Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: jek...@packages.debian.org Control: affects -1 + src:jekyll
[ Reason ] This update fixes processing user configuration that used YAML aliases. [ Impact ] User configuration with YAML aliases will cause jekyll to crash while parsing it, and therefore jekyll will not work at all. [ Tests ] The change is trivial, and is already present in testing. [ Risks ] No risks. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The only change is passing an extra parameter to Psych.safe_load, telling it to allow aliases in the YAML data. [ Other info ] n/a
diff --git a/debian/changelog b/debian/changelog
index b91ea6e..7ba5630 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+jekyll (4.3.1+dfsg-3+deb12u1) bookworm; urgency=medium
+
+ [ Sébastien Villemot ]
+ * Allow YAML aliases (Closes: #1050867)
+
+ -- Antonio Terceiro <terce...@debian.org> Tue, 05 Sep 2023 19:37:14 -0300
+
jekyll (4.3.1+dfsg-2) unstable; urgency=medium
* Team upload
diff --git a/debian/patches/0016-Drop-usage-of-safe_yaml.patch b/debian/patches/0016-Drop-usage-of-safe_yaml.patch
index 90aa06e..6caae5d 100644
--- a/debian/patches/0016-Drop-usage-of-safe_yaml.patch
+++ b/debian/patches/0016-Drop-usage-of-safe_yaml.patch
@@ -1,6 +1,9 @@
From: Antonio Terceiro <terce...@debian.org>
Date: Sat, 21 Jan 2023 23:25:30 -0300
Subject: Drop usage of safe_yaml
+MIME-Version: 1.0
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
Squashed commit of the following:
@@ -22,6 +25,12 @@ Date: Thu Aug 19 13:42:39 2021 -0300
Use Psych as YAML parser
+commit 5afe0f5acbc4cb9880bd2c752f45f39ba4f62835
+Author: Sébastien Villemot <sebast...@debian.org>
+Date: Wed, 30 Aug 2023 11:35:36 -0300
+
+ Enable YAML aliases
+
Source: https://github.com/jekyll/jekyll/pull/8772
Additional changes:
- Also make the replacement of SafeYAML in lib/jekyll/commands/serve.rb
@@ -193,7 +202,7 @@ index d6c5a0b..3757e04 100644
Jekyll.logger.info "Theme Config file:", theme_config_file
diff --git a/lib/jekyll/utils.rb b/lib/jekyll/utils.rb
-index 2a96527..0dfe2ec 100644
+index 2a96527..252541f 100644
--- a/lib/jekyll/utils.rb
+++ b/lib/jekyll/utils.rb
@@ -316,6 +316,20 @@ module Jekyll
@@ -202,7 +211,7 @@ index 2a96527..0dfe2ec 100644
+ # Safely load YAML strings
+ def safe_load_yaml(yaml)
-+ Psych.safe_load(yaml, :permitted_classes => [Date, Time])
++ Psych.safe_load(yaml, :permitted_classes => [Date, Time], aliases: true)
+ rescue ArgumentError
+ # Psych versions < 3.1 had a different safe_load API and used
+ # problematic language.
signature.asc
Description: PGP signature
