Your message dated Sun, 24 Sep 2023 19:47:08 +0000
with message-id <[email protected]>
and subject line Bug#1050867: fixed in jekyll 4.3.1+dfsg-3+deb12u1
has caused the Debian Bug report #1050867,
regarding support for YAML aliases broken by switch from safe_yaml to Psych
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1050867: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050867
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: jekyll
Version: 4.3.1+dfsg-2
Severity: normal
Tags: patch
Dear Maintainers,
In jekyll 4.3.1+dfsg-1, a Debian-specific patch was added to rely on Psych
instead of safe_yaml for reading YAML files (see #1026427).
This change has however broken support for YAML aliases. More precisely, I’m no
longer able to use the minimal-mistakes theme, because this theme triggers the
parsing of the following YAML file:
https://github.com/mmistakes/minimal-mistakes/blob/master/_data/ui-text.yml
This YAML file has aliases (symbol names starting with an ampersand), which are
not supported by the Psych.safe_load() method with its default arguments. I
thus get this error message (truncated trace):
/usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:430:in `visit_Psych_Nodes_Alias':
Unknown alias: DEFAULT_EN (Psych::BadAlias)
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:345:in `block in
revive_hash'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `each'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `each_slice'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `revive_hash'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:167:in
`visit_Psych_Nodes_Mapping'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:345:in `block in
revive_hash'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `each'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `each_slice'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `revive_hash'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:167:in
`visit_Psych_Nodes_Mapping'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:318:in
`visit_Psych_Nodes_Document'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
from /usr/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
from /usr/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
from /usr/lib/ruby/3.1.0/psych.rb:335:in `safe_load'
from
/usr/share/rubygems-integration/all/gems/jekyll-4.3.1/lib/jekyll/utils.rb:321:in
`safe_load_yaml'
from
/usr/share/rubygems-integration/all/gems/jekyll-4.3.1/lib/jekyll/utils.rb:330:in
`safe_load_yaml_file'
[…]
An easy fix is to explicitly allow aliases. I attach a patch (which must be
applied on top of 0016-Drop-usage-of-safe_yaml.patch).
Thanks for your work,
--
⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁ Debian Developer
⢿⡄⠘⠷⠚⠋⠀ https://sebastien.villemot.name
⠈⠳⣄⠀⠀⠀⠀ https://www.debian.org
--- /usr/share/rubygems-integration/all/gems/jekyll-4.3.1/lib/jekyll/utils.rb
2023-04-16 23:35:56.000000000 +0200
+++ utils.rb 2023-08-30 15:56:26.028936881 +0200
@@ -318,7 +318,7 @@
# Safely load YAML strings
def safe_load_yaml(yaml)
- Psych.safe_load(yaml, :permitted_classes => [Date, Time])
+ Psych.safe_load(yaml, :permitted_classes => [Date, Time], aliases: true)
rescue ArgumentError
# Psych versions < 3.1 had a different safe_load API and used
# problematic language.
--- End Message ---
--- Begin Message ---
Source: jekyll
Source-Version: 4.3.1+dfsg-3+deb12u1
Done: Antonio Terceiro <[email protected]>
We believe that the bug you reported is fixed in the latest version of
jekyll, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Antonio Terceiro <[email protected]> (supplier of updated jekyll package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 05 Sep 2023 19:37:14 -0300
Source: jekyll
Architecture: source
Version: 4.3.1+dfsg-3+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Ruby Team
<[email protected]>
Changed-By: Antonio Terceiro <[email protected]>
Closes: 1050867
Changes:
jekyll (4.3.1+dfsg-3+deb12u1) bookworm; urgency=medium
.
[ Sébastien Villemot ]
* Allow YAML aliases (Closes: #1050867)
Checksums-Sha1:
7efd4f346da1f1283838e0b22eff0c7beb3ab9d3 2743 jekyll_4.3.1+dfsg-3+deb12u1.dsc
b9bc612f75ac3a084d9ac458271570074203f13b 39856
jekyll_4.3.1+dfsg-3+deb12u1.debian.tar.xz
694872dc2ea03708b3cd7482b9e96ad3df059098 25686
jekyll_4.3.1+dfsg-3+deb12u1_source.buildinfo
Checksums-Sha256:
7de4f48476d19ea41cd2a0e174a9eaaf42ac9fd81f258aecb1776f32d0d4c7b0 2743
jekyll_4.3.1+dfsg-3+deb12u1.dsc
67c967f79c6d348a8dc49732f364cbc99942a3a6e43a4d60691ff5dc24692f35 39856
jekyll_4.3.1+dfsg-3+deb12u1.debian.tar.xz
ec254ccff5324bb70165eed3a549204725dadc70166a6676122f168a0eaafadc 25686
jekyll_4.3.1+dfsg-3+deb12u1_source.buildinfo
Files:
a6560546b1a99fbbb835447d4747f1e6 2743 web optional
jekyll_4.3.1+dfsg-3+deb12u1.dsc
25870019f019d53fe64e18cbf507dac5 39856 web optional
jekyll_4.3.1+dfsg-3+deb12u1.debian.tar.xz
eb0ab3fac6fe7505d2a092a8c2d4b1d4 25686 web optional
jekyll_4.3.1+dfsg-3+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAmUPdOAACgkQ/A2xu81G
C94UnQ/7BgLvy7+XK4cxYhoVn1W3FwvZ1ogUnRAd4mcxYBsoCsC65UGJNOgFC3t7
lrnEIMFQtjbhHEohuv9tv2iFJPCo5icdvFrD2F9U0axZg4+q0oZYwjDdoDGgwaxB
78iaWqpMWwDuHc3rTZQnyhvZTMlrZTthmoVpf3hAsd6MfJIz0PeKUdgTNO+ybe5r
afW17STlGDZnVGXg7o1BXzqB2LVHLeucTVr/LJe8t3OHPPmHUJk4L8+S2P6vxQMR
kHSKqZNSukpstPDvQfraF1Ww6hQ62ros02yLCRv5xWUEct9Ur7+b5pluC4adXCBT
HJW+46rVmQhmnXzJ2Ny7aQ0YNog3kiGuMjxeUUnM6YKv61BnvsN9tZAEddETrnMG
nSbhRTMk7DBGs7ki0BJehDkQa/fHCuZOCgv1Swwz/8ju6BecNV5f9401qp2j3U3x
D3OdLzqoa1nI8+vl4z7byVbZEBceGm37sa9AJlD5GFVYL3fnk1cWmL1dmJ2P0r5O
Sye4Iz1IPzkK79y1S+/rxL0YyYSoDzJdrP7gRNQxXuBRLtVnMn7dL2RqbyWIE1hf
xQRsbCmhwf9vBt0ODRjo5VYwFr5SbmvgJgkm+/rG8/CnSRM3SFDIZ3iJYD8L+4d9
W1Jdfl+J8yKHBnQrdxy8yhgrmLHsa4Ztp+MH+rhyUfLoyrpkEko=
=0Fte
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Pkg-ruby-extras-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
