Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

🐛 yaml.load is safe by default! Please stop using yaml.safeLoad!

See original GitHub issue

Hello there,

So I recently found an issue with the NPM package. Whenever I try to reinstall the module it goes all fine. When I run my code for the second time I keep getting an error from the node_modules\discord-giveaways\src\Constants.js file. The error has to do with the module js-yaml. For some reason I can’t find the code that’s giving me the errors in the GitHub repo, but I can find it in the installed module. The following code is giving me the error shown in attachments:

function loadFile(file) { return (myFile = yaml.safeLoad(fs.readFileSync(`${file}`, 'utf8'))) `}

js-yaml Doesn’t want to load the file because yaml.safeLoad is not supported anymore. The following code is a fix for the issue just I don’t know where to push it to. This fixes the issue and doesn’t remove any safety loading as yaml.load is safe by default

function loadFile(file) { return (myFile = yaml.load(fs.readFileSync(`${file}`, 'utf8'))) `}

I hope you can do anything with this issue/bug report

Attachments: Error Logs.txt Error Logs Trace-Warnings.txt

Issue Analytics

State:
Created 2 years ago
Comments:12

Top GitHub Comments

2reactions

GamingMinebloxcommented, Apr 6, 2021

When I use the following command it downloads the normal file for 10 seconds and then the weird command shows up again:

git pull && npm install Androz2091/discord-giveaways#develop && node index.js

if I keep that as the startup command it works, but it almost hits the CPU limit for my bot (50% of one core) when i start it up.

I’ll try to find the origin of the issue and try to fix it as this isn’t a bug with discord-giveaways

0reactions

GamingMinebloxcommented, Apr 6, 2021

I have, it doesn’t download it on that (it was downloaded outside of docker)

Top Results From Across the Web

yaml.load() without Loader=... is deprecated #462 - GitHub

My setup is a conda environment with python3.6 and bioconda-utils installed. Has anyone seen this problem before? or can point me in a...

Python read YAML: where does it go wrong: with open() or ...

I have a script which loads a YAML file as an object. The related part is very simple: def run_test_spec(self, file_path): try: with...

YAML: The Missing Battery in Python

In this tutorial, you'll learn how to work with YAML in Python using the available third-party libraries, with a focus on PyYAML.

Loading Dangerously: PyYAML and Safety by Design

Part 2: Changing to Safe by Default: A PyYAML Story. Introducing PyYAML and YAML. PyYAML is a Python library for opening and creating...

CVE-2017-18342 PyYAML: yaml.load() API could execute ...

Also note that the fact that yaml.load() is not safe has been known for centuries, so please don't rush with this fix: *...

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.

Start Free

Top Related Reddit Thread

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

🐛 yaml.load is safe by default! Please stop using yaml.safeLoad!

Issue Analytics

Top GitHub Comments

Top Results From Across the Web

Top Related Medium Post

Top Related StackOverflow Question

Troubleshoot Live Code

Top Related Reddit Thread

Top Related Hackernoon Post

Top Related Tweet

Top Related Dev.to Post

Top Related Hashnode Post

Invalid Partications

RangeError: Maximum call stack size exceeded