File safe-yaml.patch of Package python-tablib.4987
From f5de652f7dd89b2b6cc379fbd2c719f3292a33e7 Mon Sep 17 00:00:00 2001
From: Kenneth Reitz <me@kennethreitz.com>
Date: Wed, 2 Nov 2011 02:35:59 -0300
Subject: [PATCH 1/4] use yaml safe_load (thanks @toastdriven) (cherry picked
from commit 42e40ed0ab4859995264abb7ee3ba338b5e0371b)
---
tablib/formats/_yaml.py | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tablib/formats/_yaml.py b/tablib/formats/_yaml.py
index 974228b..0eab78e 100644
--- a/tablib/formats/_yaml.py
+++ b/tablib/formats/_yaml.py
@@ -38,7 +38,7 @@ def import_set(dset, in_stream):
"""Returns dataset from YAML stream."""
dset.wipe()
- dset.dict = yaml.load(in_stream)
+ dset.dict = yaml.safe_load(in_stream)
def import_book(dbook, in_stream):
@@ -46,7 +46,7 @@ def import_book(dbook, in_stream):
dbook.wipe()
- for sheet in yaml.load(in_stream):
+ for sheet in yaml.safe_load(in_stream):
data = tablib.Dataset()
data.title = sheet['title']
data.dict = sheet['data']
@@ -55,7 +55,7 @@ def import_book(dbook, in_stream):
def detect(stream):
"""Returns True if given stream is valid YAML."""
try:
- _yaml = yaml.load(stream)
+ _yaml = yaml.safe_load(stream)
if isinstance(_yaml, (list, tuple, dict)):
return True
else:
--
2.13.0
From eaa11dcd78e9d8ea3b40557737afe0669974ef47 Mon Sep 17 00:00:00 2001
From: Robert Lechte <robertlechte@gmail.com>
Date: Wed, 28 Aug 2013 01:58:30 +1200
Subject: [PATCH 2/4] Changed yaml dumping to use safe_dump, for consistency
with loading.
(cherry picked from commit 1b035f97744e38f2bfd7654df91dfd464ec92b4c)
---
tablib/formats/_yaml.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tablib/formats/_yaml.py b/tablib/formats/_yaml.py
index 0eab78e..98e1565 100644
--- a/tablib/formats/_yaml.py
+++ b/tablib/formats/_yaml.py
@@ -26,12 +26,12 @@ extentions = ('yaml', 'yml')
def export_set(dataset):
"""Returns YAML representation of Dataset."""
- return yaml.dump(dataset._package(ordered=False))
+ return yaml.safe_dump(dataset._package(ordered=False))
def export_book(databook):
"""Returns YAML representation of Databook."""
- return yaml.dump(databook._package())
+ return yaml.safe_dump(databook._package(ordered=False))
def import_set(dset, in_stream):
--
2.13.0
From 1248d3848174afe32c20f417574581c1d929bd62 Mon Sep 17 00:00:00 2001
From: James Patrick Robinson Jr <jamesprobinsonjr@gmail.com>
Date: Wed, 28 Aug 2013 11:24:56 -0400
Subject: [PATCH 3/4] safe_load is not working for book
yaml.safe_load() was not working for import_book,
changed it to use yaml.load() instead.
(cherry picked from commit d8f0a018ae752bb1d2b7fba2d803ab29ed19a43a)
---
tablib/formats/_yaml.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tablib/formats/_yaml.py b/tablib/formats/_yaml.py
index 98e1565..b84adc2 100644
--- a/tablib/formats/_yaml.py
+++ b/tablib/formats/_yaml.py
@@ -46,7 +46,7 @@ def import_book(dbook, in_stream):
dbook.wipe()
- for sheet in yaml.safe_load(in_stream):
+ for sheet in yaml.load(in_stream):
data = tablib.Dataset()
data.title = sheet['title']
data.dict = sheet['data']
--
2.13.0
From 3cfa746a3bc13bc5983912f3b8d5ac1302601fea Mon Sep 17 00:00:00 2001
From: Kenneth Reitz <me@kennethreitz.org>
Date: Tue, 13 Jun 2017 12:29:55 -0400
Subject: [PATCH 4/4] use safe load
(cherry picked from commit 69abfc3ada5d754cb152119c0b4777043657cb6e)
---
tablib/formats/_yaml.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tablib/formats/_yaml.py b/tablib/formats/_yaml.py
index b84adc2..98e1565 100644
--- a/tablib/formats/_yaml.py
+++ b/tablib/formats/_yaml.py
@@ -46,7 +46,7 @@ def import_book(dbook, in_stream):
dbook.wipe()
- for sheet in yaml.load(in_stream):
+ for sheet in yaml.safe_load(in_stream):
data = tablib.Dataset()
data.title = sheet['title']
data.dict = sheet['data']
--
2.13.0
