From 0ebb7084f494291db64ae458fcec804d72afac91 Mon Sep 17 00:00:00 2001
From: Nat Morcos <nat.morcos@shopify.com>
Date: Fri, 2 Jul 2021 20:12:42 -0400
Subject: [PATCH] unsafe_load secrets.yml with psych 4

---
 railties/lib/rails/secrets.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/railties/lib/rails/secrets.rb b/railties/lib/rails/secrets.rb
index 747cf31d7ac04..54ba53c03b981 100644
--- a/railties/lib/rails/secrets.rb
+++ b/railties/lib/rails/secrets.rb
@@ -25,7 +25,10 @@ def parse(paths, env:)
         paths.each_with_object(Hash.new) do |path, all_secrets|
           require "erb"
 
-          secrets = YAML.load(ERB.new(preprocess(path)).result) || {}
+          source = ERB.new(preprocess(path)).result
+          secrets = YAML.respond_to?(:unsafe_load) ? YAML.unsafe_load(source) : YAML.load(source)
+          secrets ||= {}
+
           all_secrets.merge!(secrets["shared"].deep_symbolize_keys) if secrets["shared"]
           all_secrets.merge!(secrets[env].deep_symbolize_keys) if secrets[env]
         end