-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use Chef::JSONCompat.parse for file_contents #2433 #2482
Conversation
yeah, chef-zero was written without "create_additions" or the "json_class" auto-inflation, all of the Chef::JSONCompat calls that it uses should have been #parse and not #from_json. if there are any remaining calls to #from_json in chef-zero those are all bugs and need to be replaced (and #from_json should be hunted down and eradicated, its awful backcompat with insecure JSON usage). |
Can I leave it up to you? Finding all bugs is difficult to me. |
The best way to hunt it down would actually be |
just in lib/chef/chef_fs in this case -- unwinding the other uses of it is more annoying. looks like this is the only one though. |
In which case, 👍. Is there already a bug for from_json genocide? |
no, its just well known pain from our past that hasn't been addressed yet. |
Actually, we really need a test for this (something that fails without your patch, and succeeds with it). What exactly is going wrong? (To be clear, this is a positive change: from_json without any arguments is a terrible, horrible idea and I'm unclear how it got in there in the first place.) And if you don't mind adding a CHANGELOG.md entry while you're at it, that would be great. |
I have updated spec 6c0b6d2. case: from_json causes exception in
|
Hi, any update on this? |
👍 |
1 similar comment
👍 |
dont we still need this it hasnt been merged? |
Heh, and git is smart enough to resolve the merge conflict from the identical edit. The specs are still useful, like to get those merged so we don't ever regress. |
closed by #2823 |
Thanks! 👍 |
PR for #2433 and chef/chef-zero#99
HT: @cl-lab-k