今天用以前的代碼寫新項目,運行代碼報錯:YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe.
去瞅了一眼,發現yaml.load(input)棄用了,隨后發現,5.1之后的需要加一個加載器才可以正常運行,針對該變化,作了以下比較
yaml 5.1之前的使用方法:
1 def operateYaml(self,filename): 2 file = open(filename, "r",encoding='utf-8') 3 data = yaml.load(file) 4 file.close() 5 return data
yaml 5.1之后的使用方式有兩種:
1 def operateYaml(self,filename): 2 file = open(filename, "r",encoding='utf-8') 3 data = yaml.load(file,Loader=yaml.FullLoader) #loader可選擇BaseLoader、SafeLoader、FullLoader、UnsafeLoader 4 file.close() 5 return data
1 def operateYaml(self,filename): 2 file = open(filename, "r",encoding='utf-8') 3 data = yaml.full_load(file) #可使用3種不同的加載方式:yaml.safe_load、yaml.full_load、yaml.unsafe_load
4 file.close()
5 return data
針對不同的需要,加載器有如下幾種類型:
- BaseLoader:僅加載最基本的YAML
- SafeLoader:安全地加載YAML語言的子集。建議用於加載不受信任的輸入。(safe_load)
- FullLoader:加載完整的YAML語言。避免任意代碼執行。這是當前(PyYAML 5.1)默認加載器調用
yaml.load(input)(發出警告后)(full_load) - UnsafeLoader(也稱為
Loader向后兼容性):原始的Loader代碼,可以通過不受信任的數據輸入輕松利用。(unsafe_load)
詳情請查看——https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation#footnotes