[BUG] Breaks on Ruby 3.1.0

[leoarnold]

Before we start...:

• [X] I checked the documentation and found no answer
• [X] I checked to make sure that this issue has not already been filed
• [X] I'm reporting the issue to the correct repository (for multi-repository projects)

Branch/Commit:

Inform what branch/commit of Skunk.fyi you are using.

I am not using Skunk.fyi at all. This is about bundler-leak (0.2.0).

Expected behavior:

I can run bundle leak without runtime error.

Actual behavior:

/usr/local/lib/ruby/3.1.0/psych/class_loader.rb:99:in `find': Tried to load unspecified class: Date (Psych::DisallowedClass)
    from /usr/local/lib/ruby/3.1.0/psych/class_loader.rb:28:in `load'
    from (eval):2:in `date'
    from /usr/local/lib/ruby/3.1.0/psych/scalar_scanner.rb:59:in `tokenize'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:65:in `deserialize'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:128:in `visit_Psych_Nodes_Scalar'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:345:in `block in revive_hash'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `each'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `each_slice'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:343:in `revive_hash'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:167:in `visit_Psych_Nodes_Mapping'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:318:in `visit_Psych_Nodes_Document'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/visitor.rb:30:in `visit'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/visitor.rb:6:in `accept'
    from /usr/local/lib/ruby/3.1.0/psych/visitors/to_ruby.rb:35:in `accept'
    from /usr/local/lib/ruby/3.1.0/psych.rb:335:in `safe_load'
    from /usr/local/lib/ruby/3.1.0/psych.rb:370:in `load'
    from /usr/local/lib/ruby/3.1.0/psych.rb:671:in `block in load_file'
    from /usr/local/lib/ruby/3.1.0/psych.rb:670:in `open'
    from /usr/local/lib/ruby/3.1.0/psych.rb:670:in `load_file'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/advisory.rb:47:in `load'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/database.rb:156:in `block in advisories_for'
    from <internal:dir>:220:in `glob'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/database.rb:244:in `each_advisory_path_for'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/database.rb:155:in `advisories_for'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/database.rb:179:in `check_gem'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/scanner.rb:117:in `block in scan_specs'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/scanner.rb:116:in `each'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/scanner.rb:116:in `scan_specs'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/scanner.rb:83:in `scan'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/lib/bundler/plumber/cli.rb:45:in `check'
    from /usr/local/bundle/gems/thor-1.2.1/lib/thor/command.rb:27:in `run'
    from /usr/local/bundle/gems/thor-1.2.1/lib/thor/invocation.rb:127:in `invoke_command'
    from /usr/local/bundle/gems/thor-1.2.1/lib/thor.rb:392:in `dispatch'
    from /usr/local/bundle/gems/thor-1.2.1/lib/thor/base.rb:485:in `start'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/bin/bundle-leak:10:in `<top (required)>'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/bin/bundler-leak:3:in `load'
    from /usr/local/bundle/gems/bundler-leak-0.2.0/bin/bundler-leak:3:in `<top (required)>'
    from /usr/local/bundle/bin/bundler-leak:25:in `load'
    from /usr/local/bundle/bin/bundler-leak:25:in `<main>'

Steps to reproduce:

Install Ruby 3.1.0 and try to run bundle leak.

I will abide by the [code of conduct] (code_of_conduct.md)

[Doyal-N]

Who does khow how fix this BUG? Pipelines are falling, work is slowing down)

[etagwerker]

This is now fixed on #45. Waiting for @lubc or @bronzdoc to review and approve my changes.

[prtngn]

You can add new tag?

[Quitehours]

https://github.com/rubymem/bundler-leak/issues/44#issue-1116903529

I fixed it like this

module Psych
  class ClassLoader
    class Restricted < ClassLoader
      private

      def find(klassname)
        return super if (@classes.include? klassname) || (klassname == 'Date')

        raise DisallowedClass.new('load', klassname)
      end
    end
  end
end

[Mikkko]

Still have this problem.. Is it fixed on https://github.com/rubymem/bundler-leak/pull/45? I see that it is merged, but problem is still actual, as i understand..

[bronzdoc]

I just released bundler-leak 0.3.0 please install the latest version and try again, thanks!

[Quitehours]

I just released bundler-leak 0.3.0 please install the latest version and try again, thanks!

Yeah, @bronzdoc, but I receive new exception like this

bundler-leak-0.3.0/data/ruby-mem-advisory-db" is not a directory (ArgumentError)

also I use last version redis

[bronzdoc]

@Quitehours Try bundler-leak update if that doesn't help please open a new issue, with the steps to reproduce. Thanks

[prtngn]

Thanks. Working now good.

[leoarnold]

For the record: When using Docker, prefer

bash -lc "bundle exec bundler-leak update && bundle exec bundler-leak"

Otherwise the downloaded database may be gone in the second invocation because the file system layer was not persisted.