1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-29 20:55:32 +03:00

replace usage of FullLoader w/ safe_load

This commit is contained in:
Ryan Petrello 2019-08-15 11:25:47 -04:00
parent e08e70efb4
commit 39d0eb62e4
No known key found for this signature in database
GPG Key ID: F2AA5F2122351777
5 changed files with 9 additions and 10 deletions

View File

@ -7,4 +7,4 @@ class HasVariables(object):
@property
def variables(self):
return PseudoNamespace(yaml.load(self.json.variables, Loader=yaml.FullLoader))
return PseudoNamespace(yaml.safe_load(self.json.variables))

View File

@ -114,16 +114,16 @@ class UnifiedJob(HasStatus, base.Base):
"""
def attempt_yaml_load(arg):
try:
return yaml.load(arg, Loader=yaml.FullLoader)
return yaml.safe_load(arg)
except (yaml.parser.ParserError, yaml.scanner.ScannerError):
return str(arg)
args = []
if not self.json.job_args:
return ""
for arg in yaml.load(self.json.job_args, Loader=yaml.FullLoader):
for arg in yaml.safe_load(self.json.job_args):
try:
args.append(yaml.load(arg, Loader=yaml.FullLoader))
args.append(yaml.safe_load(arg))
except (yaml.parser.ParserError, yaml.scanner.ScannerError):
if arg[0] == '@': # extra var file reference
args.append(attempt_yaml_load(arg))

View File

@ -184,8 +184,7 @@ def load_credentials(filename=None):
if os.path.isfile(path):
with open(path) as credentials_fh:
credentials_dict = yaml.load(
credentials_fh, Loader=yaml.FullLoader)
credentials_dict = yaml.safe_load(credentials_fh)
return credentials_dict
else:
msg = 'Unable to load credentials file at %s' % path
@ -200,7 +199,7 @@ def load_projects(filename=None):
if os.path.isfile(path):
with open(path) as projects_fh:
projects_dict = yaml.load(projects_fh, Loader=yaml.FullLoader)
projects_dict = yaml.safe_load(projects_fh)
return projects_dict
else:
msg = 'Unable to load projects file at %s' % path
@ -329,7 +328,7 @@ def to_bool(obj):
def load_json_or_yaml(obj):
try:
return yaml.load(obj, Loader=yaml.FullLoader)
return yaml.safe_load(obj)
except AttributeError:
raise TypeError("Provide valid YAML/JSON.")

View File

@ -12,7 +12,7 @@ file_pattern_cache = {}
file_path_cache = {}
class Loader(yaml.FullLoader):
class Loader(yaml.SafeLoader):
def __init__(self, stream):
self._root = os.path.split(stream.name)[0]

View File

@ -1,2 +1,2 @@
PyYAML>=5.1
PyYAML
requests