This PR suppresses the following `Psych.safe_load` args warn when using
Psych 3.1.0 (Ruby 2.6+).
```console
% bundle exec rake spec
(snip)
/Users/koic/src/github.com/intridea/hashie/lib/hashie/extensions/parsers/yaml_erb_parser.rb:22:
Passing permitted_classes with the 2nd argument of Psych.safe_load is
deprecated. Use keyword argument like Psych.safe_load(yaml,
permitted_classes: ...) instead.
/Users/koic/src/github.com/intridea/hashie/lib/hashie/extensions/parsers/yaml_erb_parser.rb:22:
Passing permitted_symbols with the 3rd argument of Psych.safe_load is
deprecated. Use keyword argument like Psych.safe_load(yaml,
permitted_symbols: ...) instead.
/Users/koic/src/github.com/intridea/hashie/lib/hashie/extensions/parsers/yaml_erb_parser.rb:22:
Passing aliases with the 4th argument of Psych.safe_load is
deprecated. Use keyword argument like Psych.safe_load(yaml, aliases:
...) instead
```
`Mash.load` uses the Ruby standard library to load Yaml-serialized files
into a Mash. The original implementation used `YAML.load` for this
purpose. However, that method is inherently unsafe so we switched to
using `YAML.safe_load`.
Safely loading Yaml files has many different domain-specific
configuration flags that we did not, by default, expose. This change
introduces the ability to configure the safe loading of Yaml files so
that all types of Yaml can be loaded when necessary using the flags from
the standard library.
This implementation preserves the backwards-compatibility with the prior
implementation so that it should not require updates from users of the
current `Mash.load` behavior. For those who this change affects, we
included upgrading documentation to ease the transition.
This is a big step forward in our Rubocop setup. I addressed all of the todos
from the current version of Rubocop that made sense to. The only things that
remain are metrics and one cop that relies on the line length metric to work.
I made some judgment calls on disabling a few cops:
1. The `Layout/IndentHeredoc` cop wants you to either use the squiggly heredoc
from Ruby 2.3 or introduce a library. Since we are a low-level library that
is used as a transitive dependency, we cannot introduce another library as a
dependence, so that option is out. Also, we support Rubies back to 2.0
currently, so using the squiggly heredoc isn't an option. Once we remove
support for Rubies older than 2.3, we can switch to the squiggly heredoc cop.
2. The `Naming/FileName` cop was reporting false positives for a few files in
the repository, so I disabled it on those files.
3. The `Style/DoubleNegation` cop reports lints on a few cases where we use
double negation. Given the very generic nature of Hashie, the double-negation
is the easiest, clearest way to express that we want an item to be a Boolean.
I disabled the cop because we exist in the gray area where this makes sense.