DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
Ruby

Ruby

Made by DeepSource
Use Analyzer

Use of insecure YAML method detected RB-SC1005

Security
Critical

Do not use YAML to load untrusted data. Doing so is unsafe and could allow malicious input to execute arbitrary code inside your application.

Bad practice

YAML.load("--- foo")

Recommended

YAML.safe_load("--- foo")
YAML.dump("foo")