File: safe_yaml.rb

package info (click to toggle)
ruby2.3 2.3.3-1%2Bdeb9u8
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 65,344 kB
  • sloc: ruby: 639,947; ansic: 317,772; xml: 25,445; yacc: 9,068; javascript: 6,648; lisp: 2,568; tcl: 949; makefile: 623; sh: 533; perl: 62; sed: 53; python: 47; awk: 36; asm: 35
file content (48 lines) | stat: -rw-r--r-- 1,135 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
module Gem

  ###
  # This module is used for safely loading YAML specs from a gem.  The
  # `safe_load` method defined on this module is specifically designed for
  # loading Gem specifications.  For loading other YAML safely, please see
  # Psych.safe_load

  module SafeYAML
    WHITELISTED_CLASSES = %w(
      Symbol
      Time
      Date
      Gem::Dependency
      Gem::Platform
      Gem::Requirement
      Gem::Specification
      Gem::Version
      Gem::Version::Requirement
      YAML::Syck::DefaultKey
      Syck::DefaultKey
    )

    WHITELISTED_SYMBOLS = %w(
      development
      runtime
    )

    if ::YAML.respond_to? :safe_load
      def self.safe_load input
        ::YAML.safe_load(input, WHITELISTED_CLASSES, WHITELISTED_SYMBOLS, true)
      end

      def self.load input
        ::YAML.safe_load(input, [::Symbol])
      end
    else
      warn "YAML safe loading is not available. Please upgrade psych to a version that supports safe loading (>= 2.0)."
      def self.safe_load input, *args
        ::YAML.load input
      end

      def self.load input
        ::YAML.load input
      end
    end
  end
end