa06a588135456d1e4f826d04526301a3512acb4f34efc911d97a93f126129ada2a0cd312f8374333106402d10aa7f357417f370ddb0dd5cf2b6ce224
7
+ data.tar.gz: 36d08044e2022d89dcea7f6e589167c6f61bd0a9e24010715e03dba117835d6f4c652c52feb139f602317618aed7a267a8f2a0c95147194a518051c99c24daa5
data/README.md CHANGED
@@ -12,8 +12,8 @@ serialize and de-serialize most Ruby objects to and from the YAML format.
12
12
  ## Examples
13
13
 
14
14
  ```ruby
15
- # Load YAML in to a Ruby object
16
- Psych.load('--- foo') # => 'foo'
15
+ # Safely load YAML in to a Ruby object
16
+ Psych.safe_load('--- foo') # => 'foo'
17
17
 
18
18
  # Emit YAML from a Ruby object
19
19
  Psych.dump("foo") # => "--- foo\n...\n"
@@ -74,12 +74,15 @@ require 'psych/class_loader'
74
74
  #
75
75
  # ==== Reading from a string
76
76
  #
77
- # Psych.load("--- a") # => 'a'
78
- # Psych.load("---\n - a\n - b") # => ['a', 'b']
77
+ # Psych.safe_load("--- a") # => 'a'
78
+ # Psych.safe_load("---\n - a\n - b") # => ['a', 'b']
79
+ # # From a trusted string:
80
+ # Psych.load("--- !ruby/range\nbegin: 0\nend: 42\nexcl: false\n") # => 0..42
79
81
  #
80
82
  # ==== Reading from a file
81
83
  #
82
- # Psych.load_file("database.yml")
84
+ # Psych.safe_load_file("data.yml", permitted_classes: [Date])
85
+ # Psych.load_file("trusted_database.yml")
83
86
  #
84
87
  # ==== Exception handling
85
88
  #
@@ -276,8 +279,7 @@ module Psych
276
279
 
277
280
  result = parse(yaml, filename: filename)
278
281
  return fallback unless result
279
- result = result.to_ruby(symbolize_names: symbolize_names, freeze: freeze) if result
280
- result
282
+ result.to_ruby(symbolize_names: symbolize_names, freeze: freeze)
281
283
  end
282
284
 
283
285
  ###
@@ -549,7 +551,7 @@ module Psych
549
551
  # end
550
552
  # list # => ['foo', 'bar']
551
553
  #
552
- def self.load_stream yaml, legacy_filename = NOT_GIVEN, filename: nil, fallback: []
554
+ def self.load_stream yaml, legacy_filename = NOT_GIVEN, filename: nil, fallback: [], **kwargs
553
555
  if legacy_filename != NOT_GIVEN
554
556
  warn_with_uplevel 'Passing filename with the 2nd argument of Psych.load_stream is deprecated. Use keyword argument like Psych.load_stream(yaml, filename: ...) instead.', uplevel: 1 if $VERBOSE
555
557
  filename = legacy_filename
@@ -557,10 +559,10 @@ module Psych
557
559
 
558
560
  result = if block_given?
559
561
  parse_stream(yaml, filename: filename) do |node|
560
- yield node.to_ruby
562
+ yield node.to_ruby(**kwargs)
561
563
  end
562
564
  else
563
- parse_stream(yaml, filename: filename).children.map(&:to_ruby)
565
+ parse_stream(yaml, filename: filename).children.map { |node| node.to_ruby(**kwargs) }
564
566
  end
565
567
 
566
568
  return fallback if result.is_a?(Array) && result.empty?
@@ -571,9 +573,24 @@ module Psych
571
573
  # Load the document contained in +filename+. Returns the yaml contained in
572
574
  # +filename+ as a Ruby object, or if the file is empty, it returns
573
575
  # the specified +fallback+ return value, which defaults to +false+.
574
- def self.load_file filename, fallback: false
576
+ #
577
+ # NOTE: This method *should not* be used to parse untrusted documents, such as
578
+ # YAML documents that are supplied via user input. Instead, please use the
579
+ # safe_load_file method.
580
+ def self.load_file filename, **kwargs
581
+ File.open(filename, 'r:bom|utf-8') { |f|
582
+ self.load f, filename: filename, **kwargs
583
+ }
584
+ end
585
+
586
+ ###
587
+ # Safely loads the document contained in +filename+. Returns the yaml contained in
588
+ # +filename+ as a Ruby object, or if the file is empty, it returns
589
+ # the specified +fallback+ return value, which defaults to +false+.
590
+ # See safe_load for options.
591
+ def self.safe_load_file filename, **kwargs
575
592
  File.open(filename, 'r:bom|utf-8') { |f|
576
- self.load f, filename: filename, fallback: fallback
593
+ self.safe_load f, filename: filename, **kwargs
577
594
  }
578
595
  end
579
596
 
@@ -2,7 +2,7 @@
2
2
  # frozen_string_literal: true
3
3
  module Psych
4
4
  # The version of Psych you are using
5
- VERSION = '3.2.0'
5
+ VERSION = '3.2.1'
6
6
 
7
7
  if RUBY_ENGINE == 'jruby'
8
8
  DEFAULT_SNAKEYAML_VERSION = '1.26'.freeze
@@ -46,7 +46,6 @@ DESCRIPTION
46
46
  s.extra_rdoc_files = ["README.md"]
47
47
 
48
48
  s.required_ruby_version = Gem::Requirement.new(">= 2.4.0")
49
- s.rubygems_version = "2.5.1"
50
49
  s.required_rubygems_version = Gem::Requirement.new(">= 0")
51
50
 
52
51
  if RUBY_ENGINE == 'jruby'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: psych
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.0
4
+ version: 3.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aaron Patterson
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2020-07-17 00:00:00.000000000 Z
13
+ date: 2020-12-14 00:00:00.000000000 Z
14
14
  dependencies: []
15
15
  description: |
16
16
  Psych is a YAML parser and emitter. Psych leverages libyaml[https://pyyaml.org/wiki/LibYAML]
@@ -117,7 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
117
117
  - !ruby/object:Gem::Version
118
118
  version: '0'
119
119
  requirements: []
120
- rubygems_version: 3.2.0.pre1
120
+ rubygems_version: 3.2.0
121
121
  signing_key:
122
122
  specification_version: 4
123
123
  summary: Psych is a YAML parser and emitter