From ca503e3cc10bf8c65af0392cfca109d50d0417c1 Mon Sep 17 00:00:00 2001 From: "Michael R. Crusoe" Date: Tue, 12 Apr 2016 03:19:40 -0700 Subject: [PATCH] switch to ruamel.yaml, use C loader if available, only load safely --- cwltool/cwltest.py | 12 ++++++++---- cwltool/draft2tool.py | 8 ++++++-- cwltool/expression.py | 1 - cwltool/job.py | 1 - cwltool/main.py | 8 ++++++-- cwltool/process.py | 1 - setup.py | 2 +- 7 files changed, 21 insertions(+), 12 deletions(-) diff --git a/cwltool/cwltest.py b/cwltool/cwltest.py index cb6b6f72a..a1aa7fa6b 100755 --- a/cwltool/cwltest.py +++ b/cwltool/cwltest.py @@ -7,8 +7,12 @@ import sys import shutil import tempfile -import yaml -import yaml.scanner +import ruamel.yaml as yaml +try: + from ruamel.yaml import CSafeLoader as SafeLoader +except ImportError: + from ruamel.yaml import SafeLoader + import pipes import logging import schema_salad.ref_resolver @@ -86,7 +90,7 @@ def run_test(args, i, t): # type: (argparse.Namespace, Any, Dict[str,str]) -> i t["job"]] outstr = subprocess.check_output(test_command) - out = yaml.load(outstr) + out = yaml.load(outstr, Loader=SafeLoader) if not isinstance(out, dict): raise ValueError("Non-dict value parsed from output string.") except ValueError as v: @@ -155,7 +159,7 @@ def main(): # type: () -> int return 1 with open(args.test) as f: - tests = yaml.load(f) + tests = yaml.load(f, Loader=SafeLoader) failures = 0 unsupported = 0 diff --git a/cwltool/draft2tool.py b/cwltool/draft2tool.py index b318f5df0..44b8d7b21 100644 --- a/cwltool/draft2tool.py +++ b/cwltool/draft2tool.py @@ -6,7 +6,11 @@ import os from .pathmapper import PathMapper, DockerPathMapper from .job import CommandLineJob -import yaml +import ruamel.yaml as yaml +try: + from ruamel.yaml import CSafeLoader as SafeLoader +except ImportError: + from ruamel.yaml import SafeLoader import glob import logging import hashlib @@ -242,7 +246,7 @@ def collect_output_ports(self, ports, builder, outdir): custom_output = os.path.join(outdir, "cwl.output.json") if builder.fs_access.exists(custom_output): with builder.fs_access.open(custom_output, "r") as f: - ret = yaml.load(f) + ret = yaml.load(f, Loader=SafeLoader) _logger.debug(u"Raw output from %s: %s", custom_output, json.dumps(ret, indent=4)) adjustFileObjs(ret, remove_hostfs) adjustFileObjs(ret, diff --git a/cwltool/expression.py b/cwltool/expression.py index bea675812..4648146d5 100644 --- a/cwltool/expression.py +++ b/cwltool/expression.py @@ -5,7 +5,6 @@ import logging import os from .errors import WorkflowException -import yaml import schema_salad.validate as validate import schema_salad.ref_resolver from . import sandboxjs diff --git a/cwltool/job.py b/cwltool/job.py index 9a3f78bf3..ad538afcc 100644 --- a/cwltool/job.py +++ b/cwltool/job.py @@ -4,7 +4,6 @@ import tempfile import glob import json -import yaml import logging import sys import requests diff --git a/cwltool/main.py b/cwltool/main.py index 84014eb17..c71746cce 100755 --- a/cwltool/main.py +++ b/cwltool/main.py @@ -12,7 +12,11 @@ import tempfile import schema_salad.jsonld_context import schema_salad.makedoc -import yaml +import ruamel.yaml as yaml +try: + from ruamel.yaml import CSafeLoader as SafeLoader +except ImportError: + from ruamel.yaml import SafeLoader import urlparse from . import process from . import job @@ -413,7 +417,7 @@ def load_job_order(args, t, parser, stdin, print_input_deps=False, relative_deps if len(args.job_order) == 1 and args.job_order[0][0] != "-": job_order_file = args.job_order[0] elif len(args.job_order) == 1 and args.job_order[0] == "-": - job_order_object = yaml.load(stdin) + job_order_object = yaml.load(stdin, Loader=SafeLoader) job_order_object, _ = loader.resolve_all(job_order_object, "") else: job_order_file = None diff --git a/cwltool/process.py b/cwltool/process.py index 54479c9ce..dd27fb469 100644 --- a/cwltool/process.py +++ b/cwltool/process.py @@ -4,7 +4,6 @@ import json import schema_salad.validate as validate import copy -import yaml import copy import logging import pprint diff --git a/setup.py b/setup.py index 86e5acae5..dd01d4349 100644 --- a/setup.py +++ b/setup.py @@ -32,7 +32,7 @@ 'schemas/draft-3/salad/schema_salad/metaschema/*.md']}, install_requires=[ 'requests', - 'PyYAML', + 'ruamel.yaml', 'rdflib >= 4.1.0', 'rdflib-jsonld >= 0.3.0', 'shellescape',