PyYAML safe_load

airbnb · May 27, 2020 · 6e65e22 · 6e65e22
1 parent 48db4db
commit 6e65e22
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/knowledge_repo/post.py b/knowledge_repo/post.py
@@ -327,7 +327,7 @@ def _get_headers_from_yaml(self, yaml_str):
         try:
             if not yaml_str.strip().startswith('---'):
                 raise StopIteration()
-            return next(yaml.load_all(yaml_str))
+            return next(yaml.safe_load_all(yaml_str))
         except yaml.YAMLError as e:
             logger.info(
                 "YAML header is incorrectly formatted or missing. The following "

diff --git a/knowledge_repo/repositories/gitrepository.py b/knowledge_repo/repositories/gitrepository.py
@@ -76,7 +76,7 @@ def init(self, config='git:///.knowledge_repo_config.yml', auto_create=False):
         if config.startswith('git:///'):
             assert config.endswith('.yml'), "In-repository configuration must be a YAML file."
             try:
-                self.config.update(yaml.load(self.git_read(config.replace('git:///', ''))))
+                self.config.update(yaml.safe_load(self.git_read(config.replace('git:///', ''))))
             except KeyError:
                 logger.warning("Repository missing configuration file: {}".format(config))
         else: