safe_yaml 0.6.2 → 0.6.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/lib/safe_yaml/syck_resolver.rb +10 -6
  2. data/lib/safe_yaml/version.rb +1 -1
  3. data/spec/safe_yaml_spec.rb +23 -0
  4. metadata +3 -3
data/lib/safe_yaml/syck_resolver.rb CHANGED
@@ -19,12 +19,17 @@ module SafeYAML
19
19
  map = node.value
20
20
 
21
21
  hash = {}
22
+
23
+ # Take the "<<" key nodes first, as these are meant to approximate a form of inheritance.
24
+ inheritors = map.keys.select { |node| resolve_node(node) == "<<" }
25
+ inheritors.each do |key|
26
+ value_node = map.delete(key)
27
+ hash.merge!(resolve_node(value_node))
28
+ end
29
+
30
+ # All that's left should be normal (non-"<<") nodes.
22
31
  map.each do |key_node, value_node|
23
- if resolve_node(key_node) == "<<"
24
- hash.merge!(resolve_node(value_node))
25
- else
26
- hash[resolve_node(key_node)] = resolve_node(value_node)
27
- end
32
+ hash[resolve_node(key_node)] = resolve_node(value_node)
28
33
  end
29
34
 
30
35
  return hash
@@ -32,7 +37,6 @@ module SafeYAML
32
37
 
33
38
  def resolve_seq(node)
34
39
  seq = node.value
35
-
36
40
  seq.map { |node| resolve_node(node) }
37
41
  end
38
42
 
data/lib/safe_yaml/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SafeYAML
2
- VERSION = "0.6.2"
2
+ VERSION = "0.6.3"
3
3
  end
data/spec/safe_yaml_spec.rb CHANGED
@@ -108,6 +108,29 @@ describe YAML do
108
108
  }
109
109
  }
110
110
  end
111
+
112
+ it "correctly prefers explicitly defined values over default values from included sections" do
113
+ # Repeating this test 100 times to increase the likelihood of running into an issue caused by
114
+ # non-deterministic hash key enumeration.
115
+ 100.times do
116
+ result = YAML.safe_load <<-YAML
117
+ defaults: &defaults
118
+ foo: foo
119
+ bar: bar
120
+ baz: baz
121
+ custom:
122
+ <<: *defaults
123
+ bar: custom_bar
124
+ baz: custom_baz
125
+ YAML
126
+
127
+ result["custom"].should == {
128
+ "foo" => "foo",
129
+ "bar" => "custom_bar",
130
+ "baz" => "custom_baz"
131
+ }
132
+ end
133
+ end
111
134
  end
112
135
 
113
136
  describe "unsafe_load_file" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: safe_yaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.2
4
+ version: 0.6.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-02-05 00:00:00.000000000 Z
12
+ date: 2013-02-06 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: Parse YAML safely, without that pesky arbitrary object deserialization
15
15
  vulnerability
@@ -72,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
72
72
  version: '0'
73
73
  requirements: []
74
74
  rubyforge_project:
75
- rubygems_version: 1.8.25
75
+ rubygems_version: 1.8.24
76
76
  signing_key:
77
77
  specification_version: 3
78
78
  summary: SameYAML provides an alternative implementation of YAML.load suitable for