On 13 Sep 2022 09:00:07 -0300 Antonio Terceiro <terce...@debian.org> wrote: > Source: ruby-safe-yaml > Version: 1.0.5-2 > Justification: FTBFS > Usertags: ruby3.1 > > We are about to start the ruby3.1 transition in unstable. While trying to > rebuild ruby-safe-yaml with ruby3.1 enabled, the build failed. > > Relevant part of the build log (hopefully): > > ArgumentError: > > wrong number of arguments (given 2, expected 1) > > # ./lib/safe_yaml/load.rb:149:in `load' > > # ./lib/safe_yaml.rb:29:in `safe_load' > > # ./spec/safe_yaml_spec.rb:7:in `safe_load_round_trip' > > # ./spec/safe_yaml_spec.rb:745:in `block (4 levels) in <top > > (required)>' > > > > Finished in 0.08109 seconds (files took 0.12613 seconds to load) > > 134 examples, 20 failures > > > > Failed examples: > > > > rspec ./spec/safe_yaml_spec.rb:29 # Psych unsafe_load allows exploits > > through objects defined in YAML w/ !ruby/hash via custom :[]= methods
There is an upstream PR: https://github.com/dtao/safe_yaml/pull/101 which tried to address this, but someone who tried it still got errors. Last upstream commit was from 2019-02-22 and there are several PRs open and it looks like the maintainer hasn't responded to any of them for > 5 YEARS....
signature.asc
Description: This is a digitally signed message part.
