Google Git
Sign in
flutter / third_party / rapidjson / refs/heads/420-fix
commit7adc0db3f613a82669f2b168edd98379b83adb3c[log] [tgz]
authorIngy döt Net <ingy@ingy.net>Sat Jan 09 10:53:23 2021 -0500
committerIngy döt Net <ingy@ingy.net>Sat Jan 09 12:10:40 2021 -0500
treedda2d8790c52b49a4c493638e1c00444bba80f59
parentf41c7229e7b462e7a5637a7c574eab52aec8dfed [diff]
Fix for CVE-2020-14343

Per suggestion https://github.com/yaml/pyyaml/issues/420#issuecomment-663888344
move a few constructors from full_load to unsafe_load.
4 files changed
tree: dda2d8790c52b49a4c493638e1c00444bba80f59
  1. .github/
  2. examples/
  3. lib/
  4. lib3/
  5. packaging/
  6. tests/
  7. yaml/
  8. .appveyor.yml
  9. .gitignore
  10. announcement.msg
  11. CHANGES
  12. LICENSE
  13. Makefile
  14. MANIFEST.in
  15. pyproject.toml
  16. README.md
  17. setup.cfg
  18. setup.py
  19. tox.ini
README.md

PyYAML

A full-featured YAML processing framework for Python

Installation

To install, type python setup.py install.

By default, the setup.py script checks whether LibYAML is installed and if so, builds and installs LibYAML bindings. To skip the check and force installation of LibYAML bindings, use the option --with-libyaml: python setup.py --with-libyaml install. To disable the check and skip building and installing LibYAML bindings, use --without-libyaml: python setup.py --without-libyaml install.

When LibYAML bindings are installed, you may use fast LibYAML-based parser and emitter as follows:

>>> yaml.load(stream, Loader=yaml.CLoader)
>>> yaml.dump(data, Dumper=yaml.CDumper)

If you don't trust the input YAML stream, you should use:

>>> yaml.safe_load(stream)

Testing

PyYAML includes a comprehensive test suite. To run the tests, type python setup.py test.

Further Information

License

The PyYAML module was written by Kirill Simonov xi@resolvent.net. It is currently maintained by the YAML and Python communities.

PyYAML is released under the MIT license.

See the file LICENSE for more details.