alpha1e0 / kiwi

kiwi:安全源码审计工具
239 stars 52 forks source link

關於"result = yaml.load(_file)" #6

Closed 687766616e closed 5 years ago

687766616e commented 5 years ago
$ python2 kiwi.py -f C:\Users\test\Documents\test\kiwi\kiwi\kiwi_data -i TEST001 -t C:\Users\test\Documents\test\test
+------------------------------------------------------------------------------+
|                 Kiwi. Security tool for auditing source code                 |
|                       https://github.com/alpha1e0/kiwi                       |
+------------------------------------------------------------------------------+

[Kiwi 代码安全扫描]
--------------------------------------------------------------------------------
[i]: kiwi 扫描 C:\Users\test\Documents\test\test ...
C:\Users\test\Documents\test\kiwi\kiwi\kiwi\kiwi\core\common.py:37: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
  result = yaml.load(_file)

result = yaml.load(_file) 這是正常的?

alpha1e0 commented 5 years ago

这里需要更新一下,不加loader不推荐使用了

发送自 Windows 10 版邮件应用

发件人: huitc 发送时间: 2019年7月2日 0:16 收件人: alpha1e0/kiwi 抄送: Subscribed 主题: [alpha1e0/kiwi] 關於"result = yaml.load(_file)" (#6)

$ python2 kiwi.py -f C:\Users\test\Documents\test\kiwi\kiwi\kiwi_data -i TEST001 -t C:\Users\test\Documents\test\test

+------------------------------------------------------------------------------+

| Kiwi. Security tool for auditing source code |

| https://github.com/alpha1e0/kiwi |

+------------------------------------------------------------------------------+

[Kiwi 代码安全扫描]


[i]: kiwi 扫描 C:\Users\test\Documents\test\test ...

C:\Users\test\Documents\test\kiwi\kiwi\kiwi\kiwi\core\common.py:37: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.

result = yaml.load(_file)

result = yaml.load(_file) 這是正常的? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

687766616e commented 5 years ago

bug?

$ python2 kiwi.py -f C:\Users\test\Documents\test\kiwi-git\kiwi_data -o eval.html -i PHP_test_001 -t C:\Users\test\Documents\test\intranetIP
+------------------------------------------------------------------------------+
|                 Kiwi. Security tool for auditing source code                 |
|                       https://github.com/alpha1e0/kiwi                       |
+------------------------------------------------------------------------------+

[Kiwi 代码安全扫描]
--------------------------------------------------------------------------------
[i]: kiwi 扫描 C:\Users\test\Documents\test\intranetIP ...
Traceback (most recent call last):
  File "kiwi.py", line 16, in <module>
    main()
  File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\ui\cli\main.py", line 92, in main
    Analyzer().analyze()
  File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\analyzer.py", line 26, in analyze
    filemgr.init()
  File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\filemgr.py", line 157, in init
    self._load_map_conf()
  File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\filemgr.py", line 170, in _load_map_conf
    config = YamlConf(conf.mapfile)
  File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\common.py", line 47, in __new__
    .format(path,str(error)))
kiwi.core.exception.FileError: FileError: 0
alpha1e0 commented 5 years ago

执行

python -m pip uninstall pyyaml python -m pip install pyyaml

然后更新一下kiwi,重新安装一下

这个是因为kiwi使用的第三方依赖库pyyaml 5.x版本和3.x版本是不兼容升级,而kiwi近期更新的一个bug需要升级到pyyaml 5.x版本,由于不兼容造成了这个问题

在 2019年7月7日,20:56,huitc notifications@github.com 写道:

bug?

$ python2 kiwi.py -f C:\Users\test\Documents\test\kiwi-git\kiwi_data -o eval.html -i PHP_test_001 -t C:\Users\test\Documents\test\intranetIP +------------------------------------------------------------------------------+ | Kiwi. Security tool for auditing source code | | https://github.com/alpha1e0/kiwi | +------------------------------------------------------------------------------+

[Kiwi 代码安全扫描]

[i]: kiwi 扫描 C:\Users\test\Documents\test\intranetIP ... Traceback (most recent call last): File "kiwi.py", line 16, in main() File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\ui\cli\main.py", line 92, in main Analyzer().analyze() File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\analyzer.py", line 26, in analyze filemgr.init() File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\filemgr.py", line 157, in init self._load_map_conf() File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\filemgr.py", line 170, in _load_map_conf config = YamlConf(conf.mapfile) File "C:\Users\test\Documents\test\kiwi-git\kiwi\kiwi\core\common.py", line 47, in new .format(path,str(error))) kiwi.core.exception.FileError: FileError: 0 — You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/alpha1e0/kiwi/issues/6?email_source=notifications&email_token=AC2WCRNJEES25EI72VHUNMTP6HRZFA5CNFSM4H4T6T62YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODZLLA3Q#issuecomment-508997742, or mute the thread https://github.com/notifications/unsubscribe-auth/AC2WCRLZKAOXPNCUMUNKDYTP6HRZFANCNFSM4H4T6T6Q.