ElectronBuilder: Allow Date/Time deserialization

The `ElectronBuilder` strategy uses `YAML#safe_load` to parse YAML content and this limits deserialization to appropriate classes. We recently encountered a `Tried to load unspecified class: Time` error when using the `ElectronBuilder` strategy on a `latest-mac.yml` file containing `releaseDate: 2022-12-01T02:02:46.419Z`. The electron-builder YAML files we usually encounter use single quotes around the `releaseDate` value to ensure it's treated as a string (e.g., `releaseDate: '2022-10-12T17:55:26.718Z'`) and this is what we do in `electron_builder_spec.rb`. The aforementioned YAML file doesn't use single quotes around the value, so it's treated as a timestamp and apparently this makes Psych use `Time` (which `#safe_load` doesn't allow by default). Seeing as we can't control the YAML content and there's a chance we may encounter other files like this in the future, this commit modifies the related `#safe_load` call to allow `Time` (and `Date` for good measure). This will resolve the aforementioned error and allow the `ElectronBuilder` strategy to work as expected in this scenario.
2022-12-04 21:32:31 -05:00 · 2022-12-04 21:32:31 -05:00 · e56735a171
commit e56735a171
parent b8a505d0d8
2 changed files with 11 additions and 1 deletions
--- a/Library/Homebrew/livecheck/strategy/electron_builder.rb
+++ b/Library/Homebrew/livecheck/strategy/electron_builder.rb
@ -47,7 +47,7 @@ module Homebrew
        def self.versions_from_content(content, regex = nil, &block)
          require "yaml"

-          yaml = YAML.safe_load(content)
+          yaml = YAML.safe_load(content, permitted_classes: [Date, Time])
          return [] if yaml.blank?

          if block
--- a/Library/Homebrew/test/livecheck/strategy/electron_builder_spec.rb
+++ b/Library/Homebrew/test/livecheck/strategy/electron_builder_spec.rb
@ -25,6 +25,15 @@ describe Homebrew::Livecheck::Strategy::ElectronBuilder do
      releaseDate: '2000-01-01T00:00:00.000Z'
    EOS
  }
+
+  let(:electron_builder_yaml_with_timestamp) {
+    # An electron-builder YAML file may use a timestamp instead of an explicit
+    # string value (with quotes) for `releaseDate`, so we need to make sure that
+    # `ElectronBuilder#versions_from_content` won't encounter an error in this
+    # scenario (e.g. `Tried to load unspecified class: Time`).
+    electron_builder_yaml.sub(/releaseDate:\s*'([^']+)'/, 'releaseDate: \1')
+  }
+
  let(:mac_regex) { /Example[._-]v?(\d+(?:\.\d+)+)[._-]mac\.zip/i }

  let(:versions) { ["1.2.3"] }
@ -46,6 +55,7 @@ describe Homebrew::Livecheck::Strategy::ElectronBuilder do

    it "returns an array of version strings when given YAML text" do
      expect(electron_builder.versions_from_content(electron_builder_yaml)).to eq(versions)
+      expect(electron_builder.versions_from_content(electron_builder_yaml_with_timestamp)).to eq(versions)
    end

    it "returns an array of version strings when given YAML text and a block" do