This repository has been archived by the owner on Apr 14, 2021. It is now read-only.
Remove taint usage on Ruby 2.7+ #7385
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jeremyevans
force-pushed
the
taint
branch
2 times, most recently
from
6a69682
to
f630a1d
Compare
Ruby 2.7 deprecates taint and it no longer has an effect. This attempts to leave the behavior the same on older Ruby versions, but avoid the use of untaint on Ruby 2.7+. See https://bugs.ruby-lang.org/issues/16131 for details.
deivid-rodriguez
approved these changes
Oct 19, 2019
|
@bundlerbot r+ |
ghost
pushed a commit
that referenced
this pull request
Oct 20, 2019
7385: Remove taint usage on Ruby 2.7+ r=hsbt a=jeremyevans ### What was the end-user problem that led to this PR? Ruby 2.7 is deprecating taint support. See https://bugs.ruby-lang.org/issues/16131 for details. ### What was your diagnosis of the problem? Bundler still uses `untaint` in a few places, which will cause deprecation warnings on Ruby 2.7. ### What is your fix for the problem, implemented in this PR? `s/\.untaint/.tap{|x| x.untaint if RUBY_VERSION < "2.7" }/g` ### Why did you choose this fix out of the possible options? It seemed simplest. Co-authored-by: Jeremy Evans <code@jeremyevans.net>
Build succeeded |
ghost
merged commit
deivid-rodriguez
pushed a commit
that referenced
this pull request
Nov 7, 2019
7385: Remove taint usage on Ruby 2.7+ r=hsbt a=jeremyevans ### What was the end-user problem that led to this PR? Ruby 2.7 is deprecating taint support. See https://bugs.ruby-lang.org/issues/16131 for details. ### What was your diagnosis of the problem? Bundler still uses `untaint` in a few places, which will cause deprecation warnings on Ruby 2.7. ### What is your fix for the problem, implemented in this PR? `s/\.untaint/.tap{|x| x.untaint if RUBY_VERSION < "2.7" }/g` ### Why did you choose this fix out of the possible options? It seemed simplest. Co-authored-by: Jeremy Evans <code@jeremyevans.net> (cherry picked from commit fcb0fef)
hsbt
added a commit
to ruby/ruby
that referenced
this pull request
Nov 11, 2019
Features:
- Add caller information to some deprecation messages to make them easier to fix [#7361](rubygems/bundler#7361)
- Reconcile `bundle cache` vs `bundle package` everywhere. Now in docs, CLI help and everywhere else `bundle cache` is the preferred version and `bundle package` remains as an alias [#7389](rubygems/bundler#7389)
- Display some basic `bundler` documentation together with ruby's RDoc based documentation [#7394](rubygems/bundler#7394)
Bugfixes:
- Fix typos deprecation message and upgrading docs [#7374](rubygems/bundler#7374)
- Deprecation warnings about `taint` usage on ruby 2.7 [#7385](rubygems/bundler#7385)
- Fix `--help` flag not correctly delegating to `man` when used with command aliases [#7388](rubygems/bundler#7388)
- `bundle add` should cache newly added gems if an application cache exists [#7393](rubygems/bundler#7393)
- Stop using an insecure folder as a "fallback home" when user home is not defined [#7416](rubygems/bundler#7416)
- Fix `bundler/inline` warning about `Bundler.root` redefinition [#7417](rubygems/bundler#7417)
This pull request was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What was the end-user problem that led to this PR?
Ruby 2.7 is deprecating taint support.
See https://bugs.ruby-lang.org/issues/16131 for details.
What was your diagnosis of the problem?
Bundler still uses
untaintin a few places, which will cause deprecation warnings on Ruby 2.7.What is your fix for the problem, implemented in this PR?
s/\.untaint/.tap{|x| x.untaint if RUBY_VERSION < "2.7" }/gWhy did you choose this fix out of the possible options?
It seemed simplest.