Merge branch 'main' into INFC-7

author: John McCrae <john.mccrae@progress.com> 2022-03-24 13:44:27 -0700
committer: GitHub <noreply@github.com> 2022-03-24 13:44:27 -0700
commit: 52ef0c8a9835ce5559eccfda7973312ac26d739d (patch)
tree: c60feceba928c9ecdfbf6f496aa09d403a7fdf52 /lib
parent: 2b6d99b1c0340ee1d9622286a51f6bf2e480c3da (diff)
parent: 8c11b691afccdffa3b43440e7746ce8dc580e7e5 (diff)
download: chef-52ef0c8a9835ce5559eccfda7973312ac26d739d.tar.gz
10 files changed, 13 insertions, 11 deletions
diff --git a/lib/chef/compliance/input.rb b/lib/chef/compliance/input.rb
index 686b516b2e..237a4e12d0 100644
--- a/lib/chef/compliance/input.rb
+++ b/lib/chef/compliance/input.rb
@@ -101,7 +101,7 @@ class Chef
       # and cookbook_name are required this is probably not externally useful.
       #
       def self.from_yaml(events, string, path = nil, cookbook_name = nil)
-        from_hash(events, YAML.load(string), path, cookbook_name)
+        from_hash(events, YAML.safe_load(string, permitted_classes: [Date]), path, cookbook_name)
       end
 
       # @param filename [String] full path to the yml file in the cookbook
diff --git a/lib/chef/compliance/profile.rb b/lib/chef/compliance/profile.rb
index ec9d61895c..f0d02000fc 100644
--- a/lib/chef/compliance/profile.rb
+++ b/lib/chef/compliance/profile.rb
@@ -108,7 +108,7 @@ class Chef
       # and cookbook_name are required this is probably not externally useful.
       #
       def self.from_yaml(events, string, path, cookbook_name)
-        from_hash(events, YAML.load(string), path, cookbook_name)
+        from_hash(events, YAML.safe_load(string, permitted_classes: [Date]), path, cookbook_name)
       end
 
       # @param filename [String] full path to the inspec.yml file in the cookbook
diff --git a/lib/chef/compliance/waiver.rb b/lib/chef/compliance/waiver.rb
index 0062a7d5d9..6284e06f04 100644
--- a/lib/chef/compliance/waiver.rb
+++ b/lib/chef/compliance/waiver.rb
@@ -101,7 +101,7 @@ class Chef
       # and cookbook_name are required this is probably not externally useful.
       #
       def self.from_yaml(events, string, path = nil, cookbook_name = nil)
-        from_hash(events, YAML.load(string), path, cookbook_name)
+        from_hash(events, YAML.safe_load(string, permitted_classes: [Date]), path, cookbook_name)
       end
 
       # @param filename [String] full path to the yml file in the cookbook
diff --git a/lib/chef/dsl/reader_helpers.rb b/lib/chef/dsl/reader_helpers.rb
index 6a9b021d89..fd8b21e9f0 100644
--- a/lib/chef/dsl/reader_helpers.rb
+++ b/lib/chef/dsl/reader_helpers.rb
@@ -42,7 +42,7 @@ class Chef
       end
 
       def parse_yaml(filename)
-        YAML.load(IO.read(filename))
+        YAML.safe_load_file(filename, permitted_classes: [Date])
       end
 
       extend self
diff --git a/lib/chef/http/ssl_policies.rb b/lib/chef/http/ssl_policies.rb
index bc688f13a6..eb5e6cc747 100644
--- a/lib/chef/http/ssl_policies.rb
+++ b/lib/chef/http/ssl_policies.rb
@@ -88,10 +88,10 @@ class Chef
           certs = Dir.glob(::File.join(Chef::Util::PathHelper.escape_glob_dir(config.trusted_certs_dir), "*.{crt,pem}"))
           certs.each do |cert_file|
             cert = begin
-              OpenSSL::X509::Certificate.new(::File.binread(cert_file))
+                     OpenSSL::X509::Certificate.new(::File.binread(cert_file))
                    rescue OpenSSL::X509::CertificateError => e
                      raise Chef::Exceptions::ConfigurationError, "Error reading cert file '#{cert_file}', original error '#{e.class}: #{e.message}'"
-            end
+                   end
             add_trusted_cert(cert)
           end
         end
@@ -132,7 +132,7 @@ class Chef
       def add_trusted_cert(cert)
         http_client.cert_store.add_cert(cert)
       rescue OpenSSL::X509::StoreError => e
-        raise e unless e.message == "cert already in hash table"
+        raise e unless e.message =~ /cert already in hash table/
       end
 
