On Mon, 05 Aug 2019 01:31:12 -0400 Scott Kitterman <deb...@kitterman.com> wrote: > Package: src:lavacli > Version: 0.9.7-1 > Severity: grave > Tags: security > Justification: user security hole > > The new version of pyyaml no longer allows use of yaml.load() without a > loader being specifed. This raises a deprecation warning which has > caused and autopkgtest failure on this package. These are generally > trivial to fix, see the upstream guidance [1]. > > Scott K > > [1] https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation > >
Hello, this should be already fixed in the version your are mentioning (v0.9.7). I looked at the code again and can't find any places where yaml.load is used without a loader. Could you point me at the CI job that is raising this warning? Thanks -- RĂ©mi Duraffort
