Using pickles in test suite

murphyqm / pytesimal

Model the conductive cooling of small planetary bodies with temperature-dependent material properties

MIT License

1 stars 0 forks source link

Using pickles in test suite #29

Closed murphyqm closed 3 years ago

murphyqm commented 3 years ago

Need to look at saving test suite data in another format as pickles can be a security issue

murphyqm commented 3 years ago

https://www.blog.pythonlibrary.org/2014/08/13/jsonpickle-turning-python-pickles-into-json/
https://janakiev.com/blog/python-pickle-json/
https://docs.python.org/3/library/persistence.html
https://realpython.com/python-json/

murphyqm commented 3 years ago

"Unpickling can run arbitrary code, and using pickle to transfer data between programs or store data between sessions is a security hole. JSON does not introduce a security hole and is standardized, so the data can be accessed by programs in different languages if you ever need to."