     end
diff --git a/lib/chef/node/mixin/immutablize_array.rb b/lib/chef/node/mixin/immutablize_array.rb
index 652061bc36..ab4d65580f 100644
--- a/lib/chef/node/mixin/immutablize_array.rb
+++ b/lib/chef/node/mixin/immutablize_array.rb
@@ -73,6 +73,7 @@ class Chef
           include?
           index
           inject
+          intersect?
           intersection
           join
           last
diff --git a/lib/chef/recipe.rb b/lib/chef/recipe.rb
index 972edf9649..2f7a282ca8 100644
--- a/lib/chef/recipe.rb
+++ b/lib/chef/recipe.rb
@@ -101,7 +101,7 @@ class Chef
     end
 
     def from_yaml(string)
-      res = ::YAML.safe_load(string)
+      res = ::YAML.safe_load(string, permitted_classes: [Date])
       unless res.is_a?(Hash) && res.key?("resources")
         raise ArgumentError, "YAML recipe '#{source_file}' must contain a top-level 'resources' hash (YAML sequence), i.e. 'resources:'"
       end
diff --git a/lib/chef/resource/chef_client_launchd.rb b/lib/chef/resource/chef_client_launchd.rb
index 0fbe7b9263..1016ea4d49 100644
--- a/lib/chef/resource/chef_client_launchd.rb
+++ b/lib/chef/resource/chef_client_launchd.rb
@@ -134,6 +134,7 @@ class Chef
           program_arguments ["/bin/bash",
                              "-c",
                              "echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; sudo /bin/launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; sudo /bin/launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
+          run_at_load true
           action :enable # enable creates the plist & triggers service restarts on change
         end
 
diff --git a/lib/chef/resource/inspec_waiver_file_entry.rb b/lib/chef/resource/inspec_waiver_file_entry.rb
index 7ad31fd58d..f19dff2b74 100644
--- a/lib/chef/resource/inspec_waiver_file_entry.rb
+++ b/lib/chef/resource/inspec_waiver_file_entry.rb
@@ -136,11 +136,11 @@ class Chef
         def load_waiver_file_to_hash(file_name)
           if %r{(/|C:\\).*(.yaml|.yml)}i.match?(file_name)
             if ::File.exist?(file_name)
-              hash = ::YAML.load_file(file_name)
+              hash = ::YAML.safe_load_file(file_name, permitted_classes: [Date])
               if hash == false || hash.nil? || hash == ""
                 {}
               else
-                ::YAML.load_file(file_name)
+                ::YAML.safe_load_file(file_name, permitted_classes: [Date])
               end
             else
               {}
diff --git a/lib/chef/version.rb b/lib/chef/version.rb
index f27cd11d2a..9f3a58e618 100644
--- a/lib/chef/version.rb
+++ b/lib/chef/version.rb
@@ -23,7 +23,7 @@ require_relative "version_string"
 
 class Chef
   CHEF_ROOT = File.expand_path("..", __dir__)
-  VERSION = Chef::VersionString.new("18.0.72")
+  VERSION = Chef::VersionString.new("18.0.75")
 end
 
 #
author	John McCrae <john.mccrae@progress.com>	2022-03-24 13:44:27 -0700
committer	GitHub <noreply@github.com>	2022-03-24 13:44:27 -0700
commit	52ef0c8a9835ce5559eccfda7973312ac26d739d (patch)
tree	c60feceba928c9ecdfbf6f496aa09d403a7fdf52 /lib
parent	2b6d99b1c0340ee1d9622286a51f6bf2e480c3da (diff)
parent	8c11b691afccdffa3b43440e7746ce8dc580e7e5 (diff)
download	chef-52ef0c8a9835ce5559eccfda7973312ac26d739d.tar.gz