Conversation
Decode base64-encoded values tagged with !binary in mapping keys, mapping values (both inline and block scalar), and sequence items. This fixes gem install failures for gems packaged with older RubyGems that used !binary encoding in checksums.yaml.gz. Fixes #9387 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Adds support in RubyGems’ pure-Ruby Gem::YAMLSerializer to correctly decode YAML 1.1 !binary-tagged scalars (base64) so older gems’ checksums.yaml.gz can be parsed/verified when Psych is disabled/unavailable (fixing #9387).
Changes:
- Decode
!binaryvalues inGem::YAMLSerializer::Parserfor mapping keys and values, and for sequence items (including block scalars). - Add regression tests covering
!binarydecoding in mapping keys and mapping values (inline + block scalar), including an “older checksums.yaml.gz” style fixture.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| test/rubygems/test_gem_safe_yaml.rb | Adds regression tests for !binary decoding scenarios (keys + values). |
| lib/rubygems/yaml_serializer.rb | Extends the YAMLSerializer parser to decode !binary-tagged scalars via base64 decoding. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
| assert_equal ["SHA1"], result.keys | ||
| assert_equal "9f8a39cc19773791f379564ff5ec9cb65040ab02", result["SHA1"]["metadata.gz"] | ||
| assert_equal "e4fdda6751c96b0c4a81db2499d267f461cd0c5d", result["SHA1"]["data.tar.gz"] | ||
| end |
There was a problem hiding this comment.
The PR description mentions decoding !binary tags in sequence items, and the parser now has a parse_sequence_item branch for !binary, but there is no test that exercises a - !binary ... sequence item (inline and/or block scalar). Adding a dedicated test would prevent regressions for this code path.
| end | |
| end | |
| def test_binary_tag_decoded_in_sequence_item_inline | |
| yaml = <<~YAML | |
| --- | |
| - !binary "U0hBMQ==" | |
| YAML | |
| result = yaml_load(yaml) | |
| assert_equal ["SHA1"], result | |
| end |
|
@copilot open a new pull request to apply changes based on the comments in this thread |
Co-authored-by: hsbt <12301+hsbt@users.noreply.github.com>
What was the end-user or developer problem that led to this PR?
Decode base64-encoded values tagged with
!binaryin mapping keys, mapping values (both inline and block scalar), and sequence items.This fixes gem install failures for gems packaged with older RubyGems that used
!binaryencoding inchecksums.yaml.gz.Fixes #9387
Make sure the following tasks are checked