From 6640f7d01561693d7591d19826ead5c06094d67f Mon Sep 17 00:00:00 2001
From: Beni Cherniavsky-Paskin <cben@redhat.com>
Date: Thu, 31 May 2018 22:16:35 +0300
Subject: [PATCH] GoogleFriendlyConfig.read: Use YAML.safe_load to avoid
 arbitrary Ruby class instantiation

Same as https://github.com/abonas/kubeclient/pull/334.
---
 .../kubeclient_builder/google_friendly_config.rb                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/kubernetes-deploy/kubeclient_builder/google_friendly_config.rb b/lib/kubernetes-deploy/kubeclient_builder/google_friendly_config.rb
index 16a4511ab..e5f8c34c8 100644
--- a/lib/kubernetes-deploy/kubeclient_builder/google_friendly_config.rb
+++ b/lib/kubernetes-deploy/kubeclient_builder/google_friendly_config.rb
@@ -13,7 +13,7 @@ def fetch_user_auth_options(user)
       end
 
       def self.read(filename)
-        new(YAML.load_file(filename), File.dirname(filename))
+        new(YAML.safe_load(File.read(filename)), File.dirname(filename))
       end
 
       def new_token