Codebase list jekyll / 856522a
Add upstream patch to drop usage of safe_yaml Closes: #1026427 Antonio Terceiro 1 year, 3 months ago
3 changed file(s) with 451 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all
+0
-1
debian/control less more
3131 ruby-redcarpet,
3232 ruby-rouge,
3333 ruby-rspec-mocks,
34 ruby-safe-yaml,
3534 ruby-shoulda,
3635 ruby-simplecov,
3736 ruby-test-unit,
+450
-0
debian/patches/0016-Drop-usage-of-safe_yaml.patch less more
0 From: Antonio Terceiro <terceiro@debian.org>
1 Date: Sat, 21 Jan 2023 23:25:30 -0300
2 Subject: Drop usage of safe_yaml
3
4 Squashed commit of the following:
5
6 commit 9e8b06e55afab8da1bb134a9f5362f403c82f05b
7 Author: f <f@sutty.nl>
8 Date: Sat Aug 21 14:27:31 2021 -0300
9
10 Move YAML loading into Utils
11
12 commit a91a88119e4b77fff26812384970bbb0b7f1be31
13 Author: f <f@sutty.nl>
14 Date: Thu Aug 19 14:45:39 2021 -0300
15
16 Support older Psych versions
17
18 commit b0526242dff12fa4e95ddc0b67efdb73144fb517
19 Author: f@sutty.nl <f@sutty.nl>
20 Date: Thu Aug 19 13:42:39 2021 -0300
21
22 Use Psych as YAML parser
23
24 Source: https://github.com/jekyll/jekyll/pull/8772
25 Additional changes:
26 - Also make the replacement of SafeYAML in lib/jekyll/commands/serve.rb
27 ---
28 features/step_definitions.rb | 2 +-
29 jekyll.gemspec | 1 -
30 lib/jekyll.rb | 4 +---
31 lib/jekyll/commands/serve.rb | 2 +-
32 lib/jekyll/configuration.rb | 2 +-
33 lib/jekyll/convertible.rb | 2 +-
34 lib/jekyll/document.rb | 4 ++--
35 lib/jekyll/readers/data_reader.rb | 2 +-
36 lib/jekyll/regenerator.rb | 2 +-
37 lib/jekyll/site.rb | 2 +-
38 lib/jekyll/utils.rb | 14 +++++++++++++
39 rake/site.rake | 4 ++--
40 test/test_commands_serve.rb | 2 +-
41 test/test_configuration.rb | 42 +++++++++++++++++++--------------------
42 test/test_site.rb | 14 ++++++-------
43 15 files changed, 55 insertions(+), 44 deletions(-)
44
45 diff --git a/features/step_definitions.rb b/features/step_definitions.rb
46 index 616ab0b..2ff3fe4 100644
47 --- a/features/step_definitions.rb
48 +++ b/features/step_definitions.rb
49 @@ -159,7 +159,7 @@ end
50 Given(%r!^I have a configuration file with "(.*)" set to "(.*)"$!) do |key, value|
51 config = \
52 if source_dir.join("_config.yml").exist?
53 - SafeYAML.load_file(source_dir.join("_config.yml"))
54 + Jekyll::Utils.safe_load_yaml_file(source_dir.join("_config.yml"))
55 else
56 {}
57 end
58 diff --git a/jekyll.gemspec b/jekyll.gemspec
59 index 7057b81..ea0613e 100644
60 --- a/jekyll.gemspec
61 +++ b/jekyll.gemspec
62 @@ -44,7 +44,6 @@ Gem::Specification.new do |s|
63 s.add_runtime_dependency("mercenary", ">= 0.3.6", "< 0.5")
64 s.add_runtime_dependency("pathutil", "~> 0.9")
65 s.add_runtime_dependency("rouge", ">= 3.0", "< 5.0")
66 - s.add_runtime_dependency("safe_yaml", "~> 1.0")
67 s.add_runtime_dependency("terminal-table", ">= 1.8", "< 4.0")
68 s.add_runtime_dependency("webrick", "~> 1.7")
69 end
70 diff --git a/lib/jekyll.rb b/lib/jekyll.rb
71 index 496a810..9ba7173 100644
72 --- a/lib/jekyll.rb
73 +++ b/lib/jekyll.rb
74 @@ -27,18 +27,16 @@ require "logger"
75 require "set"
76 require "csv"
77 require "json"
78 +require "psych"
79
80 # 3rd party
81 require "pathutil"
82 require "addressable/uri"
83 -require "safe_yaml/load"
84 require "liquid"
85 require "kramdown"
86 require "colorator"
87 require "i18n"
88
89 -SafeYAML::OPTIONS[:suppress_warnings] = true
90 -
91 module Jekyll
92 # internal requires
93 autoload :Cleaner, "jekyll/cleaner"
94 diff --git a/lib/jekyll/commands/serve.rb b/lib/jekyll/commands/serve.rb
95 index 4600130..896d6ef 100644
96 --- a/lib/jekyll/commands/serve.rb
97 +++ b/lib/jekyll/commands/serve.rb
98 @@ -355,7 +355,7 @@ module Jekyll
99 end
100
101 def mime_types_charset
102 - SafeYAML.load_file(File.expand_path("serve/mime_types_charset.json", __dir__))
