You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
XML is not save to parse in its original specification. See the official official Python builtin xml documentation which promotes the use of the defusedxml package. Pyre in the CI of this repo is complaining about it, too.
The reason why this is important is because we can not know whether or not the XML files a user parses is benign or not. We should protect our users from known security vulnerabilities.
The text was updated successfully, but these errors were encountered:
XML is not save to parse in its original specification. See the official official Python builtin
xmldocumentation which promotes the use of thedefusedxmlpackage.Pyrein the CI of this repo is complaining about it, too.The reason why this is important is because we can not know whether or not the XML files a user parses is benign or not. We should protect our users from known security vulnerabilities.
The text was updated successfully, but these errors were encountered: