From cd9d62ef0026a5d1afd52428e9cd49c5ab6a5a78 Mon Sep 17 00:00:00 2001
From: Palmer Dabbelt <palmer@dabbelt.com>
Date: Wed, 17 Jul 2019 13:35:04 -0700
Subject: Use yaml.safe_load() in clay

Signed-off-by: Palmer Dabbelt <palmer@dabbelt.com>
---
 media-sound/clay/clay-1.1.0.ebuild                 |  4 +++
 .../clay/files/clay-1.1.0-unsafe_load.patch        | 35 ++++++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 media-sound/clay/files/clay-1.1.0-unsafe_load.patch

diff --git a/media-sound/clay/clay-1.1.0.ebuild b/media-sound/clay/clay-1.1.0.ebuild
index 607b5bd..87f9ce1 100644
--- a/media-sound/clay/clay-1.1.0.ebuild
+++ b/media-sound/clay/clay-1.1.0.ebuild
@@ -25,3 +25,7 @@ RDEPEND="${DEPEND}
 	dev-libs/keybinder
 "
 BDEPEND=""
+
+PATCHES=(
+	"${FILESDIR}/${P}-unsafe_load.patch"
+)
diff --git a/media-sound/clay/files/clay-1.1.0-unsafe_load.patch b/media-sound/clay/files/clay-1.1.0-unsafe_load.patch
new file mode 100644
index 0000000..5c1bf61
--- /dev/null
+++ b/media-sound/clay/files/clay-1.1.0-unsafe_load.patch
@@ -0,0 +1,35 @@
+diff --git a/clay/settings.py b/clay/settings.py
+index db31473ee590..1d3e504f14bd 100644
+--- a/clay/settings.py
++++ b/clay/settings.py
+@@ -83,17 +83,17 @@ class _Settings(object):
+         Read config from file.
+         """
+         with open(self._config_file_path, 'r') as settings_file:
+-            self._config = yaml.load(settings_file.read())
++            self._config = yaml.safe_load(settings_file.read())
+ 
+         # Load the configuration from Setuptools' ResourceManager API
+-        self._default_config = yaml.load(pkg_resources.resource_string(__name__, "config.yaml"))
++        self._default_config = yaml.safe_load(pkg_resources.resource_string(__name__, "config.yaml"))
+ 
+         # We only either the user colour or the default colours to ease parsing logic.
+         if os.path.exists(self._colours_file_path):
+             with open(self._colours_file_path, 'r') as colours_file:
+-                self.colours_config = yaml.load(colours_file.read())
++                self.colours_config = yaml.safe_load(colours_file.read())
+         else:
+-            self.colours_config = yaml.load(pkg_resources.resource_string(__name__, "colours.yaml"))
++            self.colours_config = yaml.safe_load(pkg_resources.resource_string(__name__, "colours.yaml"))
+ 
+ 
+     def _load_cache(self):
+@@ -111,7 +111,7 @@ class _Settings(object):
+         """
+         self._config.update(config)
+         with open(self._config_file_path, 'w') as settings_file:
+-            settings_file.write(yaml.dump(self._config, default_flow_style=False))
++            settings_file.write(yaml.safe_dump(self._config, default_flow_style=False))
+ 
+     def get(self, key, *sections):
+         """
-- 
cgit v1.2.3-65-gdbad