openinfra
/
python-tempestconf
Code Issues Proposed changes
python-tempestconf/config_tempest
History
Arx Cruz 0099f408da Replace yaml.load() with yaml.safe_load() 
Avoid dangerous file parsing and object serialization libraries.
yaml.load is the obvious function to use but it is dangerous[1]
Bandit flags yaml.load() as security risk so replace all occurrences
with yaml.safe_load().

[1]https://security.openstack.org/guidelines/dg_avoid-dangerous-input-parsing-libraries.html

Story: 1634265
Task: 38963

Change-Id: Ie5baf64696e6214e3dd01f6e06ede8fd8432cbb8
 		2020-03-09 10:24:11 +01:00
..
services Merge "Add support for storage pools" 2020-03-04 11:38:12 +00:00
tests Merge "Remove support of nova-network" 2020-01-21 11:44:27 +00:00
__init__.py Refactored python-tempestconf to work with devstack 2017-01-18 17:47:00 +05:30
accounts.py Replace git.openstack.org URLs with opendev.org URLs 2019-04-23 13:15:29 +02:00
clients.py Remove support of nova-network 2020-01-20 20:03:16 +05:30
constants.py Use https for cirros image 2019-10-25 13:50:39 +00:00
credentials.py Create utils.py 2018-08-13 11:57:14 +02:00
flavors.py Allow to specify min flavor memory and disk size 2019-03-29 10:14:05 +00:00
main.py Remove support of nova-network 2020-01-20 20:03:16 +05:30
profile.py Replace yaml.load() with yaml.safe_load() 2020-03-09 10:24:11 +01:00
tempest_conf.py Fixed SafeConfigParser deprecation warning for py3 2019-01-03 17:04:02 +05:30
users.py Merge "Fix checking of roles" 2019-05-29 00:25:42 +00:00
utils.py Create utils.py 2018-08-13 11:57:14 +02:00