[MediaWiki-commits] [Gerrit] operations/puppet[production]: wmcs: Use yaml.safe_load in maintain-{meta_p, views}.py

Rush (Code Review) Mon, 24 Jul 2017 10:45:43 -0700

Rush has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/367423 )


Change subject: wmcs: Use yaml.safe_load in maintain-{meta_p, views}.py
......................................................................


wmcs: Use yaml.safe_load in maintain-{meta_p, views}.py

Python's yaml module unfortunately defaults to unsafe de-serialization
behavior. The do provide a `safe_load` method however which will not
create arbitrary objects from a YAML content stream.

Change-Id: I45802649847a608ca22a6c6010a1980966213cd7
---
M modules/role/files/labs/db/views/maintain-meta_p.py
M modules/role/files/labs/db/views/maintain-views.py
2 files changed, 2 insertions(+), 2 deletions(-)

Approvals:
  Rush: Looks good to me, approved
  jenkins-bot: Verified
  Volans: Looks good to me, but someone else must approve



diff --git a/modules/role/files/labs/db/views/maintain-meta_p.py 
b/modules/role/files/labs/db/views/maintain-meta_p.py
index c9c3542..2963d4e 100644
--- a/modules/role/files/labs/db/views/maintain-meta_p.py
+++ b/modules/role/files/labs/db/views/maintain-meta_p.py
@@ -169,7 +169,7 @@
 
     with open(args.config_location, 'r') as stream:
         try:
-            config = yaml.load(stream)
+            config = yaml.safe_load(stream)
         except yaml.YAMLError as exc:
             logging.critical(exc)
             sys.exit(1)
diff --git a/modules/role/files/labs/db/views/maintain-views.py 
b/modules/role/files/labs/db/views/maintain-views.py
index ab9b82f..1f793f7 100644
--- a/modules/role/files/labs/db/views/maintain-views.py
+++ b/modules/role/files/labs/db/views/maintain-views.py
@@ -344,7 +344,7 @@
 
     with open(args.config_location, 'r') as stream:
         try:
-            config = yaml.load(stream)
+            config = yaml.safe_load(stream)
         except yaml.YAMLError as exc:
             logging.critical(exc)
             sys.exit(1)

-- 
To view, visit https://gerrit.wikimedia.org/r/367423
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I45802649847a608ca22a6c6010a1980966213cd7
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: BryanDavis <bda...@wikimedia.org>
Gerrit-Reviewer: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: Madhuvishy <mviswanat...@wikimedia.org>
Gerrit-Reviewer: Rush <r...@wikimedia.org>
Gerrit-Reviewer: Volans <rcocci...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] operations/puppet[production]: wmcs: Use yaml.safe_load in maintain-{meta_p, views}.py

Reply via email to