Kezdőlap Felfedezés Súgó
Bejelentkezés
zPlus
/
freepost
Figyelés 5
Kedvenc 18
Másolás 9
Fájlok Problémák 19 Beolvasztási kérések 0 Wiki
Címkék Mérföldkövek
Új probléma

#97 Issue within server test regarding bottle

Lezárt
megnyitva ekkor: 3 éve PaciolloLollo által · 4 hozzászólás
PaciolloLollo hozzászólt 3 éve

I tried following the steps to deploy a test instance, but when I launch the final command I get this error indefinitely.

Traceback (most recent call last):
  File "/home/pi/freepost/venv/lib/python3.7/site-packages/bottle.py", line 3107, in run
    app = load_app(app)
  File "/home/pi/freepost/venv/lib/python3.7/site-packages/bottle.py", line 3052, in load_app
    rv = load(target) # Import the target module
  File "/home/pi/freepost/venv/lib/python3.7/site-packages/bottle.py", line 3037, in load
    if module not in sys.modules: __import__(module)
  File "./freepost/__init__.py", line 25, in <module>
    settings = yaml.load (file)
TypeError: load() missing 1 required positional argument: 'Loader'
I tried following the steps to deploy a test instance, but when I launch the final command I get this error indefinitely. ``` Traceback (most recent call last): File "/home/pi/freepost/venv/lib/python3.7/site-packages/bottle.py", line 3107, in run app = load_app(app) File "/home/pi/freepost/venv/lib/python3.7/site-packages/bottle.py", line 3052, in load_app rv = load(target) # Import the target module File "/home/pi/freepost/venv/lib/python3.7/site-packages/bottle.py", line 3037, in load if module not in sys.modules: __import__(module) File "./freepost/__init__.py", line 25, in <module> settings = yaml.load (file) TypeError: load() missing 1 required positional argument: 'Loader' ```
vaeringjar hozzászólt 3 éve

I tried a fresh clone with newest 3.7.9 and can reproduce that.

Looks like the last time I ran freepost locally a few months back, I used 3.7.2 (not sure why that version specifically). But it works and I get the following warning:

./freepost/__init__.py:25: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
I tried a fresh clone with newest 3.7.9 and can reproduce that. Looks like the last time I ran freepost locally a few months back, I used 3.7.2 (not sure why that version specifically). But it works and I get the following warning: ``` ./freepost/__init__.py:25: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details. ```
PaciolloLollo hozzászólt 3 éve
Bejelentő

While not the best solution, I changed requirements.txt to have pyyaml==5.1

While not the best solution, I changed `requirements.txt` to have `pyyaml==5.1`
vaeringjar hozzászólt 3 éve

Hilariously, my browser with noscript thinks that link looks suspicious, but this is best way I got it to load, but even with url encoding it still complains:

https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load%28input%29-Deprecation

PyYAML's load function has been unsafe since the first release in May 2006

In 2017, a CVE was filed against PyYAML

@zPlus can you decide which of these loaders looks like the best option? We can suppress the warning even with the non-secure versions, but pyyaml has made a breaking change here so users know what they're getting themselves into.

Hilariously, my browser with noscript thinks that link looks suspicious, but this is best way I got it to load, but even with url encoding it still complains: https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load%28input%29-Deprecation > PyYAML's load function has been unsafe since the first release in May 2006 > In 2017, a CVE was filed against PyYAML @zPlus can you decide which of these loaders looks like the best option? We can suppress the warning even with the non-secure versions, but pyyaml has made a breaking change here so users know what they're getting themselves into.
zPlus hozzászólt 3 éve
Tulajdonos

The proper fix for this should be to replace yaml.load() with yaml.safe_load(). I'm having some issues with the current server though (it tells me "Disk quota exceeded" when connecting, for unknown reasons). I'll patch it as soon as I can test it.

The proper fix for this should be to replace `yaml.load()` with `yaml.safe_load()`. I'm having some issues with the current server though (it tells me "Disk quota exceeded" when connecting, for unknown reasons). I'll patch it as soon as I can test it.
zPlus hivatkozott erre a hibajegyre egy commit-ban ekkor: 3 éve
Fix #97 Issue within server test regarding bottle.
zPlus lezárta ekkor: 3 éve
Jelentkezzen be hogy csatlakozhasson a beszélgetéshez.
Címkék
Címkék kiürítése
Feature Request peers jam
Nincs címke
Feature Request
peers jam
Mérföldkő
Mérföldkő kiürítése
Nincs mérföldkő
Megbízott
Megbízott kiürítése
Nincs megbízott
3 Résztvevő
Írás Előnézet
Töltés...
Mégse
Mentés
Még nincs tartalom.