diff --git a/backend/Dockerfile b/backend/Dockerfile index d25aeebf7..0f45f33a0 100644 --- a/backend/Dockerfile +++ b/backend/Dockerfile @@ -9,7 +9,7 @@ WORKDIR /code # Configure locales RUN apt update && \ - apt install -y gettext locales && \ + apt install -y gettext locales libyaml-cpp-dev && \ apt clean && \ rm -rf /var/lib/apt/lists/* && \ sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ diff --git a/backend/library/utils.py b/backend/library/utils.py index 66a737df2..a9c7ee22f 100644 --- a/backend/library/utils.py +++ b/backend/library/utils.py @@ -8,6 +8,8 @@ from django.http import Http404 import yaml + +# interesting thread: https://stackoverflow.com/questions/27743711/can-i-speedup-yaml from ciso_assistant import settings from core.models import ( Framework, @@ -74,7 +76,7 @@ def get_available_libraries(): libs = AVAILABLE_LIBRARIES.get((fname, modified_time)) if libs is None: with open(fname, "r", encoding="utf-8") as file: - libs = list(yaml.safe_load_all(file)) + libs = list(yaml.load_all(file, Loader=yaml.CSafeLoader)) AVAILABLE_LIBRARIES[(fname, os.path.getmtime(fname))] = libs for _lib in libs: if (lib := Library.objects.filter(urn=_lib["urn"]).first()) is not None: @@ -152,7 +154,8 @@ def get_library(urn: str) -> dict | None: # Attempt to directly load the library from its specific YAML file. if os.path.isfile(path): with open(path, "r", encoding="utf-8") as file: - library_data = yaml.safe_load(file) + library_data = yaml.load(file, Loader=yaml.CSafeLoader) + # TODO: looks like we are going through here twice, why? if library_data and library_data.get("urn") == urn: return library_data logger.error("File not found", path=path)