From 18969dc55832d3300516d6dfe310d3100893367d Mon Sep 17 00:00:00 2001
From: Andrew Turner <turner.andrewc@gmail.com>
Date: Sat, 10 Apr 2021 15:54:20 -0600
Subject: [PATCH 1/4] Issues #1513 & #1514

---
 cookiecutter/config.py | 13 ++++---------
 setup.py               |  1 +
 2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/cookiecutter/config.py b/cookiecutter/config.py
index a07aa1a8b..ac8c2811f 100644
--- a/cookiecutter/config.py
+++ b/cookiecutter/config.py
@@ -4,7 +4,7 @@
 import logging
 import os
 
-import poyo
+import yaml
 
 from cookiecutter.exceptions import ConfigDoesNotExistException, InvalidConfiguration
 
@@ -44,7 +44,7 @@ def merge_configs(default, overwrite):
     for k, v in overwrite.items():
         # Make sure to preserve existing items in
         # nested dicts, for example `abbreviations`
-        if isinstance(v, dict):
+        if isinstance(v, dict) and k in default:
             new_config[k] = merge_configs(default[k], v)
         else:
             new_config[k] = v
@@ -60,13 +60,8 @@ def get_config(config_path):
         )
 
     logger.debug('config_path is %s', config_path)
-    with open(config_path, encoding='utf-8') as file_handle:
-        try:
-            yaml_dict = poyo.parse_string(file_handle.read())
-        except poyo.exceptions.PoyoException as e:
-            raise InvalidConfiguration(
-                'Unable to parse YAML file {}. Error: {}'.format(config_path, e)
-            )
+    with open(config_path, 'r') as yaml_file:
+        yaml_dict = yaml.load(yaml_file, Loader=yaml.FullLoader)
 
     config_dict = merge_configs(DEFAULT_CONFIG, yaml_dict)
 
diff --git a/setup.py b/setup.py
index 6ab7e9abd..741bfbf5a 100644
--- a/setup.py
+++ b/setup.py
@@ -11,6 +11,7 @@
     'binaryornot>=0.4.4',
     'Jinja2<3.0.0',
     'click>=7.0',
+    'pyyaml>=5.4',
     'poyo>=0.5.0',
     'jinja2-time>=0.2.0',
     'python-slugify>=4.0.0',

From e5548fcf71ffcfffb6f2691e349c812f36bfd585 Mon Sep 17 00:00:00 2001
From: Andrew Turner <turner.andrewc@gmail.com>
Date: Mon, 26 Apr 2021 09:31:05 -0600
Subject: [PATCH 2/4] remove change addressed in #1516

---
 cookiecutter/config.py | 2 +-
 setup.py               | 1 -
 tests/conftest.py      | 6 ------
 3 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/cookiecutter/config.py b/cookiecutter/config.py
index ac8c2811f..0fe1ef088 100644
--- a/cookiecutter/config.py
+++ b/cookiecutter/config.py
@@ -44,7 +44,7 @@ def merge_configs(default, overwrite):
     for k, v in overwrite.items():
         # Make sure to preserve existing items in
         # nested dicts, for example `abbreviations`
-        if isinstance(v, dict) and k in default:
+        if isinstance(v, dict):
             new_config[k] = merge_configs(default[k], v)
         else:
             new_config[k] = v
diff --git a/setup.py b/setup.py
index 741bfbf5a..18bb42c66 100644
--- a/setup.py
+++ b/setup.py
@@ -12,7 +12,6 @@
     'Jinja2<3.0.0',
     'click>=7.0',
     'pyyaml>=5.4',
-    'poyo>=0.5.0',
     'jinja2-time>=0.2.0',
     'python-slugify>=4.0.0',
     'requests>=2.23.0',
diff --git a/tests/conftest.py b/tests/conftest.py
index ee3eab6d7..23dc24d68 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -175,9 +175,3 @@ def user_config_file(user_dir, user_config_data):
     config_text = USER_CONFIG.format(**user_config_data)
     config_file.write(config_text)
     return str(config_file)
-
-
-@pytest.fixture(autouse=True)
-def disable_poyo_logging():
-    """Fixture that disables poyo logging."""
-    logging.getLogger('poyo').setLevel(logging.WARNING)

From 3d98af63b795a88f2e8b936a449a2328ef4b5949 Mon Sep 17 00:00:00 2001
From: Andrew Turner <turner.andrewc@gmail.com>
Date: Mon, 26 Apr 2021 09:36:21 -0600
Subject: [PATCH 3/4] add encoding, use safe loader, try/catch yaml parsing

---
 cookiecutter/config.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/cookiecutter/config.py b/cookiecutter/config.py
index 0fe1ef088..c82cce9d2 100644
--- a/cookiecutter/config.py
+++ b/cookiecutter/config.py
@@ -60,8 +60,13 @@ def get_config(config_path):
         )
 
     logger.debug('config_path is %s', config_path)
-    with open(config_path, 'r') as yaml_file:
-        yaml_dict = yaml.load(yaml_file, Loader=yaml.FullLoader)
+    with open(config_path, encoding='utf-8') as yaml_file:
+        try:
+            yaml_dict = yaml.load(yaml_file, Loader=yaml.SafeLoader)
+        except yaml.YAMLError as e:
+            raise InvalidConfiguration(
+                'Unable to parse YAML file {}. Error: {}'.format(config_path, e)
+            )
 
     config_dict = merge_configs(DEFAULT_CONFIG, yaml_dict)
 

From bad3c0958695105df41a0bdc7a154ed32d57443a Mon Sep 17 00:00:00 2001
From: Andrew Turner <acturner@alum.mit.edu>
Date: Mon, 26 Apr 2021 13:00:02 -0600
Subject: [PATCH 4/4] use yaml.safe_load

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
---
 cookiecutter/config.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cookiecutter/config.py b/cookiecutter/config.py
index c82cce9d2..eb753ba1b 100644
--- a/cookiecutter/config.py
+++ b/cookiecutter/config.py
@@ -62,7 +62,7 @@ def get_config(config_path):
     logger.debug('config_path is %s', config_path)
     with open(config_path, encoding='utf-8') as yaml_file:
         try:
-            yaml_dict = yaml.load(yaml_file, Loader=yaml.SafeLoader)
+            yaml_dict = yaml.safe_load(yaml_file)
         except yaml.YAMLError as e:
             raise InvalidConfiguration(
                 'Unable to parse YAML file {}. Error: {}'.format(config_path, e)