This project adheres to Semantic Versioning
and human-readable changelog.
The current role maintainer is ypid.
The default yaml.load method from PyYAML which is used to read Ansigenome YAML files is unsafe.
As a result remote code execution was possible when the DebOps API script parsed role metadata.
Refer to the issue Make load safe_load.
This has been fixed by switching to yaml.safe_load. [ypid]