diff options
author | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2020-03-18 04:40:09 +0100 |
---|---|---|
committer | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2020-03-18 04:46:26 +0100 |
commit | a0b6fdbb3ac28e0d35cb343c5afe17ffffc29fcc (patch) | |
tree | db3820d221aab4be122ba1aac2596fdb4b3f93ab | |
parent | 6a03a688ee7b6ce68d295230ddfeb5356eca007a (diff) | |
download | vendor_replicant-scripts-a0b6fdbb3ac28e0d35cb343c5afe17ffffc29fcc.tar.gz vendor_replicant-scripts-a0b6fdbb3ac28e0d35cb343c5afe17ffffc29fcc.tar.bz2 vendor_replicant-scripts-a0b6fdbb3ac28e0d35cb343c5afe17ffffc29fcc.zip |
lineageos_wiki: use yaml.safe_load
The code was done in a hurry for a conference, and this needed
to be fixed.
According to the help:
safe_load(stream)
Parse the first YAML document in a stream
and produce the corresponding Python object.
Resolve only basic YAML tags. This is known
to be safe for untrusted input.
So this should normally be safe for untrusted yaml input.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
-rwxr-xr-x | data/lineageos_wiki/find_lineageos_devices.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/lineageos_wiki/find_lineageos_devices.py b/data/lineageos_wiki/find_lineageos_devices.py index c75da3b..e1ce72a 100755 --- a/data/lineageos_wiki/find_lineageos_devices.py +++ b/data/lineageos_wiki/find_lineageos_devices.py @@ -280,7 +280,7 @@ def find_devices(path): filepath = path + os.sep + basedir + os.sep + filename if re.search("\.yml$", filepath): yaml_file = open(filepath, 'r') - document = yaml.load(yaml_file) + document = yaml.safe_load(yaml_file) if still_supported(document) and interesting_for_replicant(document): store_infos(results, document) print_results(results) |