Security theatre: Use yaml.load() in one place.

CodeQL complains when you use yaml.load() with custom loaders. This will at least get it to stfu whenever our custom loader is used.
2026-02-14 15:15:22 +03:00 · 2024-09-18 09:09:53 +03:00 · 2024-09-18 09:09:53 +03:00 · c62c0809d2
commit c62c0809d2
parent 532bbc8f61
3 changed files with 9 additions and 9 deletions
--- a/frigate/config.py
+++ b/frigate/config.py
@ -9,7 +9,6 @@ from pathlib import Path
 from typing import Any, Dict, List, Optional, Tuple, Union

 import numpy as np
-import yaml
 from pydantic import (
    BaseModel,
    ConfigDict,
@ -42,11 +41,11 @@ from frigate.ffmpeg_presets import (
 )
 from frigate.plus import PlusApi
 from frigate.util.builtin import (
-    NoDuplicateKeysLoader,
    deep_merge,
    escape_special_characters,
    generate_color_palette,
    get_ffmpeg_arg_list,
+    load_yaml,
 )
 from frigate.util.config import StreamInfoRetriever, get_relative_coordinates
 from frigate.util.image import create_mask
@ -1765,7 +1764,7 @@ class FrigateConfig(FrigateBaseModel):
            raw_config = f.read()

        if config_file.endswith(YAML_EXT):
-            config = yaml.load(raw_config, NoDuplicateKeysLoader)
+            config = load_yaml(raw_config)
        elif config_file.endswith(".json"):
            config = json.loads(raw_config)

@ -1773,5 +1772,5 @@ class FrigateConfig(FrigateBaseModel):

    @classmethod
    def parse_raw(cls, raw_config):
-        config = yaml.load(raw_config, NoDuplicateKeysLoader)
+        config = load_yaml(raw_config)
        return cls.model_validate(config)
--- a/frigate/test/test_config.py
+++ b/frigate/test/test_config.py
@ -4,14 +4,13 @@ import unittest
 from unittest.mock import patch

 import numpy as np
-import yaml
 from pydantic import ValidationError

 from frigate.config import BirdseyeModeEnum, FrigateConfig
 from frigate.const import MODEL_CACHE_DIR
 from frigate.detectors import DetectorTypeEnum
 from frigate.plus import PlusApi
-from frigate.util.builtin import NoDuplicateKeysLoader, deep_merge
+from frigate.util.builtin import deep_merge, load_yaml


 class TestConfig(unittest.TestCase):
@ -1537,9 +1536,7 @@ class TestConfig(unittest.TestCase):
                - four
        """

-        self.assertRaises(
-            ValueError, lambda: yaml.load(raw_config, NoDuplicateKeysLoader)
-        )
+        self.assertRaises(ValueError, lambda: load_yaml(raw_config))

    def test_object_filter_ratios_work(self):
        config = {
--- a/frigate/util/builtin.py
+++ b/frigate/util/builtin.py
@ -116,6 +116,10 @@ class NoDuplicateKeysLoader(yaml.loader.SafeLoader):
        return mapping


+def load_yaml(raw_config: str) -> dict:
+    return yaml.load(raw_config, NoDuplicateKeysLoader)
+
+
 def clean_camera_user_pass(line: str) -> str:
    """Removes user and password from line."""
    rtsp_cleaned = re.sub(REGEX_RTSP_CAMERA_USER_PASS, "://*:*@", line)