summaryrefslogtreecommitdiff
path: root/ext/psych
AgeCommit message (Collapse)Author
2021-06-07[ruby/psych] Bump version to 4.0.1Hiroshi SHIBATA
https://github.com/ruby/psych/commit/4049939006
2021-06-07[ruby/psych] Implement YAML.safe_dump to make safe_load more usable.Jean Boussier
In case where Psych is used as a two way serializers, e.g. to serialize some cache or config, it is preferable to have the same restrictions on both load and dump. Otherwise you might dump and persist some objects payloads that you later won't be able to read. https://github.com/ruby/psych/commit/441958396f
2021-06-07[ruby/psych] Make YAML.load_file use YAML.load instead of safe_loadYusuke Endoh
YAML.load and YAML.safe_load are different a little; the former allows Symbol by default but the latter doesn't. So YAML.load_file and YAML.safe_load_file should reflect the difference. Fixes #490 https://github.com/ruby/psych/commit/f8a5e512a1
2021-05-17[ruby/psych] remove deprecated interfaceAaron Patterson
https://github.com/ruby/psych/commit/0767227051
2021-05-17[ruby/psych] Bump versionAaron Patterson
https://github.com/ruby/psych/commit/1df86a2e81
2021-05-17[ruby/psych] Use Psych.safe_load by defaultAaron Patterson
Psych.load is not safe for use with untrusted data. Too many applications make the mistake of using `Psych.load` with untrusted data and that ends up with some kind of security vulnerability. This commit changes the default `Psych.load` to use `safe_load`. Users that want to parse trusted data can use Psych.unsafe_load. https://github.com/ruby/psych/commit/176494297f
2021-05-17[ruby/psych] Introduce `Psych.unsafe_load`Aaron Patterson
In future versions of Psych, the `load` method will be mostly the same as the `safe_load` method. In other words, the `load` method won't allow arbitrary object deserialization (which can be used to escalate to an RCE). People that need to load *trusted* documents can use the `unsafe_load` method. This commit introduces the `unsafe_load` method so that people can incrementally upgrade. For example, if they try to upgrade to 4.0.0 and something breaks, they can downgrade, audit callsites, change to `safe_load` or `unsafe_load` as required, and then upgrade to 4.0.0 smoothly. https://github.com/ruby/psych/commit/cb50aa8d3f
2021-05-17[ruby/psych] Fix symabolize_name with non-string keysJean Boussier
https://github.com/ruby/psych/commit/1c5c29e81f
2021-05-17[ruby/psych] feat: allow scalars and sequences to be styled when dumpedJeremy Ebler
https://github.com/ruby/psych/commit/546154ddb7
2021-05-10[ruby/psych] Fix some typos [ci skip]Ryuta Kamizono
https://github.com/ruby/psych/commit/98617e55a1
2021-05-10[ruby/psych] bump versionAaron Patterson
https://github.com/ruby/psych/commit/091cd46b1f
2021-05-10[ruby/psych] docs: fix simple typo, expessed -> expressedTim Gates
There is a small typo in ext/psych/yaml/yaml.h. Should read `expressed` rather than `expessed`. https://github.com/ruby/psych/commit/1150d669cb
2021-05-10[ruby/psych] Update to latest SnakeYAMLCharles Oliver Nutter
Fixes jruby/jruby#6365 https://github.com/ruby/psych/commit/a88ff77f02
2021-05-10[ruby/psych] Fix custom marshalization with symbolize_names: trueJean Boussier
https://github.com/ruby/psych/commit/ee26f26ab5
2021-05-10[ruby/psych] Cache dispatch cache in an instance variableJean Boussier
https://github.com/ruby/psych/commit/285c461cd2
2021-05-10[ruby/psych] Cache access to Psych.load_tags in Visitor::ToRubyJean Boussier
https://github.com/ruby/psych/commit/58223f0426
2021-05-04Fix -Wundef warnings for patterns `#if HAVE`Benoit Daloze
* See [Feature #17752] * Using this to detect them: git grep -P 'if\s+HAVE' | grep -Pv 'HAVE_LONG_LONG|/ChangeLog|HAVE_TYPEOF' Notes: Merged: https://github.com/ruby/ruby/pull/4428
