Note that the above only apply for actual YAML symbols (e..g --- :foo).
The issue is still present for string keys parsed with YAML.load_file(..., symbolize_names: true), that is a bug
in msgpack that will hopefully be solved soon, see: msgpack/msgpack-ruby#246
Entirely disable the YAML compile cache if Encoding.default_internal is set to an encoding not supported by msgpack. (#398)
Psych coerce strings to Encoding.default_internal, but MessagePack doesn't. So in this scenario we can't provide
YAML caching at all without returning the strings in the wrong encoding.
This never came up in practice but might as well be safe.
1.10.2
Reduce the Kernel.require extra stack frames some more. Now bootsnap should only add one extra frame per require call.
Better check freeze option support in JSON compile cache.
Previously JSON.load_file(..., freeze: true) would be cached even when the msgpack version is missing support for it.
1.10.1
Fix Kernel#autoload's fallback path always being executed.
Consider unlink failing with ENOENT as a success.
1.10.0
Delay requiring FileUtils. (#285)
FileUtils can be installed as a gem, so it's best to wait for bundler to have setup the load path before requiring it.
Improve support of Psych 4. (#392)
Since 1.8.0, YAML.load_file was no longer cached when Psych 4 was used. This is because load_file loads
in safe mode by default, so the Bootsnap cache could defeat that safety.
Now when precompiling YAML files, Bootsnap first try to parse them in safe mode, and if it can't fallback to unsafe mode,
and the cache contains a flag that records whether it was generated in safe mode or not.
YAML.unsafe_load_file will use safe caches just fine, but YAML.load_file will fallback to uncached YAML parsing
if the cache was generated using unsafe parsing.
Minimize the Kernel.require extra stack frames. (#393)
This should reduce the noise generated by bootsnap on LoadError.
1.9.4
Ignore absolute paths in the loaded feature index. (#385)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
2 years ago
Bumps bootsnap from 1.8.0 to 1.10.3.
Changelog
Sourced from bootsnap's changelog.
... (truncated)
Commits
fbdce33Release 1.10.31e71cc5Merge pull request #400 from Shopify/improve-yaml-cache-some-more31dce79Fix Regexp and Date handling in YAML compile cachea75ab21Merge pull request #399 from Shopify/simpler-symbol-encoding85f1242Simplified handling of UTF-8 symbols in YAML487d46cAppease rubocop2e61f8dMerge pull request #398 from Shopify/symbol-encoding647969fCode style and CI improvements76a05dbYAML compile cache: encoding aware symbolse3ef615Merge pull request #397 from mishina2228/chagelogDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)