Yesterday I upgraded the stack PyYAML package to version 5.1. This required I make some changes to
daf_persistence (see DM-18488 for details) since constructors are now associated with specified loaders.
The big change for users though is that PyYAML now complains if you call
yaml.load() without specifying a loader class. Previously
load() used the unsafe loader by default but this is no longer deemed to be the correct approach. If you call
yaml.load() without a loader you will see the following warning:
YAMLLoadWarning: calling yaml.load_all() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
The full details are found at that URL. There are a number of places in our code where we use the default unsafe loader. You will notice them in your
pytest output warnings. A quick scan suggests
ctrl_iip will need fixing to remove the warnings. The best solution is if
CSafeLoader) can be used.
daf_base YAML files must be read using
FullLoader. Contact me if you want additional help in migrating a package to the new scheme.