103 + Jekyll::Utils.safe_load_yaml_file(File.expand_path("serve/mime_types_charset.json", __dir__))
104 end
105
106 def read_file(source_dir, file_path)
107 diff --git a/lib/jekyll/configuration.rb b/lib/jekyll/configuration.rb
108 index 9b2fbff..8b5ff1e 100644
109 --- a/lib/jekyll/configuration.rb
110 +++ b/lib/jekyll/configuration.rb
111 @@ -126,7 +126,7 @@ module Jekyll
112 Jekyll::External.require_with_graceful_fail("tomlrb") unless defined?(Tomlrb)
113 Tomlrb.load_file(filename)
114 when %r!\.ya?ml!i
115 - SafeYAML.load_file(filename) || {}
116 + Jekyll::Utils.safe_load_yaml_file(filename) || {}
117 else
118 raise ArgumentError,
119 "No parser for '#{filename}' is available. Use a .y(a)ml or .toml file instead."
120 diff --git a/lib/jekyll/convertible.rb b/lib/jekyll/convertible.rb
121 index b9f7a93..076539c 100644
122 --- a/lib/jekyll/convertible.rb
123 +++ b/lib/jekyll/convertible.rb
124 @@ -42,7 +42,7 @@ module Jekyll
125 self.content = File.read(filename, **Utils.merged_file_read_opts(site, opts))
126 if content =~ Document::YAML_FRONT_MATTER_REGEXP
127 self.content = Regexp.last_match.post_match
128 - self.data = SafeYAML.load(Regexp.last_match(1))
129 + self.data = Jekyll::Utils.safe_load_yaml(Regexp.last_match(1))
130 end
131 rescue Psych::SyntaxError => e
132 Jekyll.logger.warn "YAML Exception reading #{filename}: #{e.message}"
133 diff --git a/lib/jekyll/document.rb b/lib/jekyll/document.rb
134 index 2e39024..6dd1d88 100644
135 --- a/lib/jekyll/document.rb
136 +++ b/lib/jekyll/document.rb
137 @@ -300,7 +300,7 @@ module Jekyll
138 Jekyll.logger.debug "Reading:", relative_path
139
140 if yaml_file?
141 - @data = SafeYAML.load_file(path)
142 + @data = Jekyll::Utils.safe_load_yaml_file(path, :read_opts => site.file_read_opts)
143 else
144 begin
145 merge_defaults
146 @@ -483,7 +483,7 @@ module Jekyll
147 self.content = File.read(path, **Utils.merged_file_read_opts(site, opts))
148 if content =~ YAML_FRONT_MATTER_REGEXP
149 self.content = Regexp.last_match.post_match
150 - data_file = SafeYAML.load(Regexp.last_match(1))
151 + data_file = Jekyll::Utils.safe_load_yaml(Regexp.last_match(1))
152 merge_data!(data_file, :source => "YAML front matter") if data_file
153 end
154 end
155 diff --git a/lib/jekyll/readers/data_reader.rb b/lib/jekyll/readers/data_reader.rb
156 index 80b57bd..cde6688 100644
157 --- a/lib/jekyll/readers/data_reader.rb
158 +++ b/lib/jekyll/readers/data_reader.rb
159 @@ -63,7 +63,7 @@ module Jekyll
160 when ".tsv"
161 CSV.read(path, **tsv_config).map { |row| convert_row(row) }
162 else
163 - SafeYAML.load_file(path)
164 + Jekyll::Utils.safe_load_yaml_file(path, :read_opts => site.file_read_opts)
165 end
166 end
167
168 diff --git a/lib/jekyll/regenerator.rb b/lib/jekyll/regenerator.rb
169 index 88c6a81..dbd1114 100644
170 --- a/lib/jekyll/regenerator.rb
171 +++ b/lib/jekyll/regenerator.rb
172 @@ -152,7 +152,7 @@ module Jekyll
173 begin
174 Marshal.load(content)
175 rescue TypeError
176 - SafeYAML.load(content)
177 + Jekyll::Utils.safe_load_yaml(content)
178 rescue ArgumentError => e
179 Jekyll.logger.warn("Failed to load #{metadata_file}: #{e}")
180 {}
181 diff --git a/lib/jekyll/site.rb b/lib/jekyll/site.rb
182 index d6c5a0b..3757e04 100644
183 --- a/lib/jekyll/site.rb
184 +++ b/lib/jekyll/site.rb
185 @@ -471,7 +471,7 @@ module Jekyll
186 # Bail out if the theme_config_file is a symlink file irrespective of safe mode
187 return config if File.symlink?(theme_config_file)
188
189 - theme_config = SafeYAML.load_file(theme_config_file)
190 + theme_config = Jekyll::Utils.safe_load_yaml_file(theme_config_file, :read_opts => file_read_opts)
191 return config unless theme_config.is_a?(Hash)
192
193 Jekyll.logger.info "Theme Config file:", theme_config_file
194 diff --git a/lib/jekyll/utils.rb b/lib/jekyll/utils.rb
