Skip to content

Commit

Permalink
Merge pull request #406 from rock-core/fix_yaml_safe_load
Browse files Browse the repository at this point in the history 
Fix yaml safe load
  • Loading branch information
@g-arjones
g-arjones authored Jul 11, 2024
2 parents 1c0a06c + 078588a commit fbbb95d
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 16 deletions.
12 changes: 10 additions & 2 deletions bin/autoproj_bootstrap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,14 +264,22 @@ module Autoproj
# @param [String] autoproj_version a constraint on the autoproj version
# that should be used
# @return [String]
def default_gemfile_contents(autoproj_version = ">= 2.16.0")
def default_gemfile_contents(autoproj_version = ">= 2.17.0")
["source \"#{gem_source}\"",
"ruby \"#{RUBY_VERSION}\" if respond_to?(:ruby)",
"gem \"autoproj\", \"#{autoproj_version}\""].join("\n")
end

def load_yaml(contents)
if Gem::Version.new(Psych::VERSION) >= Gem::Version.new("3.1.0")
YAML.safe_load(contents, permitted_classes: [Symbol])
else
YAML.safe_load(contents, [Symbol])
end
end

def add_seed_config(path)
@config.merge!(YAML.safe_load(File.read(path), [Symbol]))
@config.merge!(load_yaml(File.read(path)))
end

# Parse the provided command line options and returns the non-options
Expand Down
12 changes: 10 additions & 2 deletions bin/autoproj_install
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,14 +264,22 @@ module Autoproj
# @param [String] autoproj_version a constraint on the autoproj version
# that should be used
# @return [String]
def default_gemfile_contents(autoproj_version = ">= 2.16.0")
def default_gemfile_contents(autoproj_version = ">= 2.17.0")
["source \"#{gem_source}\"",
"ruby \"#{RUBY_VERSION}\" if respond_to?(:ruby)",
"gem \"autoproj\", \"#{autoproj_version}\""].join("\n")
end

def load_yaml(contents)
if Gem::Version.new(Psych::VERSION) >= Gem::Version.new("3.1.0")
YAML.safe_load(contents, permitted_classes: [Symbol])
else
YAML.safe_load(contents, [Symbol])
end
end

def add_seed_config(path)
@config.merge!(YAML.safe_load(File.read(path), [Symbol]))
@config.merge!(load_yaml(File.read(path)))
end

# Parse the provided command line options and returns the non-options
Expand Down
10 changes: 9 additions & 1 deletion lib/autoproj/ops/install.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,8 +260,16 @@ def default_gemfile_contents(autoproj_version = ">= #{Autoproj::VERSION}")
"gem \"autoproj\", \"#{autoproj_version}\""].join("\n")
end

def load_yaml(contents)
if Gem::Version.new(Psych::VERSION) >= Gem::Version.new("3.1.0")
YAML.safe_load(contents, permitted_classes: [Symbol])
else
YAML.safe_load(contents, [Symbol])
end
end

def add_seed_config(path)
@config.merge!(YAML.safe_load(File.read(path), [Symbol]))
@config.merge!(load_yaml(File.read(path)))
end

# Parse the provided command line options and returns the non-options
Expand Down
22 changes: 11 additions & 11 deletions test/ops/test_install.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,35 +228,35 @@ module Ops
it "picks a specific bundler version as passed in the seed config" do
seed_config_path = File.join(make_tmpdir, "config.yml")
File.open(seed_config_path, "w") do |io|
YAML.dump({ "bundler_version" => "2.0.1" }, io)
YAML.dump({ "bundler_version" => "2.3.5" }, io)
end

dir, = invoke_test_script(
"install.sh", "--seed-config", seed_config_path
)
assert_match(/2.0.1/, `#{dir}/.autoproj/bin/bundle --version`.strip)
assert_match(/2.3.5/, `#{dir}/.autoproj/bin/bundle --version`.strip)
end

it "picks a specific bundler version as passed on the command line" do
dir, = invoke_test_script("install.sh", "--bundler-version", "2.0.1")
assert_match(/2.0.1/, `#{dir}/.autoproj/bin/bundle --version`.strip)
dir, = invoke_test_script("install.sh", "--bundler-version", "2.3.5")
assert_match(/2.3.5/, `#{dir}/.autoproj/bin/bundle --version`.strip)
end

it "pins the install to the selected bundler version" do
dir, = invoke_test_script("install.sh", "--bundler-version", "2.0.1")
dir, = invoke_test_script("install.sh", "--bundler-version", "2.3.5")
`#{dir}/.autoproj/bin/autoproj update`
assert_match(/2.0.1/, `#{dir}/.autoproj/bin/bundle --version`.strip)
assert_match(/2.3.5/, `#{dir}/.autoproj/bin/bundle --version`.strip)
end

it "can pin a bundler version on an existing bootstrap" do
dir, = invoke_test_script("install.sh")
refute_match(/2.0.1/, `#{dir}/.autoproj/bin/bundle --version`.strip)
dir, = invoke_test_script("install.sh", "--bundler-version", "2.0.1")
assert_match(/2.0.1/, `#{dir}/.autoproj/bin/bundle --version`.strip)
refute_match(/2.3.5/, `#{dir}/.autoproj/bin/bundle --version`.strip)
dir, = invoke_test_script("install.sh", "--bundler-version", "2.3.26")
assert_match(/2.3.26/, `#{dir}/.autoproj/bin/bundle --version`.strip)
end

it "can unpin a bundler version after the bootstrap" do
dir, = invoke_test_script("install.sh", "--bundler-version", "2.0.1")
dir, = invoke_test_script("install.sh", "--bundler-version", "2.3.5")

config_yml = File.join(dir, ".autoproj", "config.yml")
config = YAML.safe_load(File.read(config_yml))
Expand All @@ -265,7 +265,7 @@ module Ops
YAML.dump(config, io)
end
`#{dir}/.autoproj/bin/autoproj update`
refute_match(/2.0.1/, `#{dir}/.autoproj/bin/bundle --version`.strip)
refute_match(/2.3.5/, `#{dir}/.autoproj/bin/bundle --version`.strip)
end
end
end
Expand Down

0 comments on commit fbbb95d

Please sign in to comment.