2021-04-13dependency updates卜部昌平
Notes: Merged: https://github.com/ruby/ruby/pull/4371
2021-03-30Text files should end with a newlineNobuyoshi Nakada
2021-02-09Expose scheduler as public interface & bug fixes. (#3945)Samuel Williams
* Rename `rb_scheduler` to `rb_fiber_scheduler`. * Use public interface if available. * Use `rb_check_funcall` where possible. * Don't use `unblock` unless the fiber was non-blocking. Notes: Merged-By: ioquatix <samuel@codeotaku.com>
2020-12-23[ruby/psych] Bump version to 3.3.0Hiroshi SHIBATA
https://github.com/ruby/psych/commit/0abce07b90
2020-12-23[ruby/psych] Optimize cache with `compare_by_identity`Marc-Andre Lafortune
Using `compare_by_identity` gives a 4x performance boost on cache hits. Benchmark in https://github.com/JuanitoFatas/fast-ruby/issues/189 Notes: Merged: https://github.com/ruby/ruby/pull/3953
2020-12-23[ruby/psych] Make Ractor-ready.Marc-Andre Lafortune
Config is Ractor-local. Benchmarking reveals that using `Ractor.local_storage` for storing cache is similar to accessing a constant (~15% slower). Notes: Merged: https://github.com/ruby/ruby/pull/3953
2020-12-23[ruby/psych] Don't use instance variables directly for configMarc-Andre Lafortune
Notes: Merged: https://github.com/ruby/ruby/pull/3953
2020-12-23[ruby/psych] Avoid methods depending on bindingsMarc-Andre Lafortune
Improves Ractor-readiness. Notes: Merged: https://github.com/ruby/ruby/pull/3953
2020-12-23[ruby/psych] Freeze constants.Marc-Andre Lafortune
Improves Ractor-readiness. Notes: Merged: https://github.com/ruby/ruby/pull/3953
2020-12-19Strip trailing spaces [ci skip]Nobuyoshi Nakada
2020-12-14Merge Psych-3.2.1 from ruby/psychHiroshi SHIBATA
2020-10-06Appended a newline to suppress newline-eof warningNobuyoshi Nakada
2020-09-25[ruby/psych] Forward keyword arguments in load_file and load_streamJean Boussier
https://github.com/ruby/psych/commit/4e1dd37f09
2020-09-25[ruby/psych] Bump version to 3.2.0Hiroshi SHIBATA
https://github.com/ruby/psych/commit/181a727c90
2020-09-25[ruby/psych] Revert psych versionSzymonKowalczyk
https://github.com/ruby/psych/commit/55a294fcd0
2020-09-25[ruby/psych] Update SNAKEYAML CVE-2017-18640SzymonKowalczyk
to version 1.26 https://github.com/ruby/psych/commit/b2802135e7
2020-09-25Remove private_iv_getCharles Oliver Nutter
The only remaining use of this function was to get the internal message object from an exception's hidden `mesg` instance variable to allow it to be dumped wiithout converting to a string. As discussed in #103, this exposes internal implementation details of CRuby, and ultimately does not provide any real utility to the user since they can't directly inspect this hidden variable. The test change here is to reflect CRuby behavior that denies equality if the internal message objects do not match, as is the case after the exception has been loaded and now has a simple String value. The impact to users is that exceptions with special hidden message objects will convert those objects to String during marshaling through YAML. I believe this only affects NameError and its descendants, since users can't set this field directly on their own exception types. Fixes #103.
2020-08-27sed -i '/rmodule.h/d'卜部昌平
Notes: Merged: https://github.com/ruby/ruby/pull/3347
2020-08-27sed -i '/r_cast.h/d'卜部昌平
Notes: Merged: https://github.com/ruby/ruby/pull/3346
2020-08-27sed -i '\,2/extern.h,d'卜部昌平
Notes: Merged: https://github.com/ruby/ruby/pull/3338
2020-06-25Removed nonsense `rubygems_version` in input gemspec filesNobuyoshi Nakada
As it is ignored and set at building packages automatically, it is just nonsense to set in gemspec file for input.