195 index 2a96527..0dfe2ec 100644
196 --- a/lib/jekyll/utils.rb
197 +++ b/lib/jekyll/utils.rb
198 @@ -316,6 +316,20 @@ module Jekyll
199 merged
200 end
201
202 + # Safely load YAML strings
203 + def safe_load_yaml(yaml)
204 + Psych.safe_load(yaml, :permitted_classes => [Date, Time])
205 + rescue ArgumentError
206 + # Psych versions < 3.1 had a different safe_load API and used
207 + # problematic language.
208 + Psych.safe_load(yaml, [Date, Time])
209 + end
210 +
211 + # Reads file contents and safely loads YAML
212 + def safe_load_yaml_file(filename, read_opts = {})
213 + safe_load_yaml(File.read(filename, **read_opts))
214 + end
215 +
216 private
217
218 def merge_values(target, overwrite)
219 diff --git a/rake/site.rake b/rake/site.rake
220 index 9e89847..e1f1065 100644
221 --- a/rake/site.rake
222 +++ b/rake/site.rake
223 @@ -92,9 +92,9 @@ namespace :site do
224 desc "Write the latest Jekyll version"
225 task :latest_version do
226 next if version =~ %r!(beta|rc|alpha)!i
227 - require "safe_yaml/load"
228 + require "jekyll/yaml"
229 config_file = File.join(docs_folder, "_config.yml")
230 - config = SafeYAML.load_file(config_file)
231 + config = Jekyll::Utils.safe_load_yaml_file(config_file)
232 config["version"] = version
233 File.write(config_file, YAML.dump(config))
234 File.open("#{docs_folder}/latest_version.txt", "wb") { |f| f.puts(version) }
235 diff --git a/test/test_commands_serve.rb b/test/test_commands_serve.rb
236 index fe9d972..632a5ab 100644
237 --- a/test/test_commands_serve.rb
238 +++ b/test/test_commands_serve.rb
239 @@ -143,7 +143,7 @@ class TestCommandsServe < JekyllUnitTest
240 )
241 end
242 Jekyll.sites.clear
243 - allow(SafeYAML).to receive(:load_file).and_return({})
244 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).and_return({})
245 allow(Jekyll::Commands::Build).to receive(:build).and_return("")
246 end
247 teardown do
248 diff --git a/test/test_configuration.rb b/test/test_configuration.rb
249 index a865e79..da8e34e 100644
250 --- a/test/test_configuration.rb
251 +++ b/test/test_configuration.rb
252 @@ -205,7 +205,7 @@ class TestConfiguration < JekyllUnitTest
253 end
254
255 should "not raise an error on empty files" do
256 - allow(SafeYAML).to receive(:load_file).with(File.expand_path("empty.yml")).and_return(false)
257 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(File.expand_path("empty.yml")).and_return(false)
258 Jekyll.logger.log_level = :warn
259 @config.read_config_file("empty.yml")
260 Jekyll.logger.log_level = :info
261 @@ -218,8 +218,8 @@ class TestConfiguration < JekyllUnitTest
262 end
263
264 should "continue to read config files if one is empty" do
265 - allow(SafeYAML).to receive(:load_file).with(File.expand_path("empty.yml")).and_return(false)
266 - allow(SafeYAML).to receive(:load_file).with(File.expand_path("not_empty.yml")).and_return(
267 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(File.expand_path("empty.yml")).and_return(false)
268 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(File.expand_path("not_empty.yml")).and_return(
269 "foo" => "bar"
270 )
271 Jekyll.logger.log_level = :warn
272 @@ -279,7 +279,7 @@ class TestConfiguration < JekyllUnitTest
273 end
274
275 should "fire warning with no _config.yml" do
276 - allow(SafeYAML).to receive(:load_file).with(@path) do
277 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@path) do
278 raise SystemCallError, "No such file or directory - #{@path}"
279 end
280 allow($stderr).to receive(:puts).with(
281 @@ -289,13 +289,13 @@ class TestConfiguration < JekyllUnitTest
282 end
283
284 should "load configuration as hash" do
285 - allow(SafeYAML).to receive(:load_file).with(@path).and_return({})
286 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@path).and_return({})
