awesomebytes/0001-change-yaml.load-to-yaml.safe_load-so-to-workaround-.patch

## 0001-change-yaml.load-to-yaml.safe_load-so-to-workaround-.patch
From 2d9896ef63f87f1ad36df5607a677623decb6fde Mon Sep 17 00:00:00 2001
From: Sammy Pfeiffer <sammypfeiffer@gmail.com>
Date: Fri, 17 Apr 2020 21:16:58 +1000
Subject: [PATCH 1/1] change yaml.load to yaml.safe_load so to workaround
 gentoo bug https://bugs.gentoo.org/659348

---
 src/rosdep2/loader.py           | 2 +-
 src/rosdep2/platforms/source.py | 2 +-
 src/rosdep2/sources_list.py     | 2 +-
 test/test_rosdep_lookup.py      | 6 +++---
 test/test_rosdep_source.py      | 6 +++---
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/rosdep2/loader.py b/src/rosdep2/loader.py
index 2436072..7e2b3d8 100644
--- a/src/rosdep2/loader.py
+++ b/src/rosdep2/loader.py
@@ -55,7 +55,7 @@ class RosdepLoader:
         :raises: :exc:`yaml.YAMLError`
         """
         try:
-            return yaml.load(yaml_contents)
+            return yaml.safe_load(yaml_contents)
         except yaml.YAMLError as e:
             raise InvalidData('Invalid YAML in [%s]: %s' % (origin, e), origin=origin)

diff --git a/src/rosdep2/platforms/source.py b/src/rosdep2/platforms/source.py
index 5676ac2..862494b 100644
--- a/src/rosdep2/platforms/source.py
+++ b/src/rosdep2/platforms/source.py
@@ -118,7 +118,7 @@ def load_rdmanifest(contents):
     :raises: :exc:`InvalidRdmanifest`
     """
     try:
-        return yaml.load(contents)
+        return yaml.safe_load(contents)
     except yaml.scanner.ScannerError as ex:
         raise InvalidRdmanifest('Failed to parse yaml in %s:  Error: %s' % (contents, ex))

diff --git a/src/rosdep2/sources_list.py b/src/rosdep2/sources_list.py
index 11d30dc..23d520d 100644
--- a/src/rosdep2/sources_list.py
+++ b/src/rosdep2/sources_list.py
@@ -203,7 +203,7 @@ def cache_data_source_loader(sources_cache_dir, verbose=False):
             if verbose:
                 print('loading cached data source:\n\t%s\n\t%s' % (uri, filepath), file=sys.stderr)
             with open(filepath) as f:
-                rosdep_data = yaml.load(f.read())
+                rosdep_data = yaml.safe_load(f.read())
         else:
             rosdep_data = {}
         return CachedDataSource(type_, uri, tags, rosdep_data, origin=filepath)
diff --git a/test/test_rosdep_lookup.py b/test/test_rosdep_lookup.py
index 30f2687..e4648e5 100644
--- a/test/test_rosdep_lookup.py
+++ b/test/test_rosdep_lookup.py
@@ -58,14 +58,14 @@ def create_test_SourcesListLoader():
 def get_cache_raw():
     cache_rosdep_path = os.path.join(get_cache_dir(), '0a12d6e7b0d47be9b76e7726720e4cb79528cbaa')
     with open(cache_rosdep_path) as f:
-        cache_raw = yaml.load(f.read())
+        cache_raw = yaml.safe_load(f.read())
     return cache_raw


 def get_cache_raw_python():
     cache_rosdep_path = os.path.join(get_cache_dir(), 'f6f4ef95664e373cd4754501337fa217f5b55d91')
     with open(cache_rosdep_path) as f:
-        cache_raw = yaml.load(f.read())
+        cache_raw = yaml.safe_load(f.read())
     return cache_raw


@@ -125,7 +125,7 @@ def test_RosdepDefinition():
         pass

     #  - test w/valid data
-    d2 = yaml.load(FAKE_TINYXML_RULE)['testtinyxml']
+    d2 = yaml.safe_load(FAKE_TINYXML_RULE)['testtinyxml']
     definition = RosdepDefinition('d2', d2, 'file2.txt')
     #  - tripwire
     str(definition)
diff --git a/test/test_rosdep_source.py b/test/test_rosdep_source.py
index 73fe5b9..6d7555e 100644
--- a/test/test_rosdep_source.py
+++ b/test/test_rosdep_source.py
@@ -59,7 +59,7 @@ def get_test_dir():
 def _subtest_rep112_rdmanifest(resolved):
     test_dir = get_test_dir()
     path = os.path.join(test_dir, 'rep112-example.rdmanifest')
-    manifest = yaml.load(open(path))
+    manifest = yaml.safe_load(open(path))

     assert resolved.manifest == manifest
     assert resolved.manifest_url == path
@@ -102,7 +102,7 @@ def test_SourceInstall():

     test_dir = get_test_dir()
     path = os.path.join(test_dir, 'rep112-example.rdmanifest')
-    manifest = yaml.load(open(path))
+    manifest = yaml.safe_load(open(path))
     resolved = SourceInstall.from_manifest(manifest, path)
     _subtest_rep112_rdmanifest(resolved)

@@ -272,7 +272,7 @@ def test_fetch_file():
 def test_download_rdmanifest():
     test_dir = get_test_dir()
     with open(os.path.join(test_dir, 'rep112-example.rdmanifest')) as f:
-        expected = yaml.load(f)
+        expected = yaml.safe_load(f)

     from rosdep2.platforms.source import download_rdmanifest, DownloadFailed
     url = 'file://%s' % os.path.join(test_dir, 'rep112-example.rdmanifest')
--
2.7.4
	From 2d9896ef63f87f1ad36df5607a677623decb6fde Mon Sep 17 00:00:00 2001
	From: Sammy Pfeiffer <sammypfeiffer@gmail.com>
	Date: Fri, 17 Apr 2020 21:16:58 +1000
	Subject: [PATCH 1/1] change yaml.load to yaml.safe_load so to workaround
	gentoo bug https://bugs.gentoo.org/659348

