From ccd2f2725c6d9e92bb8dcb4bc4b62e39c946474e Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Thu, 30 Mar 2017 18:34:32 +0100
Subject: [PATCH] Kinda fix security issues

---
 md_pdf/config/read.py | 2 +-
 md_pdf/csl.py         | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/md_pdf/config/read.py b/md_pdf/config/read.py
index 8af3dbc..89633a3 100644
--- a/md_pdf/config/read.py
+++ b/md_pdf/config/read.py
@@ -7,6 +7,6 @@ from md_pdf.exceptions import ConfigValidationException
 def load_config():
     try:
         with open(os.path.join(CONFIG_FILE)) as f:
-            return yaml.load(f)
+            return yaml.safe_load(f)
     except FileNotFoundError:
         raise ConfigValidationException("Can't find config file at {}".format(CONFIG_FILE))
diff --git a/md_pdf/csl.py b/md_pdf/csl.py
index a9b0d2a..92119ec 100644
--- a/md_pdf/csl.py
+++ b/md_pdf/csl.py
@@ -28,7 +28,7 @@ def download_csl():
 
     _, download_location = tempfile.mkstemp()
     bar.start()
-    urllib.request.urlretrieve(CSL_DOWNLOAD_LINK, download_location, reporthook=download_handle)
+    urllib.request.urlretrieve(CSL_DOWNLOAD_LINK, download_location, reporthook=download_handle)  # nosec
     bar.finish()
 
     with open(download_location, 'rb') as downloaded_file:
@@ -45,3 +45,4 @@ def download_csl():
     shutil.copytree(CSL_TEMP_DIR, CSL_DIR)
     os.remove(download_location)
     remove_dir(CSL_TEMP_DIR)
+    urllib.request.urlcleanup()