pyaml library updated, loader needs Loader= parameter #326
Comments
|
Hi @frosencrantz, thanks for letting me know about this! For now, I am going to set an upper limit on the version of the pyaml library that we support. (I should have been doing the same for all of our dependencies.) I have also added looking into this more deeply, and possibly modifying the yaml loader code into my queue. If anyone wants to take the reigns on this investigation (which minimum versions of pyaml supports the Loader= parameter being the main question), they are welcome to. |
|
I ended up making the code change and bumping the minimum PyYAML version! |
|
I'm looking at the YAML loader because I'd like to add support for YAML files with multiple documents, and I'm wondering why the full loader is used instead of the safe loader? Ideally, I'd like to be able to trust vd to open files from unknown sources without verifying them first another way. |
|
There was not a thoughtful reason behind that decision. If you would like to open a PR with a modification to use the safe loader, that would be welcome! |
|
@anjakefala Great! I submitted #600. Thanks for your quick reply! |
|
Of course it should be |
|
I do not think we want to combine it with My only hesitation with |
|
Let's not add it proactively, but if someone desires the unsafe behavior, then we can add it. |
The pyyaml library has changed since the yaml loader was last updated. There is a new requirement for adding Loader= parameter.
/usr/lib/python3.6/site-packages/visidata/loaders/yaml.py:13: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
The text was updated successfully, but these errors were encountered: