Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update json to 1.7.6 #512

Closed
tism opened this Issue Jan 25, 2013 · 14 comments

Comments

Projects
None yet
6 participants
@tism
Copy link

commented Jan 25, 2013

There's an issue with json 1.7.5 and the expectation rails puts on it which is fixed in 1.7.6. The bundled version in 1.7.2 is 1.7.5 which means that JSON.dump can fail.

BanzaiMan added a commit that referenced this issue Jan 25, 2013

@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Jan 25, 2013

Do you have a test case to verify this? I pushed the update to bf5365f in the gh-512 branch.

@dwbutler

This comment has been minimized.

Copy link

commented Jan 25, 2013

+1

I've been wrangling with similar issues.
https://gist.github.com/4632270

@tism

This comment has been minimized.

Copy link
Author

commented Jan 25, 2013

The gist @dwbutler posted is the same reproduction I came to. JSON.dump an ActiveSupport::HashWithIndifferentAccess.

The issue should be fixed with the merge alias for configure in GeneratorState here.

@dwbutler

This comment has been minimized.

Copy link

commented Jan 25, 2013

@tism, I thought that should have fixed it as well. But I found that the issue still occurred in JSON 1.7.6 and JSON-master. I opened a ticket on JRuby (#507) but now I'm wondering if I should open a ticket on JSON.

@dwbutler

This comment has been minimized.

Copy link

commented Jan 25, 2013

I asked for some help here: flori/json#152

@sluukkonen

This comment has been minimized.

Copy link
Contributor

commented Jan 29, 2013

This PR will fix the issue: flori/json#155

@edzhelyov

This comment has been minimized.

Copy link

commented Jan 30, 2013

1.7.6 won't fix the NullPointerException. I've checked that with the following code:

gem 'json', '=1.7.6'
require 'active_support/all'

puts JSON::VERSION

h = { a: 1 }
puts JSON.dump(h)

hi = HashWithIndifferentAccess.new(h)
puts JSON.dump(hi)

flori/json#155 is most likely to fix it.

@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Feb 5, 2013

4070ab3 is the second try, based on flori/json@771e08b. @edzhelyov's test case above returns:

irb(main):015:0> puts JSON.dump(h)
{"a":1}
=> nil
@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Feb 5, 2013

If you want to test it yourself, don't forget 7adc0d1.

@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Feb 5, 2013

In case it wasn't clear: I fully intend to wait for the official JSON 1.7.6 release to merge it to master. The above commits are just for testing.

@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Feb 5, 2013

JSON 1.7.6 breaks its own tests (granted, they are a part of the MRI test suite). https://travis-ci.org/jruby/jruby/builds/4585422

@ghost ghost assigned BanzaiMan Feb 13, 2013

@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Feb 13, 2013

Looks like JSON 1.7.7 has been released. https://rubygems.org/gems/json/versions/1.7.7-java

@mkristian

This comment has been minimized.

Copy link
Member

commented Feb 13, 2013

and it is advised to switch to that version for security reasons !

CVE-2013-0269

@BanzaiMan

This comment has been minimized.

Copy link
Member

commented Feb 13, 2013

Fixed with a216eb3.

@BanzaiMan BanzaiMan closed this Feb 13, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.