fix(security): use YAML core schema to prevent type coercion (#20857)

YAML 1.1 default schema silently coerces values like "on" to true and "off" to false, which can cause unexpected behavior in frontmatter parsing. Explicitly set schema: "core" to use YAML 1.2 rules that only recognize true/false/null literals.
2026-02-19 18:39:20 -05:00 · 2026-02-19 21:15:36 +10:00
parent 9edec67a18
commit baf4a799a9
1 changed files with 1 additions and 1 deletions
--- a/src/markdown/frontmatter.ts
+++ b/src/markdown/frontmatter.ts
@@ -34,7 +34,7 @@ function coerceFrontmatterValue(value: unknown): string | undefined {

 function parseYamlFrontmatter(block: string): ParsedFrontmatter | null {
  try {
-    const parsed = YAML.parse(block) as unknown;
+    const parsed = YAML.parse(block, { schema: "core" }) as unknown;
    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
      return null;
    }