	---
	src/rosdep2/loader.py \| 2 +-
	src/rosdep2/platforms/source.py \| 2 +-
	src/rosdep2/sources_list.py \| 2 +-
	test/test_rosdep_lookup.py \| 6 +++---
	test/test_rosdep_source.py \| 6 +++---
	5 files changed, 9 insertions(+), 9 deletions(-)

	diff --git a/src/rosdep2/loader.py b/src/rosdep2/loader.py
	index 2436072..7e2b3d8 100644
	--- a/src/rosdep2/loader.py
	+++ b/src/rosdep2/loader.py
	@@ -55,7 +55,7 @@ class RosdepLoader:
	:raises: :exc:`yaml.YAMLError`
	"""
	try:
	- return yaml.load(yaml_contents)
	+ return yaml.safe_load(yaml_contents)
	except yaml.YAMLError as e:
	raise InvalidData('Invalid YAML in [%s]: %s' % (origin, e), origin=origin)

	diff --git a/src/rosdep2/platforms/source.py b/src/rosdep2/platforms/source.py
	index 5676ac2..862494b 100644
	--- a/src/rosdep2/platforms/source.py
	+++ b/src/rosdep2/platforms/source.py
	@@ -118,7 +118,7 @@ def load_rdmanifest(contents):
	:raises: :exc:`InvalidRdmanifest`
	"""
	try:
	- return yaml.load(contents)
	+ return yaml.safe_load(contents)
	except yaml.scanner.ScannerError as ex:
	raise InvalidRdmanifest('Failed to parse yaml in %s: Error: %s' % (contents, ex))

	diff --git a/src/rosdep2/sources_list.py b/src/rosdep2/sources_list.py
	index 11d30dc..23d520d 100644
	--- a/src/rosdep2/sources_list.py
	+++ b/src/rosdep2/sources_list.py
	@@ -203,7 +203,7 @@ def cache_data_source_loader(sources_cache_dir, verbose=False):
	if verbose:
	print('loading cached data source:\n\t%s\n\t%s' % (uri, filepath), file=sys.stderr)
	with open(filepath) as f:
	- rosdep_data = yaml.load(f.read())
	+ rosdep_data = yaml.safe_load(f.read())
	else:
	rosdep_data = {}
	return CachedDataSource(type_, uri, tags, rosdep_data, origin=filepath)
	diff --git a/test/test_rosdep_lookup.py b/test/test_rosdep_lookup.py
	index 30f2687..e4648e5 100644
	--- a/test/test_rosdep_lookup.py
	+++ b/test/test_rosdep_lookup.py
	@@ -58,14 +58,14 @@ def create_test_SourcesListLoader():
	def get_cache_raw():
	cache_rosdep_path = os.path.join(get_cache_dir(), '0a12d6e7b0d47be9b76e7726720e4cb79528cbaa')
	with open(cache_rosdep_path) as f:
	- cache_raw = yaml.load(f.read())
	+ cache_raw = yaml.safe_load(f.read())
	return cache_raw


	def get_cache_raw_python():
	cache_rosdep_path = os.path.join(get_cache_dir(), 'f6f4ef95664e373cd4754501337fa217f5b55d91')
	with open(cache_rosdep_path) as f:
	- cache_raw = yaml.load(f.read())
	+ cache_raw = yaml.safe_load(f.read())
	return cache_raw


	@@ -125,7 +125,7 @@ def test_RosdepDefinition():
	pass

	# - test w/valid data
	- d2 = yaml.load(FAKE_TINYXML_RULE)['testtinyxml']
	+ d2 = yaml.safe_load(FAKE_TINYXML_RULE)['testtinyxml']
	definition = RosdepDefinition('d2', d2, 'file2.txt')
	# - tripwire
	str(definition)
	diff --git a/test/test_rosdep_source.py b/test/test_rosdep_source.py
	index 73fe5b9..6d7555e 100644
	--- a/test/test_rosdep_source.py
	+++ b/test/test_rosdep_source.py
	@@ -59,7 +59,7 @@ def get_test_dir():
	def _subtest_rep112_rdmanifest(resolved):
	test_dir = get_test_dir()
	path = os.path.join(test_dir, 'rep112-example.rdmanifest')
	- manifest = yaml.load(open(path))
	+ manifest = yaml.safe_load(open(path))

	assert resolved.manifest == manifest
	assert resolved.manifest_url == path
	@@ -102,7 +102,7 @@ def test_SourceInstall():

	test_dir = get_test_dir()
	path = os.path.join(test_dir, 'rep112-example.rdmanifest')
	- manifest = yaml.load(open(path))
	+ manifest = yaml.safe_load(open(path))
	resolved = SourceInstall.from_manifest(manifest, path)
	_subtest_rep112_rdmanifest(resolved)

	@@ -272,7 +272,7 @@ def test_fetch_file():
	def test_download_rdmanifest():
	test_dir = get_test_dir()
	with open(os.path.join(test_dir, 'rep112-example.rdmanifest')) as f:
	- expected = yaml.load(f)
	+ expected = yaml.safe_load(f)

	from rosdep2.platforms.source import download_rdmanifest, DownloadFailed
	url = 'file://%s' % os.path.join(test_dir, 'rep112-example.rdmanifest')
	--
	2.7.4