@postmodern_mod3 is there any reason you aren't using SafeYAML with bundler-audit?
-
-
@bascule@rantyben@homakov@tenderlove unfortunately, MRI 2.1 is the only Ruby that includes Psych.safe_load. :( -
@postmodern_mod3@rantyben@homakov@tenderlove what about using YAML.parse? -
@bascule we could also use YAML.parse and explicitly coerce the nodes. That seems to be the most pragmatic solution. -
@bascule and we already have a simple schema listing https://github.com/rubysec/ruby-advisory-db#schema … -
@postmodern_mod3 if you asked@indirect he'd probably tell you to make a simple text format with a minimal string.split parser -
@bascule lol. JSON is perfectly fine. as is YAML.safe_load :P -
@indirect YAML.safe_load is what started this whole conversation, heh
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.