python-ruamel.yaml
Port variant v11
Summary YAML 1.2 parser/emitter (3.11)
BROKEN
Package version 0.18.6
Homepage No known homepage
Keywords python
Maintainer Python Automaton
License Not yet specified
Other variants v12
Ravenports Buildsheet | History
Ravensource Port Directory | History
Last modified 10 FEB 2024, 15:48:34 UTC
Port created 16 APR 2018, 13:51:05 UTC
Subpackage Descriptions
single # ruamel.yaml `ruamel.yaml` is a YAML 1.2 loader/dumper package for Python.
version 0.18.6
updated 2024-02-07
documentation https://yaml.readthedocs.io
repository https://sourceforge.net/projects/ruamel-yaml
pypi https://pypi.org/project/ruamel.yaml
As announced, in 0.18.0, the old PyYAML functions have been deprecated. (`scan`, `parse`, `compose`, `load`, `emit`, `serialize`, `dump` and their variants (`_all`, `safe_`, `round_trip_`, etc)). If you only read this after your program has stopped working: I am sorry to hear that, but that also means you, or the person developing your program, has not tested with warnings on (which is the recommendation in PEP 565, and e.g. defaultin when using `pytest`). If you have troubles, explicitly use ``` pip install "ruamel.yaml<0.18.0" ``` or put something to that effects in your requirments, to give yourself some time to solve the issue. There will be at least one more potentially breaking change in the 0.18 series: `YAML(typ='unsafe')` now has a pending deprecation warning and is going to be deprecated, probably before the end of 2023. If you only use it to dump, please use the new `YAML(typ='full')`, the result of that can be *safely* loaded with a default instance `YAML()`, as that will get you inspectable, tagged, scalars, instead of executed Python functions/classes. (You should probably add constructors for what you actually need, but I do consider adding a `ruamel.yaml.unsafe` package that will re-add the `typ='unsafe'` option. *Please adjust/pin your dependencies accordingly if necessary.* There seems to be a CVE on `ruamel.yaml`, stating that the `load()` function could be abused because of unchecked input. `load()` was never the default function (that was `round_trip_load()` before the new API came into existence`. So the creator of that CVE was ill informed and probably lazily assumed that since `ruamel.yaml` is a derivative of PyYAML (for which a similar CVE exists), the same problem would still exist, without checking. So the CVE was always inappriate, now just more so, as the call to the function `load()` with any input will terminate your program with an error message. If you (have to) care about such things as this CVE, my recommendation is to stop using Python completely, as `pickle.load()` can be abused in the same way as `load()` (and like unlike `load()` is only documented to be unsafe, without development-time warning. Version 0.17.21 was the last one tested to be working on Python 3.5 and 3.6
The 0.16.13 release was the last that was tested to be working on Python 2.7. There are two extra plug-in packages (`ruamel.yaml.bytes` and `ruamel.yaml.string`) for those not wanting to do the streaming to a `io.BytesIO/StringIO` buffer themselves. If your package uses `ruamel.yaml` and is not listed on PyPI, drop me an email, preferably with some information on how you use the package (or a link to the repository) and I'll keep you informed when the status of the API is stable enough to make the transition.
    Overview

    Installing
      Optional requirements

    Basic Usage
      Load and dump  
      More examples

    Working with Python classes
      Dumping Python classes
      Dataclass
Configuration Switches (platform-specific settings discarded)
PY311 ON Build using Python 3.11 PY312 OFF Build using Python 3.12
Package Dependencies by Type
Build (only) python-pip:single:v11
autoselect-python:single:std
Build and Runtime python311:single:std
Runtime (only) python-ruamel.yaml.clib:single:v11
Download groups
main mirror://PYPIWHL/73/67/8ece580cc363331d9a53055130f86b096bf16e38156e33b1d3014fffda6b
Distribution File Information
57b53ba33def16c4f3d807c0ccbc00f8a6081827e81ba2491691b76882d0c636 117761 ruamel.yaml-0.18.6-py3-none-any.whl
Ports that require python-ruamel.yaml:v11
python-nb2an:v11 Netbox to Ansible config comparison tool (3.11)
python-nornir:v11 Automation framework to manage devices (3.11)