StyAndCo/zappyzep
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Disallow anchors/aliases to objects when loading config YAML

Browse source
This commit is contained in:
Dragory 2021-08-14 18:22:29 +03:00
parent e8e764c3b7
commit cb8d914fef
No known key found for this signature in database
GPG key ID: 5F387BA66DF8AAC1
5 changed files with 96 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

11
backend/src/utils/loadYamlSafely.ts Normal file
View file

@ -0,0 +1,11 @@
import yaml from "js-yaml";
import { validateNoObjectAliases } from "./validateNoObjectAliases";
/**
* Loads a YAML file safely while removing object anchors/aliases (including arrays)
*/
export function loadYamlSafely(yamlStr: string): any {
const loaded = yaml.safeLoad(yamlStr);
validateNoObjectAliases(loaded);
return loaded;
}