projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
20300: Call safe_load explicitly instead of using safe_yaml gem.
[arvados.git] / services / api / script / arvados-git-sync.rb
diff --git a/services/api/script/arvados-git-sync.rb b/services/api/script/arvados-git-sync.rb
index 5e68082da4cb31a99711f61565eef3525cbb381d..ceebc3518a08d22586a4f6ee2b184f1d90744253 100755 (executable)
--- a/services/api/script/arvados-git-sync.rb
+++ b/services/api/script/arvados-git-sync.rb
@@ -12,7 +12,7 @@ require 'fileutils'
 
 # This script does the actual gitolite config management on disk.
 #
-# Ward Vandewege <ward@curoverse.com>
+# Ward Vandewege <ward@curii.com>
 
 # Default is development
 production = ARGV[0] == "production"
@@ -26,7 +26,7 @@ DEBUG = 1
 # if present, overriding base config parameters as specified
 path = File.absolute_path('../../config/arvados-clients.yml', __FILE__)
 if File.exist?(path) then
-  cp_config = YAML.load_file(path)[ENV['RAILS_ENV']]
+  cp_config = YAML.safe_load_file(path)[ENV['RAILS_ENV']]
 else
   puts "Please create a\n #{path}\n file"
   exit 1