From 7d28f5bff6259e48d557b67b1e43ead1e2ae9ef2 Mon Sep 17 00:00:00 2001
From: Test User <test@example.com>
Date: Thu, 14 May 2026 20:13:12 +0800
Subject: [PATCH] fix(security): replace yaml.load(FullLoader) with
 yaml.safe_load

yaml.load with FullLoader can still instantiate arbitrary Python
objects through YAML tags like !!python/object, which enables
remote code execution when loading untrusted YAML files.
yaml.safe_load only supports standard YAML tags and is safe.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 entity/config_loader.py | 2 +-
 utils/io_utils.py       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/entity/config_loader.py b/entity/config_loader.py
index 6b9db227dd..01f532089e 100755
--- a/entity/config_loader.py
+++ b/entity/config_loader.py
@@ -27,7 +27,7 @@ def load_design_from_mapping(data: Mapping[str, Any], *, source: str | None = No
 def load_design_from_file(path: Path) -> DesignConfig:
     """Read a YAML file and parse it into a :class:`DesignConfig`."""
     with path.open("r", encoding="utf-8") as handle:
-        data = yaml.load(handle, Loader=yaml.FullLoader)
+        data = yaml.safe_load(handle)
     if not isinstance(data, Mapping):
         raise ConfigError("YAML root must be a mapping", path=str(path))
     return load_design_from_mapping(data, source=str(path))
diff --git a/utils/io_utils.py b/utils/io_utils.py
index c414bf7b0b..9944660ca0 100755
--- a/utils/io_utils.py
+++ b/utils/io_utils.py
@@ -3,4 +3,4 @@
 
 def read_yaml(path) -> Dict[str, Any]:
     with open(path, mode="r", encoding="utf-8") as f:
-        return yaml.load(f, Loader=yaml.FullLoader)
\ No newline at end of file
+        return yaml.safe_load(f)
\ No newline at end of file