[spaceship] migrate YAML.safe_load to support psych v4.0

[ainame]

Checklist

• I've run bundle exec rspec from the root directory to see all new and existing tests pass
• I've followed the fastlane code style and run bundle exec rubocop -a to ensure the code style is valid
• I've read the Contribution Guidelines
• I've updated the documentation if necessary.

Motivation and Context

Closes #18768
#17931 (comment)

psych v4.0.0 was released lately and it has a breaking change that breaks fastlane in two ways. One is to break http-cookie gem, another is by removing legacy positional parameters used in spaceauth_runner.rb.

JFYI: psych is a backend implementation of YAML used by default in Ruby. psych gem is categorised as "default" gem which means it's bundled in Ruby but you can update it to whatever version you want optionally. Ruby 3.0.1 bundles psych v3.3.0 but on the master branch of ruby/ruby it now points to v4.0.1, which means that it is very likely fastlane users using the next Ruby version (Ruby 3.1.0) are going to see errors due to psych v4.0.1.

• Ruby 3.0.1 https://github.com/ruby/ruby/blob/0fb782ee38ea37fd5fe8b1f775f8ad866a82a3f0/ext/psych/lib/psych/versions.rb#L5
• Ruby head https://github.com/ruby/ruby/blob/8c87efaa8a45166ed977294330c32a4b186b8e7b/ext/psych/lib/psych/versions.rb#L5

Thanks to this ticket #18768, http-cookie is now fixed. This PR migrates spaceauth_runner.rb using the legacy positional parameters on YAML.safe_load which are removed in psych v4.0.0.

Description

It is a bit tricky that we need to maintain legacy positional parameters to keep Ruby 2.5 support. Otherwise, it is very straightforward.

v4.0.1 (bundled in Ruby head) https://github.com/ruby/psych/blob/v4.0.1/lib/psych.rb#L323
It's cleaned up. It no longer contains positional arguments for options.

  def self.safe_load yaml, permitted_classes: [], permitted_symbols: [], aliases: false, filename: nil, fallback: nil, symbolize_names: false, freeze: false<br class="Apple-interchange-newline">

v3.3.0 (bundled in Ruby 3.0.1) https://github.com/ruby/psych/blob/v3.3.0/lib/psych.rb#L329
There are positional parameters named as legacy to keep compatibility.

  def self.safe_load yaml, legacy_permitted_classes = NOT_GIVEN, legacy_permitted_symbols = NOT_GIVEN, legacy_aliases = NOT_GIVEN, legacy_filename = NOT_GIVEN, permitted_classes: [], permitted_symbols: [], aliases: false, filename: nil, fallback: nil, symbolize_names: false, freeze: false<br class="Apple-interchange-newline">

v3.0.2 (bundled in Ruby 2.5.0) https://github.com/ruby/psych/blob/v3.0.2/lib/psych.rb#L313
There is not keyword arguments for options yet.

  def self.safe_load yaml, whitelist_classes = [], whitelist_symbols = [], aliases = false, filename = nil, symbolize_names: false<br class="Apple-interchange-newline">

Testing Steps

I believe unit tests cover this change but you can give spaceauth a try to see if serialised cookie object is restored from yaml file.

[ainame]

The idea comes from https://github.com/sparklemotion/http-cookie/pull/34/files#diff-1ca99fa7d530d27cd9c91bc6cf9e1eb5da1171af6bd1dd194349de4f6f5c994cR77

[minuscorp]

Maybe we can include it in the code as a comment as a reference?

[ainame]

Hmm not really? There's no explanation for this logic there. I can add another comment on what this comparison means if you want?

[minuscorp]

I've read the diff to understand the reasoning with Psych lib etc but I leave it to your criteria😁

[minuscorp]

🚀

[joshdholtz]

👏 Thank you for finding and fixing this! You are the 3.0 hero ❤️

[fastlane-bot]

Hey @ainame 👋

Thank you for your contribution to fastlane and congrats on getting this pull request merged 🎉
The code change now lives in the master branch, however it wasn't released to RubyGems yet.
We usually ship about once a week, and your PR will be included in the next one.

Please let us know if this change requires an immediate release by adding a comment here 👍
We'll notify you once we shipped a new release with your changes 🚀

[fastlane-bot]

Congratulations! 🎉 This was released as part of fastlane 2.185.1 🚀