Psych-4.0.0 changes `Psych.safe_load` by the default. https://github.com/ruby/psych/pull/487 It breaks the several code like: * https://github.com/ruby/ruby/commit/da5b28396397ace84d914cb188055cbeb46b8725 * https://github.com/ruby/ruby/commit/8e91b969df08b7a2eb27a5d6d38733eea42dc7ad * https://github.com/ruby/ruby/commit/d8fd92f62024d85271a3f1125bc6928409f912e1 * https://github.com/ruby/ruby/commit/dfecc650c3f9bbd8b4fb0eefc1e3da65f151d3a8 * etc... I and @mame investigate them. We found 2 issues. 1. `Symbol` is still ignored `Pysch.load`. It break many of code like configuration store. https://github.com/ruby/psych/blob/master/lib/psych.rb#L368 passes `Symbol` used by `permitted_classes`. But It's not working now. see https://github.com/ruby/psych/issues/490 2. `Pysch.load` restrict `Gem::Specification` or `RDoc::Options` by the default. Should we add them with`permitted_classes` to `Psych.load` or `Psych.load_file`? I'm not sure the right way about them. @tenderlovemaking Do you have any ideas about the above concerns?