Module: Gem::SafeYAML

Defined in:
lib/rubygems/safe_yaml.rb

Overview

This module is used for safely loading YAML specs from a gem. The `safe_load` method defined on this module is specifically designed for loading Gem specifications. For loading other YAML safely, please see Psych.safe_load

Constant Summary collapse

PERMITTED_CLASSES =
%w[
  Symbol
  Time
  Date
  Gem::Dependency
  Gem::Platform
  Gem::Requirement
  Gem::Specification
  Gem::Version
  Gem::Version::Requirement
].freeze
PERMITTED_SYMBOLS =
%w[
  development
  runtime
].freeze

Class Method Summary collapse

Class Method Details

.load(input) ⇒ Object



36
37
38
39
40
41
42
# File 'lib/rubygems/safe_yaml.rb', line 36

def self.load(input)
  if Gem::Version.new(Psych::VERSION) >= Gem::Version.new("3.1.0.pre1")
    ::Psych.safe_load(input, permitted_classes: [::Symbol])
  else
    ::Psych.safe_load(input, [::Symbol])
  end
end

.safe_load(input, *args) ⇒ Object



28
29
30
31
32
33
34
# File 'lib/rubygems/safe_yaml.rb', line 28

def self.safe_load(input)
  if Gem::Version.new(Psych::VERSION) >= Gem::Version.new("3.1.0.pre1")
    ::Psych.safe_load(input, permitted_classes: PERMITTED_CLASSES, permitted_symbols: PERMITTED_SYMBOLS, aliases: true)
  else
    ::Psych.safe_load(input, PERMITTED_CLASSES, PERMITTED_SYMBOLS, true)
  end
end