287 allow($stdout).to receive(:puts).with("Configuration file: #{@path}")
288 assert_equal site_configuration, Jekyll.configuration(test_config)
289 end
290
291 should "fire warning with bad config" do
292 - allow(SafeYAML).to receive(:load_file).with(@path).and_return([])
293 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@path).and_return([])
294 allow($stderr)
295 .to receive(:puts)
296 .and_return(
297 @@ -309,7 +309,7 @@ class TestConfiguration < JekyllUnitTest
298 end
299
300 should "fire warning when user-specified config file isn't there" do
301 - allow(SafeYAML).to receive(:load_file).with(@user_config) do
302 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@user_config) do
303 raise SystemCallError, "No such file or directory - #{@user_config}"
304 end
305 allow($stderr)
306 @@ -325,7 +325,7 @@ class TestConfiguration < JekyllUnitTest
307
308 should "not clobber YAML.load to the dismay of other libraries" do
309 assert_equal :foo, YAML.load(":foo")
310 - # as opposed to: assert_equal ':foo', SafeYAML.load(':foo')
311 + # as opposed to: assert_equal ':foo', Jekyll::Utils.safe_load_yaml(':foo')
312 end
313 end
314
315 @@ -340,14 +340,14 @@ class TestConfiguration < JekyllUnitTest
316 end
317
318 should "load default plus posts config if no config_file is set" do
319 - allow(SafeYAML).to receive(:load_file).with(@paths[:default]).and_return({})
320 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@paths[:default]).and_return({})
321 allow($stdout).to receive(:puts).with("Configuration file: #{@paths[:default]}")
322 assert_equal site_configuration, Jekyll.configuration(test_config)
323 end
324
325 should "load different config if specified" do
326 - allow(SafeYAML)
327 - .to receive(:load_file)
328 + allow(Jekyll::Utils)
329 + .to receive(:safe_load_yaml_file)
330 .with(@paths[:other])
331 .and_return("baseurl" => "http://example.com")
332 allow($stdout).to receive(:puts).with("Configuration file: #{@paths[:other]}")
333 @@ -360,9 +360,9 @@ class TestConfiguration < JekyllUnitTest
334 end
335
336 should "load different config if specified with symbol key" do
337 - allow(SafeYAML).to receive(:load_file).with(@paths[:default]).and_return({})
338 - allow(SafeYAML)
339 - .to receive(:load_file)
340 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@paths[:default]).and_return({})
341 + allow(Jekyll::Utils)
342 + .to receive(:safe_load_yaml_file)
343 .with(@paths[:other])
344 .and_return("baseurl" => "http://example.com")
345 allow($stdout).to receive(:puts).with("Configuration file: #{@paths[:other]}")
346 @@ -375,7 +375,7 @@ class TestConfiguration < JekyllUnitTest
347 end
348
349 should "load default config if path passed is empty" do
350 - allow(SafeYAML).to receive(:load_file).with(@paths[:default]).and_return({})
351 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@paths[:default]).and_return({})
352 allow($stdout).to receive(:puts).with("Configuration file: #{@paths[:default]}")
353 assert_equal \
354 site_configuration("config" => [@paths[:empty]]),
355 @@ -397,8 +397,8 @@ class TestConfiguration < JekyllUnitTest
356 should "load multiple config files" do
357 External.require_with_graceful_fail("tomlrb")
358
359 - allow(SafeYAML).to receive(:load_file).with(@paths[:default]).and_return({})
360 - allow(SafeYAML).to receive(:load_file).with(@paths[:other]).and_return({})
361 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@paths[:default]).and_return({})
362 + allow(Jekyll::Utils).to receive(:safe_load_yaml_file).with(@paths[:other]).and_return({})
363 allow(Tomlrb).to receive(:load_file).with(@paths[:toml]).and_return({})
364 allow($stdout).to receive(:puts).with("Configuration file: #{@paths[:default]}")
365 allow($stdout).to receive(:puts).with("Configuration file: #{@paths[:other]}")
