safe_yaml 0.6.2 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. data/lib/safe_yaml/syck_resolver.rb +10 -6
  2. data/lib/safe_yaml/version.rb +1 -1
  3. data/spec/safe_yaml_spec.rb +23 -0
  4. metadata +3 -3
data/lib/safe_yaml/syck_resolver.rb CHANGED
@@ -19,12 +19,17 @@ module SafeYAML
19
19
  map = node.value
20
20
 
21
21
  hash = {}
22
+
23
+ # Take the "<<" key nodes first, as these are meant to approximate a form of inheritance.
24
+ inheritors = map.keys.select { |node| resolve_node(node) == "<<" }
25
+ inheritors.each do |key|
26
+ value_node = map.delete(key)
27
+ hash.merge!(resolve_node(value_node))
28
+ end
29
+
30
+ # All that's left should be normal (non-"<<") nodes.
22
31
  map.each do |key_node, value_node|
23
- if resolve_node(key_node) == "<<"
24
- hash.merge!(resolve_node(value_node))
25
- else
26
- hash[resolve_node(key_node)] = resolve_node(value_node)
27
- end
32
+ hash[resolve_node(key_node)] = resolve_node(value_node)
28
33
  end
29
34
 
30
35
  return hash
@@ -32,7 +37,6 @@ module SafeYAML
32
37
 
33
38
  def resolve_seq(node)
34
39
  seq = node.value
35
-
36
40
  seq.map { |node| resolve_node(node) }
37
41
  end
38
42
 
data/lib/safe_yaml/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SafeYAML
2
- VERSION = "0.6.2"
2
+ VERSION = "0.6.3"
3
3
  end
data/spec/safe_yaml_spec.rb CHANGED
@@ -108,6 +108,29 @@ describe YAML do
108
108
  }
109
109
  }
110
110
  end
111
+
112
+ it "correctly prefers explicitly defined values over default values from included sections" do
113
+ # Repeating this test 100 times to increase the likelihood of running into an issue caused by
114
+ # non-deterministic hash key enumeration.
115
+ 100.times do
116
+ result = YAML.safe_load <<-YAML
117
+ defaults: &defaults
118
+ foo: foo
119
+ bar: bar
120
+ baz: baz
121
+ custom:
122
+ <<: *defaults
123
+ bar: custom_bar
124
+ baz: custom_baz
125
+ YAML
126
+
127
+ result["custom"].should == {
128
+ "foo" => "foo",
129
+ "bar" => "custom_bar",
130
+ "baz" => "custom_baz"
131
+ }
132
+ end
133
+ end
111
134
  end
112
135
 
113
136
  describe "unsafe_load_file" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: safe_yaml
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.2
4
+ version: 0.6.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-02-05 00:00:00.000000000 Z
12
+ date: 2013-02-06 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: Parse YAML safely, without that pesky arbitrary object deserialization
15
15
  vulnerability
@@ -72,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
72
72
  version: '0'
73
73
  requirements: []
74
74
  rubyforge_project:
75
- rubygems_version: 1.8.25
75
+ rubygems_version: 1.8.24
76
76
  signing_key:
77
77
  specification_version: 3
78
78
  summary: SameYAML provides an alternative implementation of YAML.load suitable for