Change all instances of FullLoader to SafeLoader (#1285)

jrnl-org · Jul 3, 2021 · 9e31534 · 9e31534
1 parent 2648413
commit 9e31534
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/features/steps/core.py b/features/steps/core.py
@@ -17,7 +17,7 @@
 
 import toml
 import yaml
-from yaml.loader import FullLoader
+from yaml.loader import SafeLoader
 
 
 import jrnl.time
@@ -409,7 +409,7 @@ def run(context, command, text=""):
 
     if "config_path" in context and context.config_path is not None:
         with open(context.config_path) as f:
-            context.jrnl_config = yaml.load(f, Loader=yaml.FullLoader)
+            context.jrnl_config = yaml.load(f, Loader=yaml.SafeLoader)
     else:
         context.jrnl_config = None
 
@@ -418,7 +418,7 @@ def run(context, command, text=""):
         command = command.format(cache_dir=cache_dir)
     if "config_path" in context and context.config_path is not None:
         with open(context.config_path, "r") as f:
-            cfg = yaml.load(f, Loader=FullLoader)
+            cfg = yaml.load(f, Loader=SafeLoader)
         context.jrnl_config = cfg
 
     args = split_args(command)
@@ -675,7 +675,7 @@ def check_journal_entries(context, number, journal_name="default"):
 @when("the journal directory is listed")
 def list_journal_directory(context, journal="default"):
     with open(context.config_path) as config_file:
-        configuration = yaml.load(config_file, Loader=yaml.FullLoader)
+        configuration = yaml.load(config_file, Loader=yaml.SafeLoader)
     journal_path = configuration["journals"][journal]
     for root, dirnames, f in os.walk(journal_path):
         for file in f:

diff --git a/jrnl/config.py b/jrnl/config.py
@@ -41,7 +41,7 @@ def make_yaml_valid_dict(input: list) -> dict:
 
     # yaml compatible strings are of the form Key:Value
     yamlstr = YAML_SEPARATOR.join(input)
-    runtime_modifications = yaml.load(yamlstr, Loader=yaml.FullLoader)
+    runtime_modifications = yaml.load(yamlstr, Loader=yaml.SafeLoader)
 
     return runtime_modifications
 
@@ -140,7 +140,7 @@ def verify_config_colors(config):
 def load_config(config_path):
     """Tries to load a config file from YAML."""
     with open(config_path) as f:
-        return yaml.load(f, Loader=yaml.FullLoader)
+        return yaml.load(f, Loader=yaml.SafeLoader)
 
 
 def is_config_json(config_path):

diff --git a/jrnl/plugins/template.py b/jrnl/plugins/template.py
@@ -26,7 +26,7 @@ def __init__(self, template):
     def from_file(cls, filename):
         with open(filename) as f:
             front_matter, body = f.read().strip("-\n").split("---", 2)
-            front_matter = yaml.load(front_matter, Loader=yaml.FullLoader)
+            front_matter = yaml.load(front_matter, Loader=yaml.SafeLoader)
             template = cls(body)
         template.__dict__.update(front_matter)
         return template