Spring Make use of custom types configurable in YamlProcessor

Overview

Since SnakeYaml allows for custom types to be loaded when they are specified inside the YAML document, we should make it possible to configure the types that can be constructed.

Proposal

Provide a mechanism in YamlProcessor for configuring the supported custom types for the Yaml instance created in org.springframework.beans.factory.config.YamlProcessor.createYaml().

For example, a new void setSupportedCustomTypes(Class<?>... types) method could be added to YamlProcessor. If no supported types are configured, the Yaml instance would be created as it is currently, without any restrictions. If supported types have been configured, the Yaml instance would be created with restrictions in place. The TypeLimitedConstructor recently introduced in Spring Boot can serve as inspiration for the latter.

Related Issues

• https://github.com/spring-projects/spring-boot/issues/21596

Comment From: michaldo

I would like to know purpose of this PR. I'm going to replace snakeyaml suporting YAML 1.1 with snakeyaml-engine supporting YAML 1.2. But API is different and setSupportedCustomTypes is not easy replaceable.

I see that Spring Boot defines OriginTrackedYamlLoader, a subclass of YamlProcessor. It means clients can modify YamlProcessor - especially supported types - without explicite API.