Change YAML loader type
Instead of yaml.FullLoader
, we should use yaml.SafeLoader
always. FullLoader may be used to maliciously execute python code.
The old module-image for the shared runners will be discontinued on October 31. All users still referencing gitlab-registry.mpcdf.mpg.de/mpcdf/module-image in their CI pipelines need to switch to the new CI images now, see instructions here.
Instead of yaml.FullLoader
, we should use yaml.SafeLoader
always. FullLoader may be used to maliciously execute python code.