Merge "Remove the yamlutils module."

5 files changed, 3 insertions, 183 deletions

diff --git a/lower-constraints.txt b/lower-constraints.txt
index 22c8304..107c82e 100644
--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@@ -24,7 +24,6 @@ pyparsing==2.1.0
 python-mimeparse==1.6.0
 python-subunit==1.0.0
 pytz==2013.6
-PyYAML==3.12
 requests==2.14.2
 requestsexceptions==1.2.0
 smmap==0.9.0
diff --git a/oslo_serialization/tests/test_yamlutils.py b/oslo_serialization/tests/test_yamlutils.py
deleted file mode 100644
index 4ba72b3..0000000
--- a/oslo_serialization/tests/test_yamlutils.py
+++ /dev/null
@@ -1,87 +0,0 @@
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-import os
-import tempfile
-import textwrap
-import uuid
-
-from oslotest import base
-
-from oslo_serialization import yamlutils as yaml
-
-
-class BehaviorTestCase(base.BaseTestCase):
-
-    def test_loading(self):
-        payload = textwrap.dedent('''
-            - foo: bar
-            - list:
-            - [one, two]
-            - {check: yaml, in: test}
-        ''')
-        expected = [
-            {'foo': 'bar'},
-            {'list': None},
-            ['one', 'two'],
-            {'check': 'yaml', 'in': 'test'}
-        ]
-        loaded = yaml.load(payload)
-        self.assertEqual(loaded, expected)
-
-    def test_loading_with_unsafe(self):
-        payload = textwrap.dedent('''
-            !!python/object/apply:os.system ['echo "hello"']
-        ''')
-        loaded = yaml.load(payload, is_safe=False)
-        expected = 0
-        self.assertEqual(loaded, expected)
-
-    def test_dumps(self):
-        payload = [
-            {'foo': 'bar'},
-            {'list': None},
-            ['one', 'two'],
-            {'check': 'yaml', 'in': 'test'}
-        ]
-        dumped = yaml.dumps(payload)
-        expected = textwrap.dedent('''\
-            - foo: bar
-            - list: null
-            - - one
-              - two
-            - check: yaml
-              in: test
-        ''')
-        self.assertEqual(dumped, expected)
-
-    def test_dump(self):
-        payload = [
-            {'foo': 'bar'},
-            {'list': None},
-            ['one', 'two'],
-            {'check': 'yaml', 'in': 'test'}
-        ]
-        tmpfile = os.path.join(tempfile.gettempdir(), str(uuid.uuid4()))
-        with open(tmpfile, 'w+') as fp:
-            yaml.dump(payload, fp)
-        with open(tmpfile, 'r') as fp:
-            file_content = fp.read()
-            expected = textwrap.dedent('''\
-                - foo: bar
-                - list: null
-                - - one
-                  - two
-                - check: yaml
-                  in: test
-            ''')
-            self.assertEqual(file_content, expected)
diff --git a/oslo_serialization/yamlutils.py b/oslo_serialization/yamlutils.py
deleted file mode 100644
index d540164..0000000
--- a/oslo_serialization/yamlutils.py
+++ /dev/null
@@ -1,93 +0,0 @@
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-"""YAML related utilities.
-
-The main goal of this module is to standardize yaml management inside
-openstack. This module reduce technical debt by avoiding re-implementations
-of yaml manager in all the openstack projects.
-Use this module inside openstack projects to handle yaml securely and properly.
-"""
-
-from debtcollector import removals
-import yaml
-
-
-removals.removed_module(
-    'oslo_serialization.yamlutils', version='3.0.0',
-    removal_version='4.0.0',
-    message='The oslo_serialization.yamlutils will be removed')
-
-
-def load(stream, is_safe=True):
-    """Converts a YAML document to a Python object.
-
-    :param stream: the YAML document to convert into a Python object. Accepts
-                   a byte string, a Unicode string, an open binary file object,
-                   or an open text file object.
-    :param is_safe: Turn off safe loading. True by default and only load
-                    standard YAML. This option can be turned off by
-                    passing ``is_safe=False`` if you need to load not only
-                    standard YAML tags or if you need to construct an
-                    arbitrary python object.
-
-    Stream specifications:
-
-    * An empty stream contains no documents.
-    * Documents are separated with ``---``.
-    * Documents may optionally end with ``...``.
-    * A single document may or may not be marked with ``---``.
-
-    Parses the given stream and returns a Python object constructed
-    from the first document in the stream. If there are no documents
-    in the stream, it returns None.
-    """
-    yaml_loader = yaml.Loader
-    if is_safe:
-        if hasattr(yaml, 'CSafeLoader'):
-            yaml_loader = yaml.CSafeLoader
-        else:
-            yaml_loader = yaml.SafeLoader
-    return yaml.load(stream, yaml_loader)  # nosec B506
-
-
-def dumps(obj, is_safe=True):
-    """Converts a Python object to a YAML document.
-
-    :param obj: python object to convert into YAML representation.
-    :param is_safe: Turn off safe dumping.
-
-    Serializes the given Python object to a string and returns that string.
-    """
-    yaml_dumper = yaml.Dumper
-    if is_safe:
-        if hasattr(yaml, 'CSafeDumper'):
-            yaml_dumper = yaml.CSafeDumper
-        else:
-            yaml_dumper = yaml.SafeDumper
-    return yaml.dump(obj, default_flow_style=False, Dumper=yaml_dumper)
-
-
-def dump(obj, fp, is_safe=True):
-    """Converts a Python object as a YAML document to ``fp``.
-
-    :param obj: python object to convert into YAML representation.
-    :param fp: a ``.write()``-supporting file-like object
-    :param is_safe: Turn off safe dumping.
-    """
-    yaml_dumper = yaml.Dumper
-    if is_safe:
-        if hasattr(yaml, 'CSafeDumper'):
-            yaml_dumper = yaml.CSafeDumper
-        else:
-            yaml_dumper = yaml.SafeDumper
-    return yaml.dump(obj, fp, default_flow_style=False, Dumper=yaml_dumper)
diff --git a/releasenotes/notes/remove-yamlutils-94c921247ab33003.yaml b/releasenotes/notes/remove-yamlutils-94c921247ab33003.yaml
new file mode 100644
index 0000000..9983b8e
--- /dev/null
+++ b/releasenotes/notes/remove-yamlutils-94c921247ab33003.yaml
@@ -0,0 +1,3 @@
+---
+other:
+  - Remove the yamlutils, the pyyaml is now safe by default.
diff --git a/requirements.txt b/requirements.txt
index 9a3a7f1..d8c62c4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -11,5 +11,3 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0
 msgpack>=0.5.2 # Apache-2.0
 oslo.utils>=3.33.0 # Apache-2.0
 pytz>=2013.6 # MIT
-PyYAML>=3.12 # MIT
-debtcollector>=1.2.0 # Apache-2.0