From 0267c89799208940816374a656427f1887bdf811 Mon Sep 17 00:00:00 2001 From: Aki Mimoto Date: Tue, 7 Feb 2023 14:07:12 -0800 Subject: [PATCH] FIX: #11 Noted by @chead in [Bug 11](https://github.com/zabertech/python-izaber/issues/11). `PyYAML` v6.0 requires `yaml.load` to have a second argument. Switched to using `safe_load` to fix the argument issue as well as a potential security issue. --- VERSIONS.md | 4 ++++ izaber/zconfig.py | 4 ++-- pyproject.toml | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/VERSIONS.md b/VERSIONS.md index d8789fd..0b5b707 100644 --- a/VERSIONS.md +++ b/VERSIONS.md @@ -102,3 +102,7 @@ Update `pyproject.toml` to be a bit more strict about what python versions are b AttributeError: 'NoneType' object has no attribute 'name' ``` +## 30.0.20230207 + +1. Noted by @chead in [Bug 11](https://github.com/zabertech/python-izaber/issues/11). `PyYAML` v6.0 requires `yaml.load` to have a second argument. Switched to using `safe_load` to fix the argument issue as well as a potential security issue. + diff --git a/izaber/zconfig.py b/izaber/zconfig.py index 8a25f30..58fdf95 100644 --- a/izaber/zconfig.py +++ b/izaber/zconfig.py @@ -91,7 +91,7 @@ def load_config( self, if config_buffer: self._config_full_filname = None - self._cfg = yaml.load(config_buffer) + self._cfg = yaml.safe_load(config_buffer) else: self.config_fpath = self.config_find() \ or os.path.join(self._config_dirs[0], \ @@ -373,7 +373,7 @@ def config_update_(self,config_amend): """ if not isinstance(config_amend,dict): - config_amend = yaml.load(config_amend) + config_amend = yaml.safe_load(config_amend) def merge_dicts(source,target,breadcrumbs=None): """ diff --git a/pyproject.toml b/pyproject.toml index 1074b92..07db9c4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,7 +1,7 @@ [tool.poetry] name = "izaber" description = "Base load point for iZaber code" -version = '3.0.20221124' +version = '3.0.20230207' authors = ["Aki Mimoto "] [build-system]