#9105: move pickle warning to a bit more prominent location.

2025-09-28 11:15:17 +00:00 · 2010-10-17 10:24:54 +00:00 · 2010-10-17 10:24:54 +00:00 · 0036bcf8d8
commit 0036bcf8d8
parent 047e486c45
1 changed files with 6 additions and 6 deletions
--- a/Doc/library/pickle.rst
+++ b/Doc/library/pickle.rst
@ -23,6 +23,12 @@ into an object hierarchy.  Pickling (and unpickling) is alternatively known as
 "serialization", "marshalling," [#]_ or "flattening", however, to avoid
 confusion, the terms used here are "pickling" and "unpickling"..

+.. warning::
+
+   The :mod:`pickle` module is not intended to be secure against erroneous or
+   maliciously constructed data.  Never unpickle data received from an untrusted
+   or unauthenticated source.
+

 Relationship to other Python modules
 ------------------------------------
@ -63,12 +69,6 @@ The :mod:`pickle` module differs from :mod:`marshal` several significant ways:
  The :mod:`pickle` serialization format is guaranteed to be backwards compatible
  across Python releases.

-.. warning::
-
-   The :mod:`pickle` module is not intended to be secure against erroneous or
-   maliciously constructed data.  Never unpickle data received from an untrusted
-   or unauthenticated source.
-
 Note that serialization is a more primitive notion than persistence; although
 :mod:`pickle` reads and writes file objects, it does not handle the issue of
 naming persistent objects, nor the (even more complicated) issue of concurrent