From 072abe370113cfaba94fff9018681a37245e477f Mon Sep 17 00:00:00 2001 From: Jonathan Burman Date: Mon, 7 Jan 2019 17:28:20 +0000 Subject: [PATCH] convert to use yaml.safe_load (#122) Convert tests to use yaml.safe_load instead of insecure yaml.load yaml/pyyaml#243 --- tests/test_cli.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/test_cli.py b/tests/test_cli.py index 115faa5..a135ff7 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -54,7 +54,7 @@ def test_encrypt(tmpdir, kms_stub): main(['encrypt-file', six.text_type(tmpfile)]) - data = yaml.load(tmpfile.read()) + data = yaml.safe_load(tmpfile.read()) assert data['MY_ENCRYPTED_VAR'] == {'encrypted': base64.b64encode(b'quux').decode('utf-8')} assert data['MY_UNENCRYPTED_VAR'] == 'bar' assert data['TREEHUGGER_APP'] == 'baz' @@ -90,7 +90,7 @@ def test_encrypt_different_key(tmpdir, kms_stub): main(['-k', key_arn, 'encrypt-file', six.text_type(tmpfile)]) - data = yaml.load(tmpfile.read()) + data = yaml.safe_load(tmpfile.read()) assert data['MY_ENCRYPTED_VAR'] == {'encrypted': base64.b64encode(b'quux').decode('utf-8')} assert data['MY_UNENCRYPTED_VAR'] == 'bar' assert data['TREEHUGGER_APP'] == 'baz' @@ -127,7 +127,7 @@ def test_encrypt_different_key_env_var(tmpdir, kms_stub): with mock.patch.dict(os.environ, {'TREEHUGGER_KEY': key_id}): main(['encrypt-file', six.text_type(tmpfile)]) - data = yaml.load(tmpfile.read()) + data = yaml.safe_load(tmpfile.read()) assert data['MY_ENCRYPTED_VAR'] == {'encrypted': base64.b64encode(b'quux').decode('utf-8')} assert data['MY_UNENCRYPTED_VAR'] == 'bar' assert data['TREEHUGGER_APP'] == 'baz' @@ -162,7 +162,7 @@ def test_decrypt(tmpdir, kms_stub): main(['decrypt-file', six.text_type(tmpfile)]) - data = yaml.load(tmpfile.read()) + data = yaml.safe_load(tmpfile.read()) assert data['MY_ENCRYPTED_VAR'] == {'to_encrypt': 'quux'} assert data['MY_UNENCRYPTED_VAR'] == 'bar' assert data['TREEHUGGER_APP'] == 'baz'