From efe8a6868f8a6ce15bcc7c550408486761e74013 Mon Sep 17 00:00:00 2001
From: Takuro Ashie <ashie@clear-code.com>
Date: Thu, 27 Oct 2022 11:44:28 +0900
Subject: [PATCH] Remove `object` from the available list of
 `FLUENT_OJ_OPTION_MODE`

There is less benefit by this option in actual, and it will instroduce
serious security risk since it can execute arbitrary Ruby code.
We remove it since keeping it secure is difficult.

Signed-off-by: Takuro Ashie <ashie@clear-code.com>
---
 lib/fluent/oj_options.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/fluent/oj_options.rb b/lib/fluent/oj_options.rb
index f1c274c119..a76e1f81ba 100644
--- a/lib/fluent/oj_options.rb
+++ b/lib/fluent/oj_options.rb
@@ -11,7 +11,7 @@ class OjOptions
 
     ALLOWED_VALUES = {
       'bigdecimal_load': %i[bigdecimal float auto],
-      'mode': %i[strict null compat json rails object custom]
+      'mode': %i[strict null compat json rails custom]
     }
 
     DEFAULTS = {