[Debian-med-packaging] Bug#1022086: spades: Uses deprecated yaml.load
Gordon Ball
gordon at chronitis.net
Wed Oct 19 20:52:42 BST 2022
Source: spades
Version: 3.15.5+dfsg-1
Severity: normal
X-Debbugs-Cc: gordon at chronitis.net
We hope to upgrade python3-yaml (aka pyyaml) to version 6 before the
freeze, per #1008262
Your package appears to use `yaml.load()` without specifying a `Loader=`
argument, which will become an error in pyyaml version 6. This should
have emitted a warning message since version 5.1 (from 2019).
In most cases this can be fixed by replacing `yaml.load` with
`yaml.safe_load`, unless the ability for yaml to create arbitrary python
objects is desirable.
Parts of the spades codebase use the newer form, but there are multiple
places where the old version is used:
https://codesearch.debian.net/search?q=yaml.load+package%3Aspades&literal=1
This causes the spades autopkgtest to fail with python3-yaml 6, as can
be seen in experimental pseudo-excuses:
https://ci.debian.net/data/autopkgtest/unstable/amd64/s/spades/27249904/log.gz
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.0.0-1-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
More information about the Debian-med-packaging
mailing list