2020-06-23[ruby/psych] Fixup 05d7e818a6abe3ee1c56b6be92f086647d73141cHiroshi SHIBATA
https://github.com/ruby/psych/commit/4e7794fc2c
2020-06-23[ruby/psych] Bump version strings for header fileHiroshi SHIBATA
https://github.com/ruby/psych/commit/68da645c7e
2020-06-23[ruby/psych] Bump libyaml version to 0.2.5Hiroshi SHIBATA
https://github.com/ruby/psych/commit/39996192cc
2020-06-23[ruby/psych] Fix anchor lookup with symbolized namesJean Boussier
https://github.com/ruby/psych/commit/ef74fc01e2
2020-06-09Avoid requiring "psych/versions"Yusuke Endoh
This leads to double requiring "ext/psych/lib/psych/versions.rb" and ".ext/common/psych/versions.rb", which produces doxens of warnings during `make test-all`. http://rubyci.s3.amazonaws.com/ubuntu2004/ruby-master/log/20200608T123004Z.log.html.gz ``` [15092/20234] TestRDocOptions#test_init_with_encoding/home/chkbuild/chkbuild/tmp/build/20200608T123004Z/ruby/ext/psych/lib/psych.rb:233: warning: already initialized constant Psych::LIBYAML_VERSION /home/chkbuild/chkbuild/tmp/build/20200608T123004Z/ruby/.ext/common/psych.rb:233: warning: previous definition of LIBYAML_VERSION was here /home/chkbuild/chkbuild/tmp/build/20200608T123004Z/ruby/ext/psych/lib/psych.rb:235: warning: already initialized constant Psych::NOT_GIVEN /home/chkbuild/chkbuild/tmp/build/20200608T123004Z/ruby/.ext/common/psych.rb:235: warning: previous definition of NOT_GIVEN was here /home/chkbuild/chkbuild/tmp/build/20200608T123004Z/ruby/ext/psych/lib/psych.rb:271: warning: method redefined; discarding old load /home/chkbuild/chkbuild/tmp/build/20200608T123004Z/ruby/.ext/common/psych.rb:271: warning: previous definition of load was here ... ``` The same issue happened in fiddle.gemspec, and this change applies the same fix as [fiddle](https://github.com/ruby/fiddle/issues/34).
2020-06-05[ruby/psych] Add LICENSE to the gemPo-Chuan Hsieh
https://github.com/ruby/psych/commit/02919596fa Notes: Merged: https://github.com/ruby/ruby/pull/3188
2020-06-05[ruby/psych] Remove unnecessary version guard from versions.rbDavid Rodríguez
Removing it triggers the following warnings when running `bundle` under jruby from the root of the `psych` repo prints the following warnings: ``` /path/to/jruby-9.2.9.0/lib/ruby/gems/shared/gems/psych-3.1.0-java/lib/psych/versions.rb:7: warning: already initialized constant VERSION /path/to//jruby-9.2.9.0/lib/ruby/gems/shared/gems/psych-3.1.0-java/lib/psych/versions.rb:10: warning: already initialized constant DEFAULT_SNAKEYAML_VERSION ``` This is because bundler loads the versions file relatively from the local gemspec, and then internally loads the psych gem, causing the redefinition warnings. Instead, we modify the $LOAD_PATH so that when working locally on the `psych` repo, the local version of `psych` gets used. https://github.com/ruby/psych/commit/a3fc8191a7 Notes: Merged: https://github.com/ruby/ruby/pull/3188
2020-06-05[ruby/psych] Fix ArgumentError with leading and trailing underscores in ↵Mark Thorn
number strings. https://github.com/ruby/psych/commit/ac2d2c9b1b Notes: Merged: https://github.com/ruby/ruby/pull/3188
2020-06-05[ruby/psych] Fix gem installationDavid Rodríguez
Current version is not installable because the gemspec is invalid, since it includes a `.travis.yml` file that no longer exists, so `rake install` fails like this: ``` $ rake install rake aborted! WARNING: See https://guides.rubygems.org/specification-reference/ for help ERROR: While executing gem ... (Gem::InvalidSpecificationException) [".travis.yml"] are not files ``` https://github.com/ruby/psych/commit/32b18ca7ca Notes: Merged: https://github.com/ruby/ruby/pull/3188
2020-06-05[ruby/psych] Implement `freeze` option for Pysch.loadJean Boussier
https://github.com/ruby/psych/commit/7dae24894d Notes: Merged: https://github.com/ruby/ruby/pull/3188
2020-06-05[ruby/psych] Implement a freeze load optionJean Boussier
https://github.com/ruby/psych/commit/04f97f7a56 Notes: Merged: https://github.com/ruby/ruby/pull/3188
2020-06-05[ruby/psych] Refactor `symbolize_names`Jean Boussier
https://github.com/ruby/psych/commit/3e472ab2d7 Notes: Merged: https://github.com/ruby/ruby/pull/3188