On Saturday, 11 November 2017 17:17:28 CET Dominique Dumont wrote: > This is not an ideal solution, but is better than nothing...
Got good reasons [1], upstream is not thrilled about the idea of adding SafeLoad to YAML::XS API. So I've disabled the patch. TINITA suggests [2] to use unbless from Data::Structure::Util to sanitize a data structure coming from untrusted source. This solution is probably easier than replacing YAML::XS with YAML::TIny (which is not always possible and behave differently with utf8) All the best [1] https://github.com/ingydotnet/yaml-libyaml-pm/issues/45#issuecomment-343678829 [2] https://github.com/ingydotnet/yaml-libyaml-pm/issues/45#issuecomment-343679429 -- https://github.com/dod38fr/ -o- http://search.cpan.org/~ddumont/ http://ddumont.wordpress.com/ -o- irc: dod at irc.debian.org
