Faidon Liambotis has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/367671 )
Change subject: Use Python yaml.safe_load everywhere
......................................................................
Use Python yaml.safe_load everywhere
We don't really have a use case for loading arbitrary Python objects
from YAML files, and in many cases we pass these YAML files from other
subprocesses that may or may not be trusted. Use yaml.safe_load
everywhere (or yaml.SafeLoader, in the case of new_wmf_service.py).
Change-Id: I23f9dcb502aea99c7515291f26a931703932a535
---
M modules/cassandra/files/cassandra-ca-manager
M modules/diamond/files/collector/minimalpuppetagent.py
M modules/prometheus/files/usr/local/bin/prometheus-snmp-exporter-config
M modules/xenon/files/xenon-log
M utils/new_wmf_service.py
5 files changed, 5 insertions(+), 5 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/71/367671/1
diff --git a/modules/cassandra/files/cassandra-ca-manager
b/modules/cassandra/files/cassandra-ca-manager
index 4f55a5d..a326457 100755
--- a/modules/cassandra/files/cassandra-ca-manager
+++ b/modules/cassandra/files/cassandra-ca-manager
@@ -336,7 +336,7 @@
def read_manifest(manifest):
with open(manifest, 'r') as f:
- return yaml.load(f.read())
+ return yaml.safe_load(f.read())
def run_command(command):
diff --git a/modules/diamond/files/collector/minimalpuppetagent.py
b/modules/diamond/files/collector/minimalpuppetagent.py
index ac15338..1b4f7f6 100644
--- a/modules/diamond/files/collector/minimalpuppetagent.py
+++ b/modules/diamond/files/collector/minimalpuppetagent.py
@@ -69,7 +69,7 @@
proc = subprocess.Popen(process_path, stdout=subprocess.PIPE)
out, _ = proc.communicate()
- summary = yaml.load(out)
+ summary = yaml.safe_load(out)
return summary
diff --git
a/modules/prometheus/files/usr/local/bin/prometheus-snmp-exporter-config
b/modules/prometheus/files/usr/local/bin/prometheus-snmp-exporter-config
index 26c55e3..c0a32df 100755
--- a/modules/prometheus/files/usr/local/bin/prometheus-snmp-exporter-config
+++ b/modules/prometheus/files/usr/local/bin/prometheus-snmp-exporter-config
@@ -31,7 +31,7 @@
shutil.copyfileobj(f.buffer, tmpconfig)
tmpconfig.seek(0)
- if yaml.load(tmpconfig) is None:
+ if yaml.safe_load(tmpconfig) is None:
log.error('Empty YAML assembled')
return 1
diff --git a/modules/xenon/files/xenon-log b/modules/xenon/files/xenon-log
index ef05a38..b939415 100755
--- a/modules/xenon/files/xenon-log
+++ b/modules/xenon/files/xenon-log
@@ -33,7 +33,7 @@
args = parser.parse_args()
with open(args.config) as f:
- config = yaml.load(f)
+ config = yaml.safe_load(f)
class TimeLog(object):
diff --git a/utils/new_wmf_service.py b/utils/new_wmf_service.py
index 429021a..e0ca099 100755
--- a/utils/new_wmf_service.py
+++ b/utils/new_wmf_service.py
@@ -91,7 +91,7 @@
# Yaml formatting primitives.
# From: http://stackoverflow.com/questions/5121931
-def ordered_load(stream, Loader=yaml.Loader, object_pairs_hook=OrderedDict):
+def ordered_load(stream, Loader=yaml.SafeLoader,
object_pairs_hook=OrderedDict):
class OrderedLoader(Loader):
pass
--
To view, visit https://gerrit.wikimedia.org/r/367671
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I23f9dcb502aea99c7515291f26a931703932a535
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Faidon Liambotis <fai...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
