I'm running into this issue
Short story: crack is a bad dependency to have. It's basically abandonware. The last official release (2015) uses the safe_yaml gem, which is also abandonware. Note that this has been fixed more than 2 years ago, but they haven't bothered to make a release with that bugfix.
Making releases has basically no cost. Not releasing versions after bugs are fixed is a mistake.
Note also that the same_yaml gem also fixed the issue more than a year ago. But hasn't released it. There's just no excuse in not releasing versions after changes.
I'm running into this issue
Short story:
crackis a bad dependency to have. It's basically abandonware. The last official release (2015) uses thesafe_yamlgem, which is also abandonware. Note that this has been fixed more than 2 years ago, but they haven't bothered to make a release with that bugfix.Making releases has basically no cost. Not releasing versions after bugs are fixed is a mistake.
Note also that the
same_yamlgem also fixed the issue more than a year ago. But hasn't released it. There's just no excuse in not releasing versions after changes.