I patched base16-builder-ruby[1] because that's first project which comes into my mind that makes heavily use of YAML.load to parse 3rd-party yaml files, but I'm pretty sure there are a lot of them out there 😕

[1] github.com/obahareth/base16-bu

Having seen something like that in Java (SnakeYaml) I’m starting to think it’s a systemic problem with YAML :-/

https://bitbucket.org/asomov/snakeyaml/wiki/Documentation#markdown-header-restrict-classes-to-be-loaded

Sign in to participate in the conversation
Functional Café

functional.cafe is an instance for people interested in functional programming and languages.