Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-forensics/brakeman/files/brakeman-6.1.1-remove-safeyaml.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-forensics/brakeman/files/brakeman-6.1.1-remove-safeyaml.patch')
-rw-r--r--app-forensics/brakeman/files/brakeman-6.1.1-remove-safeyaml.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/app-forensics/brakeman/files/brakeman-6.1.1-remove-safeyaml.patch b/app-forensics/brakeman/files/brakeman-6.1.1-remove-safeyaml.patch
new file mode 100644
index 00000000..145c3b45
--- /dev/null
+++ b/app-forensics/brakeman/files/brakeman-6.1.1-remove-safeyaml.patch
@@ -0,0 +1,56 @@
+From 49d9c53bd127acf06c84f5383db24b175ea6a41e Mon Sep 17 00:00:00 2001
+From: Justin Collins <justin@presidentbeef.com>
+Date: Sat, 23 Dec 2023 23:22:46 -0800
+Subject: [PATCH] Remove SafeYAML dependency
+
+---
+ gem_common.rb | 1 -
+ lib/brakeman.rb | 5 ++---
+ lib/brakeman/checks/check_session_settings.rb | 5 ++---
+ 3 files changed, 4 insertions(+), 7 deletions(-)
+
+diff --git a/gem_common.rb b/gem_common.rb
+index e1fd9e086a..0d36ec3e29 100644
+--- a/gem_common.rb
++++ b/gem_common.rb
+@@ -12,7 +12,6 @@ def self.base_dependencies spec
+ spec.add_dependency "ruby_parser", "~>3.20.2"
+ spec.add_dependency "sexp_processor", "~> 4.7"
+ spec.add_dependency "ruby2ruby", "~>2.4.0"
+- spec.add_dependency "safe_yaml", ">= 1.0"
+ spec.add_dependency "racc"
+ end
+
+diff --git a/lib/brakeman.rb b/lib/brakeman.rb
+index f24ac30849..69495007e4 100644
+--- a/lib/brakeman.rb
++++ b/lib/brakeman.rb
+@@ -128,9 +128,8 @@ def self.load_options line_options
+
+ #Load configuration file
+ if config = config_file(custom_location, app_path)
+- require 'date' # https://github.com/dtao/safe_yaml/issues/80
+- self.load_brakeman_dependency 'safe_yaml/load'
+- options = SafeYAML.load_file config, :deserialize_symbols => true
++ require 'yaml'
++ options = YAML.safe_load_file config, permitted_classes: [Symbol], symbolize_names: true
+
+ if options
+ options.each { |k, v| options[k] = Set.new v if v.is_a? Array }
+diff --git a/lib/brakeman/checks/check_session_settings.rb b/lib/brakeman/checks/check_session_settings.rb
+index 33d5f674c1..f117eadb88 100644
+--- a/lib/brakeman/checks/check_session_settings.rb
++++ b/lib/brakeman/checks/check_session_settings.rb
+@@ -116,10 +116,9 @@ def check_secrets_yaml
+
+ if secrets_file.exists? and not ignored? "secrets.yml" and not ignored? "config/*.yml"
+ yaml = secrets_file.read
+- require 'date' # https://github.com/dtao/safe_yaml/issues/80
+- require 'safe_yaml/load'
++ require 'yaml'
+ begin
+- secrets = SafeYAML.load yaml
++ secrets = YAML.safe_load yaml
+ rescue Psych::SyntaxError, RuntimeError => e
+ Brakeman.notify "[Notice] #{self.class}: Unable to parse `#{secrets_file}`"
+ Brakeman.debug "Failed to parse #{secrets_file}: #{e.inspect}"