remove safe_yaml. Psych.safe_load is fine for modern rubies

jnunemaker / crack

Really simple JSON and XML parsing, ripped from Merb and Rails.

MIT License

541 stars 93 forks source link

remove safe_yaml. Psych.safe_load is fine for modern rubies #59

Closed bf4 closed 5 years ago

bf4 commented 6 years ago

Otherwise webmock -> crack -> safe_yaml

bf4 commented 6 years ago

Optionally, see https://github.com/sferik/rails_admin/pull/2397/files

preston commented 6 years ago

Yes, please!

bf4 commented 6 years ago

@preston In the meantime, here's an example of what I have in my Gemfile

  # RailsAdmin only uses safe_yaml when present https://github.com/sferik/rails_admin/pull/2397
  # SafeYaml, unfortunately, is included by webmock's dependency on crack
  gem 'crack', github: 'bf4/crack', branch: 'no_safe_yaml'
  gem 'webmock', '~>3.0.0'

bf4 commented 5 years ago

@jnunemaker Oh wow, thanks!

bf4 commented 4 years ago

@jnunemaker @pengwynn I just realized webmock is still pulling in safe_yaml through crack. Any chance we can bump this to 0.4.4?

javierjulio commented 4 years ago

Looks like this has been released now. Thanks!