Hello community,
here is the log from the commit of package rubygem-safe_yaml for
openSUSE:Factory checked in at 2019-06-19 21:00:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-safe_yaml (Old)
and /work/SRC/openSUSE:Factory/.rubygem-safe_yaml.new.4811 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-safe_yaml"
Wed Jun 19 21:00:59 2019 rev:2 rq:706022 version:1.0.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-safe_yaml/rubygem-safe_yaml.changes
2016-07-15 12:50:41.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-safe_yaml.new.4811/rubygem-safe_yaml.changes
2019-06-19 21:01:00.642118852 +0200
@@ -1,0 +2,11 @@
+Sat Mar 2 15:37:31 UTC 2019 - Stephan Kulow <[email protected]>
+
+- updated to version 1.0.5
+ see installed CHANGES.md
+
+ 1.0.5
+ -----
+
+ - fixed [#80](https://github.com/dtao/safe_yaml/issues/80): uninitialized
constant DateTime
+
+-------------------------------------------------------------------
Old:
----
safe_yaml-1.0.4.gem
New:
----
safe_yaml-1.0.5.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-safe_yaml.spec ++++++
--- /var/tmp/diff_new_pack.nVGvuM/_old 2019-06-19 21:01:01.494119567 +0200
+++ /var/tmp/diff_new_pack.nVGvuM/_new 2019-06-19 21:01:01.502119574 +0200
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-safe_yaml
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,12 +12,19 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
+#
+# This file was generated with a gem2rpm.yml and not just plain gem2rpm.
+# All sections marked as MANUAL, license headers, summaries and descriptions
+# can be maintained in that file. Please consult this file before editing any
+# of those fields
+#
+
Name: rubygem-safe_yaml
-Version: 1.0.4
+Version: 1.0.5
Release: 0
%define mod_name safe_yaml
%define mod_full_name %{mod_name}-%{version}
@@ -27,7 +34,7 @@
BuildRequires: ruby-macros >= 5
BuildRequires: update-alternatives
Url: https://github.com/dtao/safe_yaml
-Source: http://rubygems.org/gems/%{mod_full_name}.gem
+Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1: gem2rpm.yml
Summary: SameYAML provides an alternative implementation of YAML.load
License: MIT
++++++ safe_yaml-1.0.4.gem -> safe_yaml-1.0.5.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.gitignore new/.gitignore
--- old/.gitignore 2014-09-29 01:05:35.000000000 +0200
+++ new/.gitignore 2019-02-22 20:07:49.000000000 +0100
@@ -1 +1,3 @@
+*.gem
Gemfile.lock
+spec/store.yaml
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGES.md new/CHANGES.md
--- old/CHANGES.md 2014-09-29 01:05:35.000000000 +0200
+++ new/CHANGES.md 2019-02-22 20:07:49.000000000 +0100
@@ -1,3 +1,8 @@
+1.0.5
+-----
+
+- fixed [#80](https://github.com/dtao/safe_yaml/issues/80): uninitialized
constant DateTime
+
1.0.2
-----
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/safe_yaml/parse/date.rb
new/lib/safe_yaml/parse/date.rb
--- old/lib/safe_yaml/parse/date.rb 2014-09-29 01:05:35.000000000 +0200
+++ new/lib/safe_yaml/parse/date.rb 2019-02-22 20:07:49.000000000 +0100
@@ -1,3 +1,5 @@
+require 'time'
+
module SafeYAML
class Parse
class Date
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/safe_yaml/store.rb new/lib/safe_yaml/store.rb
--- old/lib/safe_yaml/store.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/lib/safe_yaml/store.rb 2019-02-22 20:07:49.000000000 +0100
@@ -0,0 +1,39 @@
+require 'safe_yaml/load'
+require 'yaml/store'
+
+module SafeYAML
+
+ class Store < YAML::Store
+
+ # Override YAML::Store#initialize to accept additional option
+ # +safe_yaml_opts+.
+ def initialize(file_name, yaml_opts = {}, safe_yaml_opts = {})
+ @safe_yaml_opts = safe_yaml_opts
+ super(file_name, yaml_opts)
+ end
+
+ # Override YAML::Store#load to use SafeYAML.load instead of
+ # YAML.load (via #safe_yaml_load).
+ #--
+ # PStore#load is private, while YAML::Store#load is public.
