#31896: Allow using unsafe PyYAML utils when loading fixtures
-------------------------------------+-------------------------------------
Reporter: GProst | Owner: nobody
Type: New | Status: new
feature |
Component: Core | Version: 3.1
(Management commands) |
Severity: Normal | Keywords: fixtures
Triage Stage: | Has patch: 1
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 1
UI/UX: 0 |
-------------------------------------+-------------------------------------
Currently, Django uses PyYAML's SafeLoader to load fixtures which prevent
to use some advance utils like `!!python/object/apply`. For example, to
create dates related to the current date for example, and not static dates
that you have to update over time so that they aren't too old.
Anyway, there could be many reasons why a developer would want to use such
an util in features. And I believe it should be safe to use UnsafeLoader
for fixtures since this is certainly a data that developers create
themselves.
Opened a PR: https://github.com/django/django/pull/13320
--
Ticket URL: <https://code.djangoproject.com/ticket/31896>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/049.44c01305c589f7598d7e518a25c3b500%40djangoproject.com.
