From c5220b071fb159ef9fe808d1e8d2f8d33b8b165c Mon Sep 17 00:00:00 2001 From: Tomohiro Nakamura Date: Wed, 13 Sep 2017 20:49:38 +0900 Subject: [PATCH] Fix security issue refs #4 * Update version to 1.0.5 * Update to use yaml.safe_load() * Update to tomoh1r --- .travis.yml | 20 +++++++++++++------- CHANGES.txt | 10 ++++++++++ README.rst | 4 ++-- README_test.rst | 1 + ansible_vault/api.py | 2 +- setup.cfg | 9 +++++++++ setup.py | 8 +++++--- tox.ini | 14 -------------- 8 files changed, 41 insertions(+), 27 deletions(-) delete mode 100644 tox.ini diff --git a/.travis.yml b/.travis.yml index 70055d9..8ac98c5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,14 +1,20 @@ --- language: python sudo: false +cache: + directories: + - $HOME/.cache/pip python: -- 2.7 -env: - matrix: - - TOXENV=py27 - - TOXENV=py27-ansible2 + - "2.7" + - "3.3" + - "3.4" + - "3.5" + - "3.6" install: - - pip install tox -script: tox + - python -m pip install -U setuptools pip + - python setup.py setup_test +script: + - python -m pytest + - if [ "$TRAVIS_PYTHON_VERSION" == '2.7' ] ; then python -m pip install -U 'ansible<2.0.0' & python -m pytest ; fi # vim:st=2 sts=2 sw=2: diff --git a/CHANGES.txt b/CHANGES.txt index 1e8aa4e..a51a244 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,13 @@ +1.0.5 (2017/09/13) + +* Update to use yaml.safe_load()$ +* Update to tomoh1r$ + +1.0.4 (2015/11/29) + +* Apply to Ansible 2 +* Add unit tests + 1.0.3 (2015/05/18) * fix README.rst typo diff --git a/README.rst b/README.rst index 0663322..63a8dd3 100644 --- a/README.rst +++ b/README.rst @@ -2,8 +2,8 @@ ansible-vault ============= -.. image:: https://travis-ci.org/jptomo/ansible-vault.svg?branch=master - :target: https://travis-ci.org/jptomo/ansible-vault +.. image:: https://travis-ci.org/tomoh1r/ansible-vault.svg?branch=master + :target: https://travis-ci.org/tomoh1r/ansible-vault This project aim to R/W an ansible-vault yaml file diff --git a/README_test.rst b/README_test.rst index be5691d..57ce749 100644 --- a/README_test.rst +++ b/README_test.rst @@ -12,4 +12,5 @@ how to test .. code-block:: console + $ ./venvtest/bin/python setup.py setup_test $ ./venvtest/bin/python setup.py test diff --git a/ansible_vault/api.py b/ansible_vault/api.py index 3fcc0ad..2f209c1 100644 --- a/ansible_vault/api.py +++ b/ansible_vault/api.py @@ -15,7 +15,7 @@ def __init__(self, password): def load(self, stream): '''read vault steam and return python object''' - return yaml.load(self.vault.decrypt(stream)) + return yaml.safe_load(self.vault.decrypt(stream)) def dump(self, data, stream=None): '''encrypt data and print stdout or write to stream''' diff --git a/setup.cfg b/setup.cfg index 5aef279..1b3e3a3 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,2 +1,11 @@ [metadata] description-file = README.rst + +[aliases] +setup_test = develop easy_install ansible-vault[test] +setup_pypi = develop easy_install ansible-vault[pypi] +release = register clean --all sdist + +[tools:pytest] +norecursedirs = venv +testpaths = ansible_vault/test diff --git a/setup.py b/setup.py index c42a8c4..6c4b2f2 100644 --- a/setup.py +++ b/setup.py @@ -32,19 +32,21 @@ def run_tests(self): setup( name='ansible-vault', - version='1.0.4', + version='1.0.5', author='Tomohiro NAKAMURA', author_email='quickness.net@gmail.com', - url='https://github.com/jptomo/ansible-vault', + url='https://github.com/tomoh1r/ansible-vault', description='R/W an ansible-vault yaml file', long_description=_read('README.rst'), packages=find_packages(), install_requires=['ansible'], - tests_require=['pytest', 'testfixtures'], cmdclass={'test': PyTest}, classifiers=[ 'Development Status :: 5 - Production/Stable', 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', ], license='GPLv3', + extras_require = { + 'test': ['pytest', 'testfixtures'], + } ) diff --git a/tox.ini b/tox.ini deleted file mode 100644 index cb350f9..0000000 --- a/tox.ini +++ /dev/null @@ -1,14 +0,0 @@ -[tox] -envlist = py27, py27-ansible2 -setupdir = . - -[testenv] -basepython = python2.7 - -[testenv:py27] -commands = python2.7 setup.py test - -[testenv:py27-ansible2] -commands = - pip install -U git+https://github.com/ansible/ansible.git@stable-2.0#egg=ansible - python2.7 setup.py test