yaml.load issues

[jchodera]

/Users/choderaj/miniconda/lib/python3.6/site-packages/yank/experiment.py:1168: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.

See: https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation

[Lnaden]

The new PyYaml does this. Here was the snippet I came up with to suppress that safely:

 try:
    yaml_load = partial(yaml.load, Loader=yaml.FullLoader)
except AttributeError:
    yaml_load= yaml.load

since yaml.FullLoader isn't in the versions before that warning.

[jchodera]

The new PyYaml does this.

Can you clarify if you mean that the new pyyaml (1) emits this warning, or (2) automatically calls a safe loader?

[Lnaden]

PyYaml emits the warning in the most recent version (5.1), I don't think its functionally doing anything different. The site it links to has some shortcut methods to chose the loader you want, but I don't know if all of those methods are in the older versions, which is why I use the try...except.

The site also says by default it uses the FullLoader which is safe, but the raw load without a Loader keyword may throw an error in the future.

[lilyminium]

pyyaml 6.0 (released 27 days ago) now raises an error upon loading without a Loader. You may need to start pinning dependencies in releases or update the code.

[Lnaden]

I recall going through the code and replacing all the yaml.load's with safe versions that I could find. Are you seeing an error being thrown now somewhere and/or did I miss some of the loaders?

[lilyminium]

The loader in analyze.py:

yank/Yank/analyze.py

Lines 298 to 301 in aef24d9

	with open(analysis_script_path, 'r') as f:
	analysis = yaml.load(f)
	phases_names = []
	signs = {}

I noticed it because openff-evaluator uses it :-)