Opened 4 years ago
Last modified 4 years ago
#31896 closed New feature
Allow using unsafe PyYAML utils when loading fixtures — at Version 2
| Reported by: | German Prostakov | Owned by: | nobody |
|---|---|---|---|
| Component: | Core (Serialization) | Version: | 3.1 |
| Severity: | Normal | Keywords: | fixtures |
| Cc: | Aymeric Augustin | Triage Stage: | Unreviewed |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | yes | UI/UX: | no |
Description (last modified by )
Currently, Django uses PyYAML's SafeLoader to load fixtures which prevent to use some advance utils like !!python/object/apply. To create dates related to the current date, for example, and not static dates that you have to update over time so that they aren't too old.
Anyway, there could be many reasons why a developer would want to use such an util in fixtures. And I believe it should be safe to use UnsafeLoader for fixtures since this is certainly a data that developers create themselves.
Opened a PR: https://github.com/django/django/pull/13320
Change History (2)
comment:1 by , 4 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 4 years ago
| Description: | modified (diff) |
|---|
Note:
See TracTickets
for help on using tickets.