Release of psych-4.0.0 breaks library with Date DisallowedClass
poloka opened this issue · 8 comments
poloka commented
Upon release of psych-4.0.0, receiving the following error from bundler-audit
Tried to load unspecified class: Date (Psych::DisallowedClass)
stack trace
> bundler-audit
Traceback (most recent call last):
46: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/bin/ruby_executable_hooks:22:in `<main>'
45: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/bin/ruby_executable_hooks:22:in `eval'
44: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/bin/bundler-audit:23:in `<main>'
43: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/bin/bundler-audit:23:in `load'
42: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/bin/bundler-audit:3:in `<top (required)>'
41: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/bin/bundler-audit:3:in `load'
40: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/bin/bundle-audit:10:in `<top (required)>'
39: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/thor-0.20.3/lib/thor/base.rb:466:in `start'
38: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/thor-0.20.3/lib/thor.rb:387:in `dispatch'
37: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/thor-0.20.3/lib/thor/invocation.rb:126:in `invoke_command'
36: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/thor-0.20.3/lib/thor/command.rb:27:in `run'
35: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/cli.rb:44:in `check'
34: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/scanner.rb:75:in `scan'
33: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/scanner.rb:149:in `scan_specs'
32: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/scanner.rb:149:in `each'
31: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/scanner.rb:150:in `block in scan_specs'
30: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/database.rb:187:in `check_gem'
29: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/database.rb:163:in `advisories_for'
28: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/database.rb:252:in `each_advisory_path_for'
27: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/database.rb:252:in `glob'
26: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/database.rb:164:in `block in advisories_for'
25: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/bundler-audit-0.7.0.1/lib/bundler/audit/advisory.rb:48:in `load'
24: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych.rb:586:in `safe_load_file'
23: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych.rb:586:in `open'
22: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych.rb:587:in `block in safe_load_file'
21: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych.rb:334:in `safe_load'
20: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:35:in `accept'
19: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/visitor.rb:6:in `accept'
18: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/visitor.rb:30:in `visit'
17: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:318:in `visit_Psych_Nodes_Document'
16: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:35:in `accept'
15: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/visitor.rb:6:in `accept'
14: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/visitor.rb:30:in `visit'
13: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:167:in `visit_Psych_Nodes_Mapping'
12: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:343:in `revive_hash'
11: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:343:in `each_slice'
10: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:343:in `each'
9: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:345:in `block in revive_hash'
8: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:35:in `accept'
7: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/visitor.rb:6:in `accept'
6: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/visitor.rb:30:in `visit'
5: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:128:in `visit_Psych_Nodes_Scalar'
4: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/visitors/to_ruby.rb:65:in `deserialize'
3: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/scalar_scanner.rb:60:in `tokenize'
2: from (eval):2:in `date'
1: from /Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/class_loader.rb:28:in `load'
/Users/gh7199/.rvm/gems/ruby-2.6.6@orion_github_bot/gems/psych-4.0.0/lib/psych/class_loader.rb:99:in `find': Tried to load unspecified class: Date (Psych::DisallowedClass)
poloka commented
Logged an issue to psych as well in case this is resolved by a change with their library. This issue will need to remain in case there is a needed change to the date format.
ruby/psych#489
mvz commented
I think this is fixed by a6f7e46. No, the code after that fix is still incompatible with Psych 4.
alec-c4 commented
hey, any news with this issue?
dmolesUC commented
I'm getting this in CI when I try to run bundler-audit on ruby-head (3.1.0dev). Ruby 3 stable (3.0.2) doesn't have the problem. I'm not seeing Psych anywhere in my Gemfile.lock, so I assume it's part of the Ruby installation.
postmodern commented
postmodern commented
Just updated the usage of YAML.safe_load to use the permitted_classes: keyword in 20e6b81. It appears that in Psych 4.0.0 they finally removed the legacy_permitted_classes positional argument.
postmodern commented
Due to my tests bundling psych 4.x and bundler-audit from git, the 20e6b81 commit fixes this. Marking as closed and will be released in 0.9.0 today.
postmodern commented
bundler-audit-0.9.0 has been pushed to rubygems.org.