github/ruby - ruby

Автор	SHA1	Сообщение	Дата
Aaron Patterson	c7c2ad5749	[ruby/psych] Introduce `Psych.unsafe_load` In future versions of Psych, the `load` method will be mostly the same as the `safe_load` method. In other words, the `load` method won't allow arbitrary object deserialization (which can be used to escalate to an RCE). People that need to load trusted documents can use the `unsafe_load` method. This commit introduces the `unsafe_load` method so that people can incrementally upgrade. For example, if they try to upgrade to 4.0.0 and something breaks, they can downgrade, audit callsites, change to `safe_load` or `unsafe_load` as required, and then upgrade to 4.0.0 smoothly. https://github.com/ruby/psych/commit/cb50aa8d3f	2021-05-17 11:20:45 +09:00
Hiroshi SHIBATA	53c5a4bbe1	[ruby/psych] Fixed test-case for NaN https://github.com/ruby/psych/commit/f85a008263	2021-05-10 18:53:49 +09:00
hsbt	1c92766bf0	Merge Pysch-3.1.0.pre2 from ruby/psych. * Added deprecated warnings for the new interface of keyword argument. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65193 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2018-10-20 04:25:04 +00:00
hsbt	867581dd75	Merge psych-3.1.0.pre1. * Update bundled libyaml-0.2.1 from 0.1.7. https://github.com/ruby/psych/pull/368 * Unify Psych's API: To use keyword arguments with method call. https://github.com/ruby/psych/pull/358 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64544 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2018-08-27 00:44:04 +00:00