apm-agent-ruby icon indicating copy to clipboard operation
apm-agent-ruby copied to clipboard
verified publisher icon elastic

undefined method `safe_load' for Syck:Module

Open imi56 opened this issue 1 year ago • 3 comments

Describe the bug

I have a gem 'syck', "1.4.1" gem. Everything works fine unless I add gem 'elastic-apm', "4.7.2"

Steps to reproduce

Expected behavior

Environment

  • OS: Docker container
  • Ruby version: 2.4.6
  • Framework and version: 3.2.22.5
  • APM Server version:
  • Agent version:

Additional context

Add any other context about the problem here.

  • Agent config options
    Click to expand 
    replace this line with your agent config options
remember to mask any sensitive fields like tokens

imi56 avatar Apr 15 '24 12:04 imi56

Hi @imi56 Thanks for reporting this, I'll take a look and have an update soon.

estolfo avatar Apr 22 '24 11:04 estolfo

Hi @imi56 this is due to there being no safe_load method defined on Syck, which is the module value set to the YAML constant when the syck gem is installed. So I've changed the code to confirm that safe_load is defined before using it and then fall back to load if it's not. Just FYI, using load is discouraged due to security issues. If it's possible to use psych instead so the code can use the safe_load method, that would probably be a lot better. I've opened a draft PR, and I'm just working on now how to properly test it.

estolfo avatar Apr 26 '24 15:04 estolfo

Hi @imi56 did you have a chance to check out the PR? Let me know if it's a reasonable solution for you. Thanks!

estolfo avatar Apr 30 '24 09:04 estolfo