366 @@ -416,12 +416,12 @@ class TestConfiguration < JekyllUnitTest
367 end
368
369 should "load multiple config files and last config should win" do
370 - allow(SafeYAML)
371 - .to receive(:load_file)
372 + allow(Jekyll::Utils)
373 + .to receive(:safe_load_yaml_file)
374 .with(@paths[:default])
375 .and_return("baseurl" => "http://example.dev")
376 - allow(SafeYAML)
377 - .to receive(:load_file)
378 + allow(Jekyll::Utils)
379 + .to receive(:safe_load_yaml_file)
380 .with(@paths[:other])
381 .and_return("baseurl" => "http://example.com")
382 allow($stdout)
383 diff --git a/test/test_site.rb b/test/test_site.rb
384 index bf437ca..f26b993 100644
385 --- a/test/test_site.rb
386 +++ b/test/test_site.rb
387 @@ -490,7 +490,7 @@ class TestSite < JekyllUnitTest
388 site = Site.new(site_configuration)
389 site.process
390
391 - file_content = SafeYAML.load_file(File.join(source_dir, "_data", "members.yaml"))
392 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(source_dir, "_data", "members.yaml"))
393
394 assert_equal site.data["members"], file_content
395 assert_equal site.site_payload["site"]["data"]["members"], file_content
396 @@ -511,7 +511,7 @@ class TestSite < JekyllUnitTest
397 site = Site.new(site_configuration)
398 site.process
399
400 - file_content = SafeYAML.load_file(File.join(source_dir, "_data", "languages.yml"))
401 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(source_dir, "_data", "languages.yml"))
402
403 assert_equal site.data["languages"], file_content
404 assert_equal site.site_payload["site"]["data"]["languages"], file_content
405 @@ -521,7 +521,7 @@ class TestSite < JekyllUnitTest
406 site = Site.new(site_configuration)
407 site.process
408
409 - file_content = SafeYAML.load_file(File.join(source_dir, "_data", "members.json"))
410 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(source_dir, "_data", "members.json"))
411
412 assert_equal site.data["members"], file_content
413 assert_equal site.site_payload["site"]["data"]["members"], file_content
414 @@ -531,7 +531,7 @@ class TestSite < JekyllUnitTest
415 site = Site.new(site_configuration)
416 site.process
417
418 - file_content = SafeYAML.load_file(File.join(
419 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(
420 source_dir, "_data", "categories", "dairy.yaml"
421 ))
422
423 @@ -546,7 +546,7 @@ class TestSite < JekyllUnitTest
424 site = Site.new(site_configuration)
425 site.process
426
427 - file_content = SafeYAML.load_file(File.join(
428 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(
429 source_dir, "_data", "categories.01", "dairy.yaml"
430 ))
431
432 @@ -561,7 +561,7 @@ class TestSite < JekyllUnitTest
433 site = Site.new(site_configuration("safe" => false))
434 site.process
435
436 - file_content = SafeYAML.load_file(File.join(source_dir, "_data", "products.yml"))
437 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(source_dir, "_data", "products.yml"))
438
439 assert_equal site.data["products"], file_content
440 assert_equal site.site_payload["site"]["data"]["products"], file_content
441 @@ -571,7 +571,7 @@ class TestSite < JekyllUnitTest
442 "as they resolve to inside site.source" do
443 site = Site.new(site_configuration("safe" => true))
444 site.process
445 - file_content = SafeYAML.load_file(File.join(source_dir, "_data", "products.yml"))
446 + file_content = Jekyll::Utils.safe_load_yaml_file(File.join(source_dir, "_data", "products.yml"))
447 assert_equal site.data["products"], file_content
448 assert_equal site.site_payload["site"]["data"]["products"], file_content
449 end
+1
-0
debian/patches/series less more
1212 0013-Skip-failing-tests.patch
1313 0014-test-test_plugin_manager.rb-skip-test-that-requires-.patch
1414 0015-jekyll-new-don-t-install-stuff-from-the-internet.patch
15 0016-Drop-usage-of-safe_yaml.patch