@rantyben @postmodern_mod3 @homakov call me crazy, but I would prefer my security tools close known attack vectors if possible :O
-
-
Replying to @bascule
@bascule@rantyben@homakov feel free to send me a pull request. I would prefer to use Psych.safe_load /cc@tenderlove.1 reply 0 retweets 0 likes -
Replying to @postmodern_mod3
@postmodern_mod3@rantyben@homakov@tenderlove seems good1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@rantyben@homakov@tenderlove unfortunately, MRI 2.1 is the only Ruby that includes Psych.safe_load. :(2 replies 0 retweets 1 like -
Replying to @postmodern_mod3
@postmodern_mod3@rantyben@homakov@tenderlove what about using YAML.parse?1 reply 0 retweets 0 likes -
-
Replying to @bascule
@bascule and we already have a simple schema listing https://github.com/rubysec/ruby-advisory-db#schema …1 reply 0 retweets 0 likes -
Replying to @postmodern_mod3
@postmodern_mod3 if you asked@indirect he'd probably tell you to make a simple text format with a minimal string.split parser1 reply 0 retweets 0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.