Merge pull request #101 from slohse/pyyaml_safe_load

Use PyYAML's safe_load instead of load

checkQC/__init__.py

@@ -1,2 +1,2 @@
 
-__version__ = "3.6.5"
+__version__ = "3.6.6"

checkQC/config.py

@@ -39,7 +39,7 @@ def _get_config_file(config_path):
                 log.info("No config file specified, using default config from {}.".format(config_path))
 
             with open(config_path) as stream:
-                return yaml.load(stream)
+                return yaml.safe_load(stream)
         except FileNotFoundError as e:
             log.error("Could not find config file: {}".format(e))
             raise e
@@ -58,7 +58,7 @@ def get_logging_config_dict(config_path):
                 config_path = resource_filename(Requirement.parse('checkQC'), 'checkQC/default_config/logger.yaml')
                 log.info("No logging config file specified, using default config from {}.".format(config_path))
             with open(config_path) as stream:
-                return yaml.load(stream)
+                return yaml.safe_load(stream)
         except FileNotFoundError as e:
             log.error("Could not find config file: {}".format(e))
             raise e

requirements/prod

@@ -1,5 +1,5 @@
 click==6.7
-PyYAML==3.12
+PyYAML==6.0
 interop>=1.1.10
 xmltodict==0.11.0
 sample_sheet

setup.py

@@ -13,7 +13,7 @@
     download_url='https://github.com/Molmed/checkQC/archive/{}.tar.gz'.format(__version__),
     install_requires=[
         "click",
-        "PyYAML>=3.12",
+        "PyYAML>=6.0",
         "interop>=1.1.10",
         "xmltodict",
         "tornado",