Use safe_load instead of load for yaml (#77)

Signed-off-by: Vacha Shah <[email protected]>
opensearch-project · Jun 30, 2022 · aef0284 · aef0284
1 parent f1a0d40
commit aef0284
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/opensearch/lib/opensearch.rb b/opensearch/lib/opensearch.rb
@@ -65,7 +65,7 @@ def verify_open_search
 
       body = if response.headers['content-type'] == 'application/yaml'
                require 'yaml'
-               YAML.load(response.body)
+               YAML.safe_load(response.body)
              else
                response.body
              end

diff --git a/profile/benchmarking.rb b/profile/benchmarking.rb
@@ -79,7 +79,7 @@ module Benchmarking
     def each_run(file)
       if file
         file = File.new(file)
-        matrix = YAML.load(ERB.new(file.read).result)
+        matrix = YAML.safe_load(ERB.new(file.read).result)
         file.close
 
         matrix.each_with_index do |run, i|