1
1
From: Ingy döt Net <
[email protected] >
2
2
3
- Subject: [ANN] PyYAML-4 .1: YAML parser and emitter for Python
3
+ Subject: [ANN] PyYAML-5 .1: YAML parser and emitter for Python
4
4
5
5
=======================
6
- Announcing PyYAML-4 .1
6
+ Announcing PyYAML-5 .1
7
7
=======================
8
8
9
9
A new MAJOR RELEASE of PyYAML is now available:
10
10
https://pypi.org/project/PyYAML/
11
11
12
- This is the first release of PyYAML under a new maintenance team. In August
13
- 2016, maintenance of PyYAML and LibYAML was turned over from the original
14
- author, Kirill Simonov, to Ian Cordasco and Ingy döt Net.
12
+ This is the first major release of PyYAML under the new maintenance team.
15
13
16
- The canonical source repo moved:
14
+ Among the many changes listed below, this release specifically addresses the
15
+ arbitrary code execution issue raised by:
17
16
18
- from: https://bitbucket.org/xi/pyyaml/
19
- to: https://github.com/yaml/pyyaml
17
+ https://nvd.nist.gov/vuln/detail/CVE-2017-18342
18
+
19
+ (See https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation
20
+ for complete details).
20
21
21
22
The PyYAML project is now maintained by the YAML and Python communities.
22
23
Planning happens on the #yaml-dev, #pyyaml and #libyaml IRC channels on
@@ -37,13 +38,20 @@ Changes
37
38
* https://github.com/yaml/pyyaml/pull/62 -- Remove tox workaround for Travis CI
38
39
* https://github.com/yaml/pyyaml/pull/63 -- Adding support to Unicode characters over codepoint 0xffff
39
40
* https://github.com/yaml/pyyaml/pull/65 -- Support unicode literals over codepoint 0xffff
40
- * https://github.com/yaml/pyyaml/pull/74 -- Make pyyaml safe by default.
41
41
* https://github.com/yaml/pyyaml/pull/75 -- add 3.12 changelog
42
42
* https://github.com/yaml/pyyaml/pull/76 -- Fallback to Pure Python if Compilation fails
43
43
* https://github.com/yaml/pyyaml/pull/84 -- Drop unsupported Python 3.3
44
+ * https://github.com/yaml/pyyaml/pull/102 -- Include license file in the generated wheel package
45
+ * https://github.com/yaml/pyyaml/pull/105 -- Removed Python 2.6 & 3.3 support
44
46
* https://github.com/yaml/pyyaml/pull/111 -- Remove commented out Psyco code
47
+ * https://github.com/yaml/pyyaml/pull/129 -- Remove call to `ord` in lib3 emitter code
48
+ * https://github.com/yaml/pyyaml/pull/143 -- Allow to turn off sorting keys in Dumper
45
49
* https://github.com/yaml/pyyaml/pull/149 -- Test on Python 3.7-dev
46
50
* https://github.com/yaml/pyyaml/pull/158 -- Support escaped slash in double quotes "\/"
51
+ * https://github.com/yaml/pyyaml/pull/181 -- Import Hashable from collections.abc
52
+ * https://github.com/yaml/pyyaml/pull/256 -- Make default_flow_style=False
53
+ * https://github.com/yaml/pyyaml/pull/257 -- Deprecate yaml.load and add FullLoader and UnsafeLoader classes
54
+ * https://github.com/yaml/pyyaml/pull/263 -- Windows Appveyor build
47
55
48
56
49
57
Resources
@@ -81,7 +89,7 @@ Example
81
89
82
90
>>> import yaml
83
91
84
- >>> yaml.load ("""
92
+ >>> yaml.full_load ("""
85
93
... name: PyYAML
86
94
... description: YAML parser and emitter for Python
87
95
... homepage: https://github.com/yaml/pyyaml
@@ -91,7 +99,7 @@ Example
91
99
'pickle'], 'homepage': 'https://github.com/yaml/pyyaml', 'description':
92
100
'YAML parser and emitter for Python', 'name': 'PyYAML'}
93
101
94
- >>> print yaml.dump(_)
102
+ >>> print( yaml.dump(_) )
95
103
name: PyYAML
96
104
homepage: https://github.com/yaml/pyyaml
97
105
description: YAML parser and emitter for Python
@@ -101,13 +109,10 @@ keywords: [YAML, serialization, configuration, persistence, pickle]
101
109
Maintainers
102
110
===========
103
111
104
- The following people are responsible for maintaining PyYAML:
112
+ The following people are currently responsible for maintaining PyYAML:
105
113
106
114
* Ingy döt Net
107
- * Ian Cordasco
108
115
* Tina Mueller
109
- * Alex Gaynor
110
- * Donald Stufft
111
116
* Matt Davis
112
117
113
118
and many thanks to all who have contribributed!
@@ -117,7 +122,7 @@ See: https://github.com/yaml/pyyaml/pulls
117
122
Copyright
118
123
=========
119
124
120
- Copyright (c) 2017-
2018 Ingy döt Net <
[email protected] >
125
+ Copyright (c) 2017-
2019 Ingy döt Net <
[email protected] >
121
126
Copyright (c) 2006-2016 Kirill Simonov <
[email protected] >
122
127
123
128
The PyYAML module was written by Kirill Simonov <
[email protected] >.
0 commit comments