+ #++
+ def load(content)
+ table = safe_yaml_load(content)
+ table == false ? {} : table
+ end
+
+ private
+
+ if SafeYAML::YAML_ENGINE == 'psych'
+ def safe_yaml_load(content)
+ SafeYAML.load(content, nil, @safe_yaml_opts)
+ end
+ else
+ def safe_yaml_load(content)
+ SafeYAML.load(content, @safe_yaml_opts)
+ end
+ end
+
+ end
+
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/safe_yaml/version.rb new/lib/safe_yaml/version.rb
--- old/lib/safe_yaml/version.rb 2014-09-29 01:05:35.000000000 +0200
+++ new/lib/safe_yaml/version.rb 2019-02-22 20:07:49.000000000 +0100
@@ -1,3 +1,3 @@
module SafeYAML
- VERSION = "1.0.4"
+ VERSION = "1.0.5"
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2014-09-29 01:05:35.000000000 +0200
+++ new/metadata 2019-02-22 20:07:49.000000000 +0100
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: safe_yaml
version: !ruby/object:Gem::Version
- version: 1.0.4
+ version: 1.0.5
platform: ruby
authors:
- Dan Tao
autorequire:
bindir: bin
cert_chain: []
-date: 2014-09-28 00:00:00.000000000 Z
+date: 2019-02-22 00:00:00.000000000 Z
dependencies: []
description: Parse YAML safely
email: [email protected]
@@ -17,8 +17,8 @@
extensions: []
extra_rdoc_files: []
files:
-- ".gitignore"
-- ".travis.yml"
+- .gitignore
+- .travis.yml
- CHANGES.md
- Gemfile
- LICENSE.txt
@@ -37,6 +37,7 @@
- lib/safe_yaml/psych_resolver.rb
- lib/safe_yaml/resolver.rb
- lib/safe_yaml/safe_to_ruby_visitor.rb
+- lib/safe_yaml/store.rb
- lib/safe_yaml/syck_hack.rb
- lib/safe_yaml/syck_node_monkeypatch.rb
- lib/safe_yaml/syck_resolver.rb
@@ -60,6 +61,7 @@
- spec/resolver_specs.rb
- spec/safe_yaml_spec.rb
- spec/spec_helper.rb
+- spec/store_spec.rb
- spec/support/exploitable_back_door.rb
- spec/syck_resolver_spec.rb
- spec/transform/base64_spec.rb
@@ -78,17 +80,17 @@
- lib
required_ruby_version: !ruby/object:Gem::Requirement
requirements:
- - - ">="
+ - - '>='
- !ruby/object:Gem::Version
version: 1.8.7
required_rubygems_version: !ruby/object:Gem::Requirement
requirements:
- - - ">="
+ - - '>='
- !ruby/object:Gem::Version
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.1.11
+rubygems_version: 2.6.14
signing_key:
specification_version: 4
summary: SameYAML provides an alternative implementation of YAML.load suitable
for
@@ -103,6 +105,7 @@
- spec/resolver_specs.rb
- spec/safe_yaml_spec.rb
- spec/spec_helper.rb
+- spec/store_spec.rb
- spec/support/exploitable_back_door.rb
- spec/syck_resolver_spec.rb
- spec/transform/base64_spec.rb
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/store_spec.rb new/spec/store_spec.rb
--- old/spec/store_spec.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/spec/store_spec.rb 2019-02-22 20:07:49.000000000 +0100
@@ -0,0 +1,57 @@
+require 'spec_helper'
+
+require 'safe_yaml/store'
+
+describe SafeYAML::Store do
+
+ let(:file) { 'spec/store.yaml' }
+ let(:content) { "--- \nfoo: 42\n:bar: \"party\"\n" }
+
+ before do
+ # Rewrite file on every test, as its contents are potentially modified by
+ # SafeYAML::Store#transaction
+ File.open(file, 'w') { |f| f.write(content) }
+ end
+
+ def expect_safe_load(options = {})
+ load_args = [content, options]
+ load_args.insert(1, nil) if SafeYAML::YAML_ENGINE == 'psych'
+
+ expect(SafeYAML).to receive(:load).with(*load_args).and_call_original
+ expect(YAML).not_to receive(:load)
+ end
+
+ let(:init_args) { [file] }
+ subject { described_class.new(*init_args) }
+
+ it 'should be a YAML::Store' do
+ expect(subject).to be_a(YAML::Store)
+ end
+
+ it 'should be a SafeYAML::Store' do
+ expect(subject).to be_a(SafeYAML::Store)
+ end
+
+ it 'should use SafeYAML.load instead of YAML.load' do
+ expect_safe_load
+ expect(subject.transaction { subject['foo'] }).to eq(42)
+ end
+
+ it 'preserves default SafeYAML behavior' do
+ expect(subject.transaction { subject[:bar] }).to eq(nil)
+ expect(subject.transaction { subject[':bar'] }).to eq('party')
+ end
+
+
+ describe 'with options' do
+
+ let(:init_args) { super().insert(2, :deserialize_symbols => true) }
+
+ it 'should accept options for SafeYAML.load' do
+ expect_safe_load(:deserialize_symbols => true)
+ expect(subject.transaction { subject[:bar] }).to eq('party')
+ end
+
+ end
+
+end
