Commit Graph

70 Commits

Author SHA1 Message Date
Matt Davis
8cdff2c805 6.0 release 2021-10-13 12:12:51 -07:00
Matt Davis
4808fba18e 6.0b1 release 2021-10-04 15:11:05 -04:00
Matt Davis
a6d384c52e Various setup fixes
* enable use of setuptools-embedded distutils
* list 3.10 support
* remove setup.cfg (and deprecated metadata in it)
* run tests on ephemeral copy of intermediate build bits
2021-09-23 15:34:34 -07:00
Thom Smith
00be495c78 Simplify python_requires 2021-09-22 15:52:05 +02:00
Thom Smith
f20947ae25 Move code from lib3 to lib 2021-09-22 15:52:05 +02:00
Thom Smith
dc0c4c1441 Remove 2.7 support 2021-09-22 15:52:05 +02:00
Ingy döt Net
ee37f4653c 5.4.1 release 2021-01-20 16:40:50 -05:00
Ingy döt Net
58d0cb7ee0 5.4 release 2021-01-19 14:07:59 -05:00
Brad Solomon
89f608599d Build modernization (GHA, wheels, setuptools) (#407)
* Move most CI to GitHub Actions
* Build sdist
* Build manylinux1 wheels with libyaml ext (also tested with 2010 and 2014)
* Build MacOS x86_64 wheels with libyaml ext
* Windows wheel builds remain on AppVeyor until we drop 2.7 support in 6.0
* Smoke tests of all post-build artifacts
* Add PEP517/518 build declaration (pyproject.toml with setuptools backend)
* Fully move build to setuptools
* Drop Python 3.5 support
* Declare Python 3.9 support
* Update PyPI metadata now that setuptools lets it flow through

Co-authored-by: Matt Davis <mrd@redhat.com>
2021-01-13 16:58:40 -05:00
Tina Müller
91bca4b856 Update version to 5.3.1 2020-03-17 20:52:26 +01:00
Tina Müller
377092fb2e Changes for 5.3 2020-01-06 20:37:50 +01:00
Tina Müller
69b025a9f3 Changes for 5.3b1 2019-12-21 22:49:24 +01:00
Frédéric Chapoton
36fdf0c486 remove some unused imports (#260)
* remove some unused imports

as suggested by lgtm

https://lgtm.com/projects/g/yaml/pyyaml/

* add back import * from nodes

* remove also sys import

* remove mkpath import
2019-12-20 20:38:46 +01:00
Jon Dufresne
252b4fe54e Document that PyYAML is implemented with Cython (#244) 2019-12-20 20:38:46 +01:00
Christian Clauss
a7a97871fc fixup! setup.py: python_requires='!=3.4.*', 2019-12-03 23:38:13 +01:00
Christian Clauss
039c9eb308 setup.py: Remove support for EOL Python 3.4 2019-12-03 23:38:13 +01:00
Tina Müller
a5c2a043a2 Version 5.2 2019-12-02 21:13:24 +01:00
Matt Davis
3f3c373f50 bump version to 5.2b1 2019-11-25 23:39:55 +01:00
Matt Davis
0f64cbfa54 changes for 5.1.2 release 2019-07-30 18:21:30 -07:00
Matt Davis
5986257f9f changes for 5.1.1 release 2019-06-06 15:14:10 -07:00
Ingy döt Net
e471e86bf6 Updates for 5.1 release 2019-03-13 08:45:34 -07:00
Matt Davis
9141e900d1 Windows Appveyor build
* builds Windows wheels against a specified libyaml repo/refspec for many Python versions
* since we don't have multiple Appveyor workers, it's faster/more convenient to run them serially
* not all paths sufficient for general CI usage yet; still needs manual inspection/testing of output
* various hacks to quiet warning noise during build on old Pythons
2019-03-12 16:22:31 -07:00
Matt Davis
91c9435bb6 Squash/merge pull request #105 from nnadeau/patch-1
Removed Python 2.6 & 3.3
2019-03-08 09:09:48 -08:00
Ingy döt Net
0cedb2a069 Deprecate/warn usage of yaml.load(input)
The `load` and `load_all` methods will issue a warning when they are
called without the 'Loader=' parameter. The warning will point to a URL
that is always up to date with the latest information on the usage of
`load`.

There are several ways to stop the warning:

* Use `full_load(input)` - sugar for `yaml.load(input, FullLoader)`
  * FullLoader is the new safe but complete loader class
* Use `safe_load(input)` - sugar for `yaml.load(input, SafeLoader)`
  * Make sure your input YAML consists of the 'safe' subset
* Use `unsafe_load(input)` - sugar for `yaml.load(input, UnsafeLoader)`
  * Make sure your input YAML consists of the 'safe' subset
* Use `yaml.load(input, Loader=yaml.<loader>)`
  * Or shorter `yaml.load(input, yaml.<loader>)`
  * Where '<loader>' can be:
    * FullLoader - safe, complete Python YAML loading
    * SafeLoader - safe, partial Python YAML loading
    * UnsafeLoader - more explicit name for the old, unsafe 'Loader' class
* yaml.warnings({'YAMLLoadWarning': False})
  * Use this when you use third party modules that use `yaml.load(input)`
  * Only do this if input is trusted

The above `load()` expressions all have `load_all()` counterparts.

You can get the original unsafe behavior with:
* `yaml.unsafe_load(input)`
* `yaml.load(input, Loader=yaml.UnsafeLoader)`

In a future release, `yaml.load(input)` will raise an exception.

The new loader called FullLoader is almost entirely complete as
Loader/UnsafeLoader but it does it avoids all known code execution
paths. It is the preferred YAML loader, and the current default for
`yaml.load(input)` when you get the warning.

Here are some of the exploits that can be triggered with UnsafeLoader
but not with FullLoader:
```
python -c 'import os, yaml; yaml.full_load("!!python/object/new:os.system [echo EXPLOIT!]")'`
python -c 'import yaml; print yaml.full_load("!!python/object/new:abs [-5]")'
python -c 'import yaml; yaml.full_load("!!python/object/new:eval [exit(5)]")' ; echo $?
python -c 'import yaml; yaml.full_load("!!python/object/new:exit [5]")' ; echo $?
2019-03-08 09:09:48 -08:00
Tina Müller
d76d037119 Force cython when building sdist
Fixes #182
2018-06-30 22:49:22 +02:00
Alex Gaynor
d3eb7daf88 Changes for 4.1 release 2018-06-26 15:08:15 -07:00
Ingy döt Net
4c2e993321 Changes for 4.01 release
This is the first release under new maintainership. A bunch of things
involving resource URLs and copyright details needed updating; in
addition to the normal version and changelog updates.
2018-06-24 17:08:57 -06:00
Hugo
b6cbfeec35 Test on Python 3.7-dev
Add Python 3.7 classifier
2018-04-11 10:20:16 -07:00
Donald Stufft
298e07907a Fallback to Pure Python if Compilation fails
Originally this code attempted to determine if compiling the C ext
would succeed, and if it thought it should, it would then require that
the C extension succeed in order to install. This fails in cases where
the detection code passes, but compiling ultimately fails (one instance
this might happen is if the Python headers are not installed).

Instead of "asking permission", this code will now just attempt to
compile the module, and will fall back to pure Python if that fails,
unless the person has explicitly asked for the C module, in which case
it will still just fail.
2017-09-11 19:23:05 -05:00
Jakub Wilk
d856c206fd
Fix typos 2017-08-08 06:05:28 -05:00
Jon Dufresne
8bca3eb44d
Document and test Python 3.6 support 2017-08-07 19:40:58 -05:00
Kirill Simonov
16bd7d06c2 Improved check for CPython (fixes issue #58). 2016-08-25 17:52:48 -05:00
Kirill Simonov
7bd6e032f3 Support for wheel packages. 2016-06-16 22:32:32 -05:00
Kirill Simonov
491508b042 Raise an error when test suite failed. 2016-06-15 20:28:10 -05:00
Kirill Simonov
a57fe5ca52 Dropped pyrex build support; Cython now supports Python 3. 2016-06-15 19:28:34 -05:00
Kirill Simonov
53b4c075f6 Bumped the version number. 2016-06-15 19:26:06 -05:00
Kirill Simonov
96ee4cbfcc Bumped the version number. 2014-03-26 19:34:36 -05:00
Kirill Simonov
9453e0afc0 Removed build options for 2.3 and 2.4. 2011-05-30 04:53:00 +00:00
Kirill Simonov
b1c7014863 Updated the changelog and bumped the version number. 2011-05-30 03:28:15 +00:00
Kirill Simonov
23c952fe08 Do not attempt to build extensions on platforms other than CPython. 2011-05-29 16:13:17 +00:00
Kirill Simonov
03b28d0fc7 Minor formatting cleanup. 2009-08-30 20:06:16 +00:00
Kirill Simonov
b3c9435637 Preparing the next release. 2009-08-30 00:07:20 +00:00
Kirill Simonov
583ea8ad32 Added a note that Python 3.1 is supported. 2009-08-29 22:37:18 +00:00
Kirill Simonov
59bb2dff6a Removed obsolete 'package_dir' line. 2009-08-29 19:13:27 +00:00
Kirill Simonov
6a62e8e7e0 Final touches before the release. 2008-12-30 18:18:53 +00:00
Kirill Simonov
7d5f9450cf Use Cython if available; added Python 3 support to _yaml.pyx. 2008-12-29 23:21:43 +00:00
Kirill Simonov
ab8d940469 Share data files between Py2 and Py3 test suites. 2008-12-29 19:05:11 +00:00
Kirill Simonov
235ab98c2c Added basic support for Python 3 (Thanks idadesub(at)users(dot)sourceforge(dot)net). 2008-12-29 17:24:05 +00:00
Kirill Simonov
1310c51249 Added CHANGES; updated the announcement; wording fixes in setup.py. 2008-12-28 23:34:19 +00:00
Kirill Simonov
8e88d11b41 Minor 2.3 and win32 compatibility fixes; clarify the 'feature not found' message in setup.py. 2008-12-28 21:42:35 +00:00