From cbff09b9aff3f06845d7cc39a7af37f207981c98 Mon Sep 17 00:00:00 2001
From: Prakhar Pratyush <prakhar1144@gmail.com>
Date: Sun, 7 Dec 2025 16:10:46 +0530
Subject: [PATCH] [flake8-bandit] Fix false positive when using non-standard
 `CSafeLoader` path (S506). (#21830)

---
 .../ruff_linter/resources/test/fixtures/flake8_bandit/S506.py   | 2 ++
 .../src/rules/flake8_bandit/rules/unsafe_yaml_load.rs           | 1 +
 2 files changed, 3 insertions(+)

diff --git a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S506.py b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S506.py
index 9fd87de3e3..b316ca8aea 100644
--- a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S506.py
+++ b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S506.py
@@ -28,9 +28,11 @@ yaml.load("{}", SafeLoader)
 yaml.load("{}", yaml.SafeLoader)
 yaml.load("{}", CSafeLoader)
 yaml.load("{}", yaml.CSafeLoader)
+yaml.load("{}", yaml.cyaml.CSafeLoader)
 yaml.load("{}", NewSafeLoader)
 yaml.load("{}", Loader=SafeLoader)
 yaml.load("{}", Loader=yaml.SafeLoader)
 yaml.load("{}", Loader=CSafeLoader)
 yaml.load("{}", Loader=yaml.CSafeLoader)
+yaml.load("{}", Loader=yaml.cyaml.CSafeLoader)
 yaml.load("{}", Loader=NewSafeLoader)
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/rules/unsafe_yaml_load.rs b/crates/ruff_linter/src/rules/flake8_bandit/rules/unsafe_yaml_load.rs
index 593f5e01da..bc5e846f99 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/rules/unsafe_yaml_load.rs
+++ b/crates/ruff_linter/src/rules/flake8_bandit/rules/unsafe_yaml_load.rs
@@ -75,6 +75,7 @@ pub(crate) fn unsafe_yaml_load(checker: &Checker, call: &ast::ExprCall) {
                         qualified_name.segments(),
                         ["yaml", "SafeLoader" | "CSafeLoader"]
                             | ["yaml", "loader", "SafeLoader" | "CSafeLoader"]
+                            | ["yaml", "cyaml", "CSafeLoader"]
                     )
                 })
             {