Handle DisallowedClass error when X-Ray config file has YAML date
What does this MR do and why?
Context
We are rolling out the feature flag ai_enable_internal_repository_xray_service
in #483928. It's at 75% roll out as of 2024-10-15 10:52 AM PT
. The feature is a new in-monolith service that scans a project's repository for dependency config files and then parses a list of libraries from the file content. This service is executed by a Sidekiq job that is triggered upon a new commit to a Duo-enabled project's default branch.
This MR
While monitoring the Sidekiq failed job logs, we noticed the following error:
- json.exception.class:
Psych::DisallowedClass
- json.exception.message:
Tried to load unspecified class: Date
This error occurs when the config file is a YAML doc and it contains a Date
value, which is not a permitted class (it's unsafe). In this MR, we handle the error so that it doesn't bubble up as a Sidekiq job error.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Error reproduced locally with new spec test | Spec test passes after change |
---|---|
Related to #483928