Feature #15998
closed
Allow String#-@ to deduplicate tainted string, but return an untainted one
Description
Patch: https://github.com/ruby/ruby/pull/2287
There was a previous attempt by Eric Wong to allow deduplication of tainted strings, but it was reverted because of unknown CI issues: https://github.com/ruby/ruby/commit/0493b1ce3a4
The previous approach was trying to segregate tainted fstrings from untainted ones. This patch is different.
Instead it returns an untainted fstring.
The rationale is that String#-@ purpose is to deduplicate string we know will stay in memory for long if not until exit, hence I'd argue that by doing so we're implicitly trusting them. A typical usage for instance is:
CONFIG = YAML.load_file('path/to/config.yml').transform_keys { |k| -k }.freeze
Except the above currently doesn't work because YAML returns tainted instances when it reads from a file, so instead you have to do:
CONFIG = YAML.load_file('path/to/config.yml').transform_keys { |k| -(+k).untaint }.freeze
Which is fairly inefficient and unexpected. Several time I wondered why -@ wouldn't deduplicate strings until I noticed they were tainted.
Updated by 
Updated by 
Updated by 
Updated by 
Updated by