From 067c837c04e039e8c70aa53bceda1cded6751408 Mon Sep 17 00:00:00 2001
From: Liewe Gutter <lgutter@student.codam.nl>
Date: Tue, 11 Feb 2020 19:38:45 +0100
Subject: [PATCH] fix: PyYAML warning for Loader fixed

with yaml.load, a code execution was possible when called without
an explicit Loader.
To solve this with backwards compatibility,
if the new FullLoader is found, it is used.
If it is not found, the old SafeLoader is used,
Which has slightly less functionality but is safe.
---
 cpp_coveralls/__init__.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cpp_coveralls/__init__.py b/cpp_coveralls/__init__.py
index c3d0e4e..d42ad25 100644
--- a/cpp_coveralls/__init__.py
+++ b/cpp_coveralls/__init__.py
@@ -46,7 +46,10 @@ def parse_yaml_config(args):
         with open(args.coveralls_yaml, 'r') as fp:
             if not yaml:
                 raise SystemExit('PyYAML is required for parsing configuration')
-            yml = yaml.load(fp)
+            if not yaml.FullLoader:
+                yml = yaml.load(fp, Loader=yaml.SafeLoader)
+            else:
+                yml = yaml.load(fp, Loader=yaml.FullLoader)
     except IOError:
         pass
     yml = yml or {}