[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1051302: bookworm-pu: package jekyll/4.3.1+dfsg-3+deb12u1

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: jekyll@packages.debian.org
Control: affects -1 + src:jekyll

[ Reason ]
This update fixes processing user configuration that used YAML aliases.

[ Impact ]
User configuration with YAML aliases will cause jekyll to crash while
parsing it, and therefore jekyll will not work at all.

[ Tests ]
The change is trivial, and is already present in testing.

[ Risks ]
No risks.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
The only change is passing an extra parameter to Psych.safe_load,
telling it to allow aliases in the YAML data.

[ Other info ]
n/a

diff --git a/debian/changelog b/debian/changelog
index b91ea6e..7ba5630 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+jekyll (4.3.1+dfsg-3+deb12u1) bookworm; urgency=medium
+
+  [ Sébastien Villemot ]
+  * Allow YAML aliases (Closes: #1050867)
+
+ -- Antonio Terceiro <terceiro@debian.org>  Tue, 05 Sep 2023 19:37:14 -0300
+
 jekyll (4.3.1+dfsg-2) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/patches/0016-Drop-usage-of-safe_yaml.patch b/debian/patches/0016-Drop-usage-of-safe_yaml.patch
index 90aa06e..6caae5d 100644
--- a/debian/patches/0016-Drop-usage-of-safe_yaml.patch
+++ b/debian/patches/0016-Drop-usage-of-safe_yaml.patch
@@ -1,6 +1,9 @@
 From: Antonio Terceiro <terceiro@debian.org>
 Date: Sat, 21 Jan 2023 23:25:30 -0300
 Subject: Drop usage of safe_yaml
+MIME-Version: 1.0
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
 
 Squashed commit of the following:
 
@@ -22,6 +25,12 @@ Date:   Thu Aug 19 13:42:39 2021 -0300
 
     Use Psych as YAML parser
 
+commit 5afe0f5acbc4cb9880bd2c752f45f39ba4f62835
+Author: Sébastien Villemot <sebastien@debian.org>
+Date: Wed, 30 Aug 2023 11:35:36 -0300
+
+    Enable YAML aliases
+
 Source: https://github.com/jekyll/jekyll/pull/8772
 Additional changes:
   - Also make the replacement of SafeYAML in lib/jekyll/commands/serve.rb
@@ -193,7 +202,7 @@ index d6c5a0b..3757e04 100644
  
        Jekyll.logger.info "Theme Config file:", theme_config_file
 diff --git a/lib/jekyll/utils.rb b/lib/jekyll/utils.rb
-index 2a96527..0dfe2ec 100644
+index 2a96527..252541f 100644
 --- a/lib/jekyll/utils.rb
 +++ b/lib/jekyll/utils.rb
 @@ -316,6 +316,20 @@ module Jekyll
@@ -202,7 +211,7 @@ index 2a96527..0dfe2ec 100644
  
 +    # Safely load YAML strings
 +    def safe_load_yaml(yaml)
-+      Psych.safe_load(yaml, :permitted_classes => [Date, Time])
++      Psych.safe_load(yaml, :permitted_classes => [Date, Time], aliases: true)
 +    rescue ArgumentError
 +      # Psych versions < 3.1 had a different safe_load API and used
 +      # problematic language.

Attachment: signature.asc
Description: PGP signature

Reply to: