Loading YAML configuration broken on current release (0.3.5) due to PyYaml change

Question

Loading YAML configuration broken on current release (0.3.5) due to PyYaml change

Closed this issue 2 years ago · 2 comments

The current release (0.3.5) fails when loading a YAML configuration file. This is because PyYaml (required by pyaml) version 5.3.1 changed the yaml.load and yaml.load_all functions to require a new positional argument (Loader) due to a CVE filed against the PyYaml package.

The following error occurs in beamr\interpreters\config.py

TypeError: load_all() missing 1 required positional argument: 'Loader'

The patched version of PyYaml includes a function yaml.safe_load. If executing code on load is not needed a solution would simply be to just change all cases of yaml.load and yaml.load_all in config.py to yaml.safe_load.

Answer 1 · 2022-11-20T23:50:10.000Z

Thanks for raising this!
I haven't touched this code, or pushed anything to PyPI, in over 4 years, so I need to first remember how to not break anything. 😂

Answer 2 · 2022-11-23T16:43:45.000Z

Thanks for doing this!