projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
20300: Call safe_load explicitly instead of using safe_yaml gem.
[arvados.git] / services / api / script / arvados-git-sync.rb
diff --git a/services/api/script/arvados-git-sync.rb b/services/api/script/arvados-git-sync.rb
index ad6aaf9eb567205498a5e5c1b8dd4b61202e0f52..ceebc3518a08d22586a4f6ee2b184f1d90744253 100755 (executable)
--- a/services/api/script/arvados-git-sync.rb
+++ b/services/api/script/arvados-git-sync.rb
@@ -26,7 +26,7 @@ DEBUG = 1
 # if present, overriding base config parameters as specified
 path = File.absolute_path('../../config/arvados-clients.yml', __FILE__)
 if File.exist?(path) then
-  cp_config = YAML.load_file(path)[ENV['RAILS_ENV']]
+  cp_config = YAML.safe_load_file(path)[ENV['RAILS_ENV']]
 else
   puts "Please create a\n #{path}\n file"
   exit 1