From: jean.boussier@... Date: 2020-01-06T12:00:34+00:00 Subject: [ruby-core:96688] [Ruby master Feature#15998] Allow String#-@ to deduplicate tainted string, but return an untainted one Issue #15998 has been updated by byroot (Jean Boussier). Tainting was made a noop in 2.7.0, this issue can now be closed. ---------------------------------------- Feature #15998: Allow String#-@ to deduplicate tainted string, but return an untainted one https://bugs.ruby-lang.org/issues/15998#change-83672 * Author: byroot (Jean Boussier) * Status: Feedback * Priority: Normal * Assignee: * Target version: ---------------------------------------- Patch: https://github.com/ruby/ruby/pull/2287 There was a previous attempt by Eric Wong to allow deduplication of tainted strings, but it was reverted because of unknown CI issues: https://github.com/ruby/ruby/commit/0493b1ce3a4 The previous approach was trying to segregate tainted fstrings from untainted ones. This patch is different. Instead it returns an untainted fstring. The rationale is that `String#-@` purpose is to deduplicate string we know will stay in memory for long if not until exit, hence I'd argue that by doing so we're implicitly trusting them. A typical usage for instance is: ```ruby CONFIG = YAML.load_file('path/to/config.yml').transform_keys { |k| -k }.freeze ``` Except the above currently doesn't work because YAML returns tainted instances when it reads from a file, so instead you have to do: ```ruby CONFIG = YAML.load_file('path/to/config.yml').transform_keys { |k| -(+k).untaint }.freeze ``` Which is fairly inefficient and unexpected. Several time I wondered why `-@` wouldn't deduplicate strings until I noticed they were tainted. -- https://bugs.ruby-lang.org/ Unsubscribe: