From 7d2800d10641d30bf394c00a637c3f873fa08ac1 Mon Sep 17 00:00:00 2001
From: Peter Taoussanis <peter@taoensso.com>
Date: Tue, 6 Feb 2024 09:31:42 +0100
Subject: [PATCH] [nop] Updates for latest Encore

---
 src/taoensso/nippy.clj      | 37 +++++++++++++++-------
 src/taoensso/nippy/impl.clj | 62 ++++++++++++++-----------------------
 2 files changed, 49 insertions(+), 50 deletions(-)

diff --git a/src/taoensso/nippy.clj b/src/taoensso/nippy.clj
index 5d67357..2704651 100644
--- a/src/taoensso/nippy.clj
+++ b/src/taoensso/nippy.clj
@@ -479,7 +479,7 @@
     - Does NOT implement Nippy's `Freezable`    protocol.
     - DOES     implement Java's  `Serializable` interface.
 
-  In this case, the allowlist will be checked to see if Java's
+  In this case, an allowlist will be checked to see if Java's
   `Serializable` interface may be used.
 
   This is a security measure to prevent possible Remote Code Execution
@@ -513,19 +513,19 @@
 
   Allowlist values may be overridden with `binding`, `alter-var-root`, or:
 
-    - `taoensso.nippy.<freeze/thaw>-serializable-allowlist-base` JVM property
-    - `taoensso.nippy.<freeze/thaw>-serializable-allowlist-add`  JVM property
+    - `taoensso.nippy.<freeze/thaw>-serializable-allowlist-base` JVM property value
+    - `taoensso.nippy.<freeze/thaw>-serializable-allowlist-add`  JVM property value
 
-    - `TAOENSSO_NIPPY_<FREEZE/THAW>_SERIALIZABLE_ALLOWLIST_BASE` env var
-    - `TAOENSSO_NIPPY_<FREEZE/THAW>_SERIALIZABLE_ALLOWLIST_ADD`  env var
+    - `TAOENSSO_NIPPY_<FREEZE/THAW>_SERIALIZABLE_ALLOWLIST_BASE` Environment variable value
+    - `TAOENSSO_NIPPY_<FREEZE/THAW>_SERIALIZABLE_ALLOWLIST_ADD`  Environment variable value
 
   If present, these will be read as comma-separated lists of class names
   and formed into sets. Each initial allowlist value will then be:
   (into (or <?base> <default>) <?additions>).
 
     I.e. you can use:
-      - The \"base\" property/var to replace Nippy's default allowlists.
-      - The \"add\"  property/var to add to  Nippy's default allowlists.
+      - The \"base\" property/var to REPLACE Nippy's default allowlists.
+      - The \"add\"  property/var to ADD TO  Nippy's default allowlists.
 
   The special `\"allow-and-record\"` value is also possible, see [2].
 
@@ -541,8 +541,21 @@
   [1] https://github.com/ptaoussanis/nippy/issues/130
   [2] See `allow-and-record-any-serializable-class-unsafe`."]
 
-  (enc/defonce ^{:dynamic true :doc doc} *freeze-serializable-allowlist* (impl/init-serializable-allowlist :freeze default-freeze-serializable-allowlist false))
-  (enc/defonce ^{:dynamic true :doc doc}   *thaw-serializable-allowlist* (impl/init-serializable-allowlist :thaw     default-thaw-serializable-allowlist true)))
+  (enc/defonce ^{:dynamic true :doc doc} *freeze-serializable-allowlist*
+    (impl/parse-allowlist default-freeze-serializable-allowlist
+      (enc/get-env :taoensso.nippy.freeze-serializable-allowlist-base)
+      (enc/get-env :taoensso.nippy.freeze-serializable-allowlist-add)))
+
+  (enc/defonce ^{:dynamic true :doc doc} *thaw-serializable-allowlist*
+    (impl/parse-allowlist default-thaw-serializable-allowlist
+      (enc/get-env
+        [:taoensso.nippy.thaw-serializable-allowlist-base
+         :taoensso.nippy.serializable-whitelist-base ; Back compatibility
+         ])
+      (enc/get-env
+        [:taoensso.nippy.thaw-serializable-allowlist-add
+         :taoensso.nippy.serializable-whitelist-add ; Back compatibility
+         ]))))
 
 (enc/defonce ^:dynamic ^:no-doc ^:deprecated *serializable-whitelist*
   ;; Back compatibility for Crux, Ref. <https://github.com/juxt/crux/releases/tag/20.09-1.11.0>
@@ -1321,8 +1334,8 @@
           rf2        (if transient? rf2! rf2*)]
 
       (if-let [xf *thaw-xform*]
-        (let [rf ((xform* xf) rf1)] (rf (enc/reduce-n (fn [acc _] (rf acc (clojure.lang.MapEntry/create (thaw-from-in! in) (thaw-from-in! in)))) init n)))
-        (let [rf              rf2 ] (rf (enc/reduce-n (fn [acc _] (rf acc                               (thaw-from-in! in) (thaw-from-in! in)))  init n)))))))
+        (let [rf ((xform* xf) rf1)] (rf (enc/reduce-n (fn [acc _] (rf acc (enc/map-entry (thaw-from-in! in) (thaw-from-in! in)))) init n)))
+        (let [rf              rf2 ] (rf (enc/reduce-n (fn [acc _] (rf acc                (thaw-from-in! in) (thaw-from-in! in)))  init n)))))))
 
 (defn- read-kvs-depr [to ^DataInput in] (read-kvs-into to in (quot (.readInt in) 2)))
 (defn- read-objects [^objects ary ^DataInput in]
@@ -1604,7 +1617,7 @@
         id-bigdec      (BigDecimal. ^BigInteger (read-biginteger in) (.readInt        in))
         id-ratio       (clojure.lang.Ratio.     (read-biginteger in) (read-biginteger in))
 
-        id-map-entry   (clojure.lang.MapEntry/create (thaw-from-in! in) (thaw-from-in! in))
+        id-map-entry   (enc/map-entry (thaw-from-in! in) (thaw-from-in! in))
 
         id-util-date   (java.util.Date. (.readLong in))
         id-sql-date    (java.sql.Date.  (.readLong in))
diff --git a/src/taoensso/nippy/impl.clj b/src/taoensso/nippy/impl.clj
index 25d388e..4eca589 100644
--- a/src/taoensso/nippy/impl.clj
+++ b/src/taoensso/nippy/impl.clj
@@ -54,47 +54,33 @@
 
 ;;;; Java Serializable
 
-(defn- allow-and-record?     [s] (= s "allow-and-record"))
-(defn- split-class-names>set [s] (when (string? s) (if (= s "") #{} (set (mapv str/trim (str/split s #"[,:]"))))))
+(def ^:const ^:private allow-and-record          "allow-and-record")
+(defn-                 allow-and-record? [x] (= x allow-and-record))
+
+(defn- classname-set
+  "Returns ?#{<classname>}."
+  [x]
+  (when x
+    (if (string? x)
+      (if (= x "") #{} (set (mapv str/trim (str/split x #"[,:]"))))
+      (enc/have set? x))))
+
 (comment
-  (split-class-names>set "")
-  (split-class-names>set "foo, bar:baz"))
+  (mapv classname-set [nil #{"foo"} "" "foo, bar:baz"])
+  (.getName (.getSuperclass (.getClass (java.util.concurrent.TimeoutException.)))))
 
-(comment (.getName (.getSuperclass (.getClass (java.util.concurrent.TimeoutException.)))))
+(defn parse-allowlist
+  "Returns #{<classname>}, or `allow-and-record`."
+  [default base add]
+  (if (or
+        (allow-and-record? base)
+        (allow-and-record? add))
+    allow-and-record
+    (into
+      (or (classname-set base) default)
+      (do (classname-set add)))))
 
-(let [ids
-      {:freeze {:base :taoensso.nippy.freeze-serializable-allowlist-base
-                :add  :taoensso.nippy.freeze-serializable-allowlist-add}
-       :thaw   {:base :taoensso.nippy.thaw-serializable-allowlist-base
-                :add  :taoensso.nippy.thaw-serializable-allowlist-add}
-       :legacy {:base :taoensso.nippy.serializable-whitelist-base
-                :add  :taoensso.nippy.serializable-whitelist-add}}]
-
-  (defn init-serializable-allowlist
-    [action default incl-legacy?]
-    (let [allowlist-base
-          (or
-            (when-let [s
-                       (or
-                         (do                (enc/get-sys-val* (get-in ids [action  :base])))
-                         (when incl-legacy? (enc/get-sys-val* (get-in ids [:legacy :base]))))]
-
-              (if (allow-and-record? s) s (split-class-names>set s)))
-            default)
-
-          allowlist-add
-          (when-let [s
-                     (or
-                       (do                (enc/get-sys-val* (get-in ids [action  :add])))
-                       (when incl-legacy? (enc/get-sys-val* (get-in ids [:legacy :add]))))]
-
-            (if (allow-and-record? s) s (split-class-names>set s)))]
-
-      (if (and allowlist-base allowlist-add)
-        (into (enc/have set? allowlist-base) allowlist-add)
-        (do                  allowlist-base)))))
-
-;;;
+(comment (parse-allowlist #{"default"} "base1,base2" "add1"))
 
 (let [nmax    1000
       ngc     16000