Open
Description
Similarly to https://semgrep.dev/r?q=python.lang.security.deserialization.avoid-pyyaml-load.avoid-pyyaml-load YAML.load might be used to load ruby object. This is now allowlisted, but the old unsafe_load might still be called explicitly.