Project

General

Profile

Actions

Feature #14256

closed

Deprecate $SAFE support in ERB and let ERB.new take keyword arguments for it

Added by k0kubun (Takashi Kokubun) almost 7 years ago. Updated almost 7 years ago.

Status:
Closed
Target version:
[ruby-core:84546]

Description

See https://bugs.ruby-lang.org/issues/14250.

Proc-level $SAFE change does no longer make sense. This should be deprecated and then removed. But the problem is that the position of safe_level argument is in the middle of argument list of ERB#initialize.

So to remove it safely, we should make them keyword arguments and deprecate the current non-keyword-argument interface. Having both interfaces would be backward-compatible because all of arguments don't take {}.

before

ERB.new("<%= 'foo' %>", 1, '%', '_erbout')

after

ERB.new("<%= 'foo' %>", 1, '%', '_erbout') # print deprecation in 2.6 if argc >= 2, and removed in later version
ERB.new("<%= 'foo' %>", trim_mode: '%', eoutvar: '_erbout') # no safe_level support from first

Related issues 1 (0 open1 closed)

Related to Ruby master - Feature #14250: Make `$SAFE` process global state and allow to set 0 againClosedko1 (Koichi Sasada)Actions
Actions #1

Updated by k0kubun (Takashi Kokubun) almost 7 years ago

  • Subject changed from Deprecate $SAFE support in ERB to Deprecate $SAFE support in ERB and let ERB.new take keyword arguments for it
Actions #2

Updated by k0kubun (Takashi Kokubun) almost 7 years ago

  • Related to Feature #14250: Make `$SAFE` process global state and allow to set 0 again added
Actions #3

Updated by k0kubun (Takashi Kokubun) almost 7 years ago

  • Status changed from Open to Closed

Applied in changeset trunk|r62529.


erb.rb: deprecate safe_level of ERB.new

Also, as it's in the middle of the list of 4 arguments, 3rd and 4th arguments
(trim_mode, eoutvar) are changed to keyword arguments.
Old ways to specify arguments are deprecated and warned now.

bin/erb: deprecate -S option.

We'll remove all of deprecated ones at Ruby 2.7+.

enc/make_encmake.rb: stopped using deprecated interface
ext/etc/mkconstants.rb: ditto
ext/socket/mkconstants.rb: ditto
sample/ripper/ruby2html.rb: ditto
spec/ruby/library/erb/defmethod/def_erb_method_spec.rb: ditto
spec/ruby/library/erb/new_spec.rb: ditto
test/erb/test_erb.rb: ditto
test/erb/test_erb_command.rb: ditto
tool/generic_erb.rb: ditto
tool/ruby_vm/helpers/dumper.rb: ditto
tool/transcode-tblgen.rb: ditto
lib/rdoc/erbio.rb: ditto
lib/rdoc/generator/darkfish.rb: ditto

[Feature #14256]

Updated by k0kubun (Takashi Kokubun) almost 7 years ago

I forgot to have a link to this ticket in r62612.

Ruby 2.5's ERB.new interface will continue to be available until Ruby 2.5 becomes EOL. So you don't need to branch ERB.new usage in many places. The deprecation warning is shown only when "-w" (or "-W2") flag is explicitly added.

If you're even against having deprecation warning on warn level 2, please add comments here. I may postpone it.

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0