Lele Gaifax <l...@metapensiero.it>: > leam hall <leamh...@gmail.com> writes: > >> Tracked down the GitHub repo (https://github.com/yaml/pyyaml) and it seems >> to be gearing back up. I'll see what I can do to help. > > See also https://bitbucket.org/ruamel/yaml, a fork of PyYAML, it seems more > actively maintained and already supports format 1.2.
BTW, happened to land on this blog posting that mentions a security warning regarding PyYAML: A suggested fix is to always use yaml.safe_load for handling YAML serialization you can't trust. Still, the current PyYAML default feels somewhat provoking considering other serialization libraries tend to use dump/load function names for similar purposes, but in a safe manner. <URL: https://access.redhat.com/blogs/766093/posts/2592591> Marko -- https://mail.python.org/mailman/listinfo/python-list
