Project

General

Profile

Actions

Feature #14255

closed

Deprecate $SAFE support in ERB

Added by k0kubun (Takashi Kokubun) about 6 years ago. Updated about 6 years ago.

Status:
Closed
Target version:
[ruby-dev:50403]

Description

See https://bugs.ruby-lang.org/issues/14250.

Proc-level $SAFE change does no longer make sense. This should be deprecated and then removed. But the problem is that the position of safe_level argument is in the middle of argument list of ERB#initialize.

So to remove it safely, we should make them keyword arguments and deprecate the current non-keyword-argument interface. Having both interfaces would be backward-compatible because all of arguments don't take {}.

before

ERB.new("<%= 'foo' %>", 1, '%', '_erbout')

after

ERB.new("<%= 'foo' %>", 1, '%', '_erbout') # print deprecation in 2.6, and removed in 2.7
ERB.new("<%= 'foo' %>", trim_mode: '%', eoutvar: '_erbout') # no safe_level support from first
Actions #1

Updated by k0kubun (Takashi Kokubun) about 6 years ago

  • Subject changed from Deprecate $SAFE support from ERB to Deprecate $SAFE support in ERB
Actions #2

Updated by k0kubun (Takashi Kokubun) about 6 years ago

  • Related to Feature #14250: Make `$SAFE` process global state and allow to set 0 again added

Updated by k0kubun (Takashi Kokubun) about 6 years ago

  • Status changed from Open to Closed

Changed from ruby-dev to ruby-core https://bugs.ruby-lang.org/issues/14256

Actions #4

Updated by k0kubun (Takashi Kokubun) about 6 years ago

  • Related to deleted (Feature #14250: Make `$SAFE` process global state and allow to set 0 again)
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0