Due to Kernel.open() supporting opening pipe-commands (ex: "|command-here...") this has led to multiple 1 security 2 vulnerabilities 3, where malicious user-input eventually is passed to Kernel.open(). One of the code-paths that malicious user-input can reach Kernel.open() is via open-uri's URI.open() method. RuboCop even recommends avoiding using URI.open() in favor of uri = URI.parse(...); uri.open to avoid accidentally opening malicious "|command..." inputs. I propose that URI.open() should not accept pipe-commands, as they are neither URIs nor files. One could even argue that URI.open() should only accept URIs and never fallback to Kernel.open().
I think we should merge this discussion into #19630 since the behavior you wish to deprecate comes from Kernel#open (called by URI.open in the fall-through case).
I think we should merge this discussion into #19630 since the behavior you wish to deprecate comes from Kernel#open (called by URI.open in the fall-through case).
This could be done before #19630 by changing URI.open to either fallback to File.open or not fallback to open at all. We could preemptively close this vulnerable code path before Ruby 4.0, since URI.open implies that it opens URIs and only URIs.
Updated by 
Updated by 
Updated by 
Updated by