Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

replace xml.etree with defusedxml for ElementTree #340

Merged
merged 1 commit into from
May 9, 2020
Merged

replace xml.etree with defusedxml for ElementTree #340

merged 1 commit into from
May 9, 2020

Conversation

yunjunz
Copy link
Member

@yunjunz yunjunz commented May 9, 2020
edited
Loading

Description of proposed changes

  • use defusedxml.ElementTree module to replace the vulnerable xml.etree.ElementTree module for XML file parsing.

This was used in utils.readfile.read_isce_xml() and dem_gsi.py, both of them are now either be replaced or unused.

  • add defusedxml to dependency docs

Reminders

  • Pass Codacy code review (green)
  • Pass testing with $MINTPY_HOME/test/test_smallbaselineApp.py

@yunjunz
replace xml.etree with defusedxml for ElementTree
e493231 
use `defusedxml.ElementTree` module to replace the vulnerable `xml.etree.ElementTree` module for XML file parsing.

This was used in utils.readfile.read_isce_xml() and dem_gsi.py, both of them are now either be replaced or unused.

add defusedxml to dependency docs
@yunjunz Codacy Production
Copy link
Member Author

yunjunz commented May 9, 2020

Codacy Here is an overview of what got changed by this pull request:

Issues
======
+ Solved 2
- Added 1

See the complete overview on Codacy

@yunjunz yunjunz merged commit 61b8bda into insarlab:master May 9, 2020
@yunjunz yunjunz deleted the xml branch May 9, 2020 23:08
yunjunz added a commit to yunjunz/MintPy that referenced this pull request Nov 22, 2022
@yunjunz
deps: drop defusedxml
f819b29 
revert back the ElementTree usage from `defusedxml` to the native `xml.etree` module, to drop this extra dependency, because there are only two use cases in the code: parse known XML files from ISCE and SNAP. insarlab#340
yunjunz added a commit to yunjunz/MintPy that referenced this pull request Nov 22, 2022
@yunjunz
deps: drop defusedxml
1b2b4e4 
revert back the ElementTree usage from `defusedxml` to the native `xml.etree` module, to drop this extra dependency, because there are only two use cases in the code: parse known XML files from ISCE and SNAP. insarlab#340
yunjunz added a commit to yunjunz/MintPy that referenced this pull request Nov 23, 2022
@yunjunz
deps: drop defusedxml
263f476 
revert back the ElementTree usage from `defusedxml` to the native `xml.etree` module, to drop this extra dependency, because there are only two use cases in the code: parse known XML files from ISCE and SNAP. insarlab#340
@yunjunz yunjunz mentioned this pull request Nov 23, 2022
Merged
5 tasks
yunjunz added a commit that referenced this pull request Nov 23, 2022
@yunjunz
deps: drop defusedxml (#915)
143fef5 
* deps: drop `defusedxml`. revert back the ElementTree usage from `defusedxml` to the native `xml.etree` module, to drop this extra dependency, because there are only two use cases in the code: parse known XML files from ISCE and SNAP. #340

* del add_attribute from setup.py and __main__.py

* ionex.get_ionex_value(): rotate TEC map by default

* closure_phase_bias: add link to notebook
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@yunjunz