Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
have you seen https://github.com/rapid7/psych_shield ?
By default, Psych Shield allows the following types of objects:
Hash Array String Range
Oh, ha, I have no idea. I've used GitHub forever but there are definitely still features I don't totally understand. I suppose in the absence of any private messaging feature, creating an issue is a perfectly valid way to communicate! Thanks for bringing this up—I've actually just added the ability to whitelist tags to SafeYAML, and I will probably enhance this with the ability to whitelist types directly (just like PsychShield). At this point I think SafeYAML has a few advantages over PsychShield:
That said, PsychShield is certainly simpler (its implementation is very clean) and may be more attractive as a super lightweight solution for some devs who are using Psych and don't want to bother sanitizing questionable YAML.