Why Use the Yaml.safe_Load Function?
There are numerous instances of the PyYAML application where the load() is utilized in place of safe_load(). We purposely withheld the information on the load() function from you until now. We wanted them to utilize the most secure technique for parsing the YAML with Python because most individuals have jobs to perform and have a tendency to hastily copy-paste some example codes. However, if you’re wondering how these two vary from each other, the quick version is as follows:
If you are familiar with pickle, you will know that load() is also a highly strong function. Both techniques are extremely unsafe since they let an attacker run the arbitrary code. You can run the Python script, including calling the os.system library, which can run any command on your system and serialize and deserialize the full Python objects using the PyYAML’s load function. The load() function is deprecated in the recent versions of PyYAML. Using it in an unsafe manner will result in a huge fat warning. Since the safe_load() just contains a portion of the load function, it should be used if you’re processing the ordinary YAML files.
How to Use the Yaml.safe_Load Function in Ubuntu
To use YAML in Ubuntu 20.04, we have to install it first. YAML data can be parsed by a variety of Python libraries. The most popular and comprehensive framework for parsing the YAML is PyYAML. You must use the Pip to install the PyYAML because it is not a component of the default Python library. Install the PyYAML by running the following command:
Example #1: Using the Safe_Load Function to Read and Parse a YAML File
After installing the Python and the required libraries, we create two files (the .py file and .yml file) to demonstrate how we can parse a YAML file in Python. Let’s create a “.py” file and name it as “hello.py” and the YAML file as “config.yaml”.
As seen in the previous image, we created a YAML file with a URL, port number, and a vector of even numbers. Now, import the module as shown in the following to utilize the PyYAML in your scripts. Keep in mind that you only import the “yaml” and not the “pyyaml”:
To execute this, we access the folder where our files are located. After reaching the folder, we write the python3 along with the name of the file with the extension.
This configuration file can be loaded, parsed, and used in a manner that is very identical to loading the JSON using the Python JSON package. First, we open the file. The yaml.safe_load() function is then used to parse it. Please take note that we slightly altered the result to improve its readability for you.
Example #2: Reading the .yml File Data from a YAML File in Python
To parse this file in this example, we first create a YAML/YML file called “students.yml” with the following information:
After creating the “.yml” file, we write the following Python script to read the “students.yml” file sorted content depending on the keys. The script utilized the safe_load() function to read the whole contents of the “student.yml” file. The output of this method is a list of dictionaries in Python representing the content of the file. The list is then transformed into a YAML stream using the dump() method which has since been printed.
To execute this script, we write the python3 along with the name of the file with the extension.
The output shown after running the aforementioned script is as follows. Each dictionary in the Python list of dictionaries that were created after converting the contents of the “students.yml” file into the YAML members are converted. The default setting for the sort key parameter of the dump() method is True. In light of the keys, the output displays the sorted YAML content.1
Example #3: Reading the Values and Keys from the .yml File
In this example, we use the same previous files (hello.py and students.yml). The item() function is used to read the keys and their related value after the file’s content is loaded into the read variable. The key-value pairs were printed using a nested “for” loop that iterated over the whole contents of the file.
This script generates the results as follows:
After running the aforementioned script, the output listed will show up. The script does not use the dump() function, hence the contents of the file have not been sorted.
Example #4: Reading the .yml File Data Into the List of Dictionaries
The YAML file’s content is transformed into a list of dictionaries in Python using the safe_load() method. The data can also be loaded from the unreliable sources using this technique. To load the YAML file content using the safe_load() method and printing the loaded content, create a Python file containing the following script:
The previous script converts the data of the “.yml” file into a list of dictionaries.
As you can see, after running the aforementioned script, the data of the “.yml” file (containing the data of students) is converted to a list of dictionaries. The result contains a list of all the available dictionaries.
This article demonstrated the multiple methods for reading the YAML content from the files and Python objects using the various examples. In this post, we discussed the YAML files and the various methods for parsing them using the safe_load() which is an in-built function of YAML. In the examples of this tutorial, we tried to teach you how to read and parse a “.yml” file, reading the values and keys from a “.yml” file and convert the “.yml” file data into a list of dictionaries using the safe_load() function.