From 8d8809e4d66fef55e71e563b56c1482919111c60 Mon Sep 17 00:00:00 2001 From: Doruk Ozturk Date: Wed, 11 Jan 2023 15:01:46 -0500 Subject: [PATCH 1/4] refactor: Fix insecure yaml load method --- hardeneks/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hardeneks/__init__.py b/hardeneks/__init__.py index efc3a22..0913747 100644 --- a/hardeneks/__init__.py +++ b/hardeneks/__init__.py @@ -33,7 +33,7 @@ def _config_callback(value: str): with open(value, "r") as f: try: - yaml.load(f, Loader=yaml.FullLoader) + yaml.safe_load(f) except yaml.YAMLError as exc: raise typer.BadParameter(exc) @@ -73,7 +73,7 @@ def _load_kube_config(): tmp_config = tempfile.NamedTemporaryFile().name with open(kube_config_orig, "r") as fd: - kubeconfig = yaml.load(fd, Loader=yaml.FullLoader) + kubeconfig = yaml.safe_load(fd) for cluster in kubeconfig["clusters"]: cluster["cluster"]["insecure-skip-tls-verify"] = True with open(tmp_config, "w") as fd: From 776da690da214f4a07289f3a3b7748e619f48bb8 Mon Sep 17 00:00:00 2001 From: Doruk Ozturk Date: Wed, 11 Jan 2023 15:02:06 -0500 Subject: [PATCH 2/4] =?UTF-8?q?bump:=20version=200.7.0=20=E2=86=92=200.7.1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pyproject.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index fc59c99..daaceee 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "hardeneks" -version = "0.7.0" +version = "0.7.1" description = "" authors = ["Doruk Ozturk "] readme = "README.md" @@ -41,7 +41,7 @@ exclude = ''' [tool.commitizen] name = "cz_conventional_commits" -version = "0.7.0" +version = "0.7.1" version_files = [ "pyproject.toml:[tool.commitizen]\nversion", "pyproject.toml:[tool.poetry]\nname = \"commitizen\"\nversion", From 0832db6b54c58158fca4a590b1d028ebe8e27975 Mon Sep 17 00:00:00 2001 From: Doruk Ozturk Date: Wed, 11 Jan 2023 15:02:21 -0500 Subject: [PATCH 3/4] =?UTF-8?q?bump:=20version=200.7.1=20=E2=86=92=200.7.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGELOG.md | 7 +++++++ pyproject.toml | 4 ++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b09abc3..82ce9e1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## Unreleased + +### Refactor + +- Fix insecure yaml load method +- Use more secure yaml load method + ## v0.7.0 (2023-01-02) ### Feat diff --git a/pyproject.toml b/pyproject.toml index daaceee..c61407e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "hardeneks" -version = "0.7.1" +version = "0.7.2" description = "" authors = ["Doruk Ozturk "] readme = "README.md" @@ -41,7 +41,7 @@ exclude = ''' [tool.commitizen] name = "cz_conventional_commits" -version = "0.7.1" +version = "0.7.2" version_files = [ "pyproject.toml:[tool.commitizen]\nversion", "pyproject.toml:[tool.poetry]\nname = \"commitizen\"\nversion", From 00ca064898f51a53d3cfd768f9fe701ccadb71a5 Mon Sep 17 00:00:00 2001 From: Doruk Ozturk Date: Wed, 11 Jan 2023 15:02:46 -0500 Subject: [PATCH 4/4] docs: Add changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 82ce9e1..e8b0ee3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -## Unreleased +## v0.7.2 (2023-01-11) ### Refactor