False positive: Python - Deserialization of user-controlled data

**Description of the false positive**

The `py/unsafe-deserialization` alerts on PyYaml's `yaml.load` when the provided `Loader` inherits from a safe loader (`yaml.loader.SafeLoader`).

**Code samples or links to source code**

https://github.com/blakeblackshear/frigate/blob/14c89c9b638bed90ef02e31beb20e84ab61dba8d/frigate/util/builtin.py#L87-L112

**URL to the alert on GitHub code scanning (optional)**

https://github.com/blakeblackshear/frigate/security/code-scanning/26


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

False positive: Python - Deserialization of user-controlled data #14685

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

False positive: Python - Deserialization of user-controlled data #14685

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions