Use safe_load for yaml parsing

7 years ago · d46fee4506
parent b3bb8c270f
commit d46fee4506
3 changed files with 5 additions and 6 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,5 +1,5 @@
 - repo: git://github.com/pre-commit/pre-commit-hooks
-  sha: 'v0.6.0'
+  sha: v0.9.2
  hooks:
    - id: check-added-large-files
    - id: check-docstring-first
@ -13,7 +13,7 @@
    - id: requirements-txt-fixer
    - id: trailing-whitespace
 - repo: git://github.com/asottile/reorder_python_imports
-  sha: 3d86483455ab5bd06cc1069fdd5ac57be5463f10
+  sha: v0.3.5
  hooks:
    - id: reorder-python-imports
      language_version: 'python2.7'
--- a/pyentrypoint/config.py
+++ b/pyentrypoint/config.py
@ -10,8 +10,7 @@ from io import open
 from pwd import getpwnam

 from six import string_types
-from yaml import load
-from yaml import Loader
+from yaml import safe_load

 from .command import Command
 from .constants import ENTRYPOINT_FILE
@ -122,7 +121,7 @@ class Config(ConfigMeta):
            self.log.critical('Entrypoint config file does not provided')
            return
        with open(self._config_file) as f:
-            self._config = load(stream=f, Loader=Loader)
+            self._config = safe_load(stream=f)
        self._check_config()

    @property
--- a/setup.py
+++ b/setup.py
@ -5,7 +5,7 @@ from setuptools import setup

 # Thanks Sam and Max

-__version__ = '0.5.0'
+__version__ = '0.5.1'

 if __name__ == '__main__':
    setup(