Stop allowing arbitrary YAML tags for mkdocs_theme.yml

mkdocs/tests/theme_tests.py

@@ -76,7 +76,7 @@ class ThemeTests(unittest.TestCase):
         self.assertTrue('new' in theme)
         self.assertEqual(theme['new'], 42)
 
-    @mock.patch('mkdocs.utils.yaml_load', return_value={})
+    @mock.patch('yaml.safe_load', return_value={})
     def test_no_theme_config(self, m):
         theme = Theme(name='mkdocs')
         self.assertEqual(m.call_count, 1)
@@ -89,7 +89,7 @@ class ThemeTests(unittest.TestCase):
                 {'static_templates': ['parent.html']},
             ]
         )
-        with mock.patch('mkdocs.utils.yaml_load', m) as m:
+        with mock.patch('yaml.safe_load', m) as m:
             theme = Theme(name='mkdocs')
             self.assertEqual(m.call_count, 2)
             self.assertEqual(

mkdocs/tests/utils/utils_tests.py

@@ -221,7 +221,7 @@ class UtilsTests(unittest.TestCase):
 
         self.assertEqual(utils.get_theme_dir(theme.name), os.path.abspath(path))
 
-    def test_get_theme_dir_keyerror(self):
+    def test_get_theme_dir_error(self):
         with self.assertRaises(KeyError):
             utils.get_theme_dir('nonexistanttheme')
 

mkdocs/theme.py

@@ -6,6 +6,7 @@ import warnings
 from typing import Any, Collection, MutableMapping
 
 import jinja2
+import yaml
 
 from mkdocs import localization, utils
 from mkdocs.config.base import ValidationError
@@ -123,7 +124,7 @@ class Theme(MutableMapping[str, Any]):
         try:
             file_path = os.path.join(theme_dir, 'mkdocs_theme.yml')
             with open(file_path, 'rb') as f:
-                theme_config = utils.yaml_load(f)
+                theme_config = yaml.safe_load(f)
         except OSError as e:
             log.debug(e)
             raise ValidationError(