Skip to content

Commit

Permalink
Import ruamel.yaml 0.18.5 source.
Browse files Browse the repository at this point in the history
  • Loading branch information
gizmoguy committed Nov 16, 2023
1 parent 6c7561c commit e9f00f2
Show file tree
Hide file tree
Showing 40 changed files with 3,090 additions and 2,556 deletions.
1 change: 1 addition & 0 deletions .hgignore
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ try_*
_doc/*.pdf
_doc/*.html
_doc/*.rst
_doc/*.md
*.py_alt

ziglib
11 changes: 11 additions & 0 deletions .hgtags
Original file line number Diff line number Diff line change
Expand Up @@ -220,3 +220,14 @@ b01b2f5c1ff21d561193de37b7e843baa2b91c91 0.17.31
e2d9ee085ae698c4dca733b83a718b9e4a6ec8c0 0.17.32
c4b4f7766d1845b67606fba5dd7d753e614417ea 0.17.33
31cd820ffa1ae47947343603617be8294d8f1657 0.17.34
2088c8ea914f2626e8dc1da8ef7b43404c69a7ee 0.17.35
c454afd9526435757eb797c6afedc6a308a139b7 0.17.36
d8202d5a430253db5393dc52048db0f00fc8a595 0.17.37
a255af9575de872dae9c19825beccd6f288a215a 0.17.38
5ee159ab1327c416b94ffd065018c526e518e19b 0.17.39
c87a704e4aeabc56009de61872b97db39f4d1a72 0.17.40
3a3b56f6bf0a8944a399c58a9ca430330afadbe3 0.18.0
c0da0ba934877fdfe63bee77ec12a7d2341f5398 0.18.1
a35908655d678b8463ee6198869a0708b3446e06 0.18.2
e32fbfcda1a48d808542670d91f1e84d14f69956 0.18.3
08d87cada1f6e5fedde079b55536061e4fe246a0 0.18.4
16 changes: 11 additions & 5 deletions .readthedocs.yaml
Original file line number Diff line number Diff line change
@@ -1,13 +1,19 @@
version: 2

sphinx:
configuration: _doc/conf.py

formats: [epub, pdf]
build:
os: ubuntu-22.04
tools:
python: "3.11"
jobs:
pre_build:
- pip install ryd>=0.8.2
- ryd convert --generate-mkdocs-config mkdocs.yaml _doc

python:
version: 3.7
install:
- method: pip
path: .
extra_requirements: [docs]

mkdocs:
configuration: mkdocs.yaml
2,263 changes: 1,141 additions & 1,122 deletions CHANGES

Large diffs are not rendered by default.

396 changes: 396 additions & 0 deletions README.md

Large diffs are not rendered by default.

363 changes: 0 additions & 363 deletions README.rst

This file was deleted.

12 changes: 6 additions & 6 deletions __init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@

_package_data = dict(
full_package_name='ruamel.yaml',
version_info=(0, 17, 35),
__version__='0.17.35',
version_timestamp='2023-10-04 11:45:09',
version_info=(0, 18, 5),
__version__='0.18.5',
version_timestamp='2023-11-03 08:54:26',
author='Anthon van der Neut',
author_email='[email protected]',
description='ruamel.yaml is a YAML parser/emitter that supports roundtrip preservation of comments, seq/map flow style, and map key order', # NOQA
Expand All @@ -16,7 +16,7 @@
extras_require={
':platform_python_implementation=="CPython" and python_version<"3.13"': ['ruamel.yaml.clib>=0.2.7'], # NOQA
'jinja2': ['ruamel.yaml.jinja2>=0.2'],
'docs': ['ryd'],
'docs': ['ryd', 'mercurial>5.7'],
},
classifiers=[
'Programming Language :: Python :: 3 :: Only',
Expand All @@ -25,6 +25,7 @@
'Programming Language :: Python :: 3.9',
'Programming Language :: Python :: 3.10',
'Programming Language :: Python :: 3.11',
'Programming Language :: Python :: 3.12',
'Programming Language :: Python :: Implementation :: CPython',
'Topic :: Software Development :: Libraries :: Python Modules',
'Topic :: Text Processing :: Markup',
Expand All @@ -38,8 +39,7 @@
fl8excl='_test/lib,branch_default',
),
# universal=True,
python_requires='>=3',
rtfd='yaml',
python_requires='>=3.7',
) # type: Dict[Any, Any]


Expand Down
120 changes: 120 additions & 0 deletions _doc/README.ryd
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
version: 0.2
text: md
pdf: false
order:
- overview.ryd
- install.ryd
- basicuse.ryd
- dumpcls.ryd
- detail.ryd
- example.ryd
- api.ryd
- pyyaml.ryd
- contributing.ryd
toc: False # don't index this file or put in mkdocs.nav
mkdocs:
site_name: yaml
docs_dir: _doc
site_author: Anthon van der Neut

nav:
- overview.md
- install.md
- basicuse.md
- dumpcls.md
- detail.md
- example.md
- api.md
- pyyaml.md
- contributing.md

theme:
name: readthedocs

exclude_docs: |
*.ryd
*.rst

markdown_extensions:
- toc:
permalink: true
--- |
# ruamel.yaml

`ruamel.yaml` is a YAML 1.2 loader/dumper package for Python.

--- !table
version: !Env version
updated: !Env date
documentation: https://yaml.readthedocs.io
repository: https://sourceforge.net/projects/ruamel-yaml
pypi: https://pypi.org/project/ruamel.yaml
--- |

As announced, in 0.18.0, the old PyYAML functions have been deprecated.
(`scan`, `parse`, `compose`, `load`, `emit`, `serialize`, `dump` and their variants
(`_all`, `safe_`, `round_trip_`, etc)). If you only read this after your program has
stopped working: I am sorry to hear that, but that also means you, or the person
developing your program, has not tested with warnings on (which is the recommendation
in PEP 565, and e.g. defaultin when using `pytest`). If you have troubles, explicitly use
```
pip install "ruamel.yaml<0.18.0"
```
or put something to that effects in your requirments, to give yourself
some time to solve the issue.

There will be at least one more potentially breaking change in the 0.18 series: `YAML(typ='unsafe')`
now has a pending deprecation warning and is going to be deprecated, probably before the end of 2023.
If you only use it to dump, please use the new `YAML(typ='full')`, the result of that can be *safely*
loaded with a default instance `YAML()`, as that will get you inspectable, tagged, scalars, instead of
executed Python functions/classes. (You should probably add constructors for what you actually need,
but I do consider adding a `ruamel.yaml.unsafe` package that will re-add the `typ='unsafe'` option.
*Please adjust/pin your dependencies accordingly if necessary.*


There seems to be a CVE on `ruamel.yaml`, stating that the `load()` function could be abused
because of unchecked input. `load()` was never the default function (that was `round_trip_load()`
before the new API came into existence`. So the creator of that CVE was ill informed and
probably lazily assumed that since `ruamel.yaml` is a derivative of PyYAML (for which
a similar CVE exists), the same problem would still exist, without checking.
So the CVE was always inappriate, now just more so, as the call
to the function `load()` with any input will terminate your program with an error message. If you
(have to) care about such things as this CVE, my recommendation is to stop using Python
completely, as `pickle.load()` can be abused in the same way as `load()` (and like unlike `load()`
is only documented to be unsafe, without development-time warning.

Version 0.17.21 was the last one tested to be working on Python 3.5 and 3.6<BR>
The 0.16.13 release was the last that was tested to be working on Python 2.7.


There are two extra plug-in packages
(`ruamel.yaml.bytes` and `ruamel.yaml.string`)
for those not wanting to do the streaming to a
`io.BytesIO/StringIO` buffer themselves.

If your package uses `ruamel.yaml` and is not listed on PyPI, drop me an
email, preferably with some information on how you use the package (or a
link to the repository) and I'll keep you informed when the status of
the API is stable enough to make the transition.

--- !toc
level: 3
# prefix: http://yaml.readthedocs.io/en/latest/
--- |

[![image](https://readthedocs.org/projects/yaml/badge/?version=latest)](https://yaml.readthedocs.org/en/latest?badge=latest)[![image](https://bestpractices.coreinfrastructure.org/projects/1128/badge)](https://bestpractices.coreinfrastructure.org/projects/1128)
[![image](https://sourceforge.net/p/ruamel-yaml/code/ci/default/tree/_doc/_static/license.svg?format=raw)](https://opensource.org/licenses/MIT)
[![image](https://sourceforge.net/p/ruamel-yaml/code/ci/default/tree/_doc/_static/pypi.svg?format=raw)](https://pypi.org/project/ruamel.yaml/)
[![image](https://sourceforge.net/p/oitnb/code/ci/default/tree/_doc/_static/oitnb.svg?format=raw)](https://pypi.org/project/oitnb/)
[![image](http://www.mypy-lang.org/static/mypy_badge.svg)](http://mypy-lang.org/)

# ChangeLog

--- !changelog
CHANGES
--- |

------------------------------------------------------------------------

For older changes see the file
[CHANGES](https://sourceforge.net/p/ruamel-yaml/code/ci/default/tree/CHANGES)
2 changes: 1 addition & 1 deletion _doc/_static/pypi.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

0 comments on commit e9f00f2

Please sign in to comment.