From 985e7b3c6d426fed2ec336be2d29f05fc3f3934c Mon Sep 17 00:00:00 2001
From: Michael H <michael@michaelhall.tech>
Date: Thu, 13 Dec 2018 12:19:27 -0500
Subject: [PATCH] swap unsafe `yaml.load` usage for `yaml.safe_load` (#2324)

Related to #2323

Recommend additionally adding a step in CI
ensuring use of `yaml.load` is prevented from existing in the code base.
---
 redbot/cogs/trivia/trivia.py | 2 +-
 tests/cogs/test_trivia.py    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/redbot/cogs/trivia/trivia.py b/redbot/cogs/trivia/trivia.py
index 1ed059648..5fe61ce6f 100644
--- a/redbot/cogs/trivia/trivia.py
+++ b/redbot/cogs/trivia/trivia.py
@@ -504,7 +504,7 @@ class Trivia(commands.Cog):
 
         with path.open(encoding="utf-8") as file:
             try:
-                dict_ = yaml.load(file)
+                dict_ = yaml.safe_load(file)
             except yaml.error.YAMLError as exc:
                 raise InvalidListError("YAML parsing failed.") from exc
             else:
diff --git a/tests/cogs/test_trivia.py b/tests/cogs/test_trivia.py
index 4d82b7947..528c74304 100644
--- a/tests/cogs/test_trivia.py
+++ b/tests/cogs/test_trivia.py
@@ -10,7 +10,7 @@ def test_trivia_lists():
     for l in list_names:
         with l.open() as f:
             try:
-                dict_ = yaml.load(f)
+                dict_ = yaml.safe_load(f)
             except yaml.error.YAMLError as e:
                 problem_lists.append((l.stem, "YAML error:\n{!s}".format(e)))
             else: