stormbreaker 0.0.3 → 0.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5d6654463cc49ce2f776be977f30c2fdd1ada2c74fcd5831c6b427da223ff431
-  data.tar.gz: fc464c9eb6206ebde673e699638a75cf5e6460b94dd2293c52056e43c4d26e80
+  metadata.gz: 8f63a46388712b8f8a39f718e87066155be39df4758fcc4f21e2f6d59603f7a9
+  data.tar.gz: 2d1ac17a0c46d0dabe62369a0b2546fa11fc3e27806280b874a7fa92d4ffaf73
 SHA512:
-  metadata.gz: 0fc8f5160682fecf91299a59f11c4b546a0c0927805ddb099e2e35fa491e6446c68bc97f3584f9d24908919070174d27e98d6a0ef072cd50c7471ce31567753d
-  data.tar.gz: a3646c54dcef429a6f5ff4bf6b3f6cfb931feef4b1f70bc0ec3725f9b9462a8b45a4be18d452a7fef99b09aca1bed30cbd1f8cb0420b5d55ef124e4bb35cda44
+  metadata.gz: 4c241e221d9fad787377c2219fc1857ece91b7085c527d6b8668f78c01c58b6de595a7942a72d46b66422edce663677cc496ff2152b2b2af427afd7162f8ef48
+  data.tar.gz: '018c62d0ad0c713b4f07e0c7c71a830e3b85d27f42d14319b0864a6370b95909e1aab52b915ac09b04ea132a43c11e660af289e65638e3e467e3bf1cbaf85a9e'

data/lib/stormbreaker/axe_results_serializer.rb

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 
-require 'safe_yaml'
+require 'yaml'
 
 module Stormbreaker
   class AxeResultsSerializer
-    ALLOWED_TAGS = ['!ruby/object:Stormbreaker::AxeViolation', '!ruby/object:Set'].freeze
+    ALLOWED_CLASSES = [Stormbreaker::AxeViolation, Set, Symbol].freeze
 
     def self.serialize_results(total_violations)
       dump = YAML.dump(total_violations)
@@ -23,13 +23,8 @@ module Stormbreaker
 
       combined_manager = Stormbreaker::AxeViolationManager.new
       results_files.each do |file|
-        # rubocop:disable Security/YAMLLoad
-        # Using YAML.load here so that we can specify safe and whitelisted_tags as args in order to not
-        #  have to patch settings to use safe_load and potentially endanger consuming apps.
         puts "Loading #{file}"
-        total_violations = YAML.load(File.read(file),
-                                     safe: true, whitelisted_tags: ALLOWED_TAGS, deserialize_symbols: true)
-        # rubocop:enable Security/YAMLLoad
+        total_violations = YAML.safe_load(File.read(file), permitted_classes: ALLOWED_CLASSES)
         total_violations.each do |violation|
           combined_manager.add_failure_to_total(violation)
         end

data/lib/stormbreaker/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stormbreaker
-  VERSION = '0.0.3'
+  VERSION = '0.0.4'
 end

data/stormbreaker.gemspec

@@ -29,7 +29,6 @@ Gem::Specification.new do |gem|
   gem.add_dependency 'axe-core-rspec', '~> 4.1'
   gem.add_dependency 'axe-core-selenium', '~> 4.1'
   gem.add_dependency 'rspec', '~> 3.8'
-  gem.add_dependency 'safe_yaml', '~> 1.0.5'
   gem.add_development_dependency 'bundler', '~> 1.17'
   gem.add_development_dependency 'nokogiri', '~> 1.11.7'
   gem.add_development_dependency 'pry', '~> 0.14.1'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: stormbreaker
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
 platform: ruby
 authors:
 - Brian Watson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-07-26 00:00:00.000000000 Z
+date: 2021-08-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: axe-core-api
@@ -66,20 +66,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.8'
-- !ruby/object:Gem::Dependency
-  name: safe_yaml
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.0.5
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.0.5
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement