Fix Interscript for new Psych releases

Psych (the Ruby YAML library) has changed semantics of `YAML.load` frim being `unsafe_load` by default, to being `safe_load`. `safe_load` differs from `unsafe_load` by whitelisting a number of classes. We rely on the old behavior, as some maps contain date in the Date format and Date is not in a whitelisted set. Older versions of Psych may not support a `unsafe_load` method and those versions are chosen for certain older Ruby versions that we support. The question of safety in this case is secondary, since the maps are already executed as Ruby code.
interscript · Dec 4, 2023 · 5e6de36 · 5e6de36
1 parent d7c8e16
commit 5e6de36
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/lib/interscript/dsl.rb b/lib/interscript/dsl.rb
@@ -76,7 +76,12 @@ def self.parse(map_name, reverse: true)
     yaml = if yaml =~ /\A\s*\z/
       {}
     else
-      YAML.load(yaml, filename: exc_fname)
+      unsafe_load = if YAML.respond_to? :unsafe_load
+        :unsafe_load
+      else
+        :load
+      end
+      YAML.public_send(unsafe_load, yaml, filename: exc_fname)
     end
 
     md = Interscript::DSL::Metadata.new(yaml: true, map_name: map_name, library: library) do