Use File.read instead of IO.read

[tagliala]

If argument starts with a pipe character ('|') and the receiver is the IO class, a subprocess is created in the same way as Kernel#open, and its output is returned. Kernel#open may allow unintentional command injection, which is the reason these IO methods are a security risk. Consider to use File.read to disable the behavior of subprocess invocation.

Ref: https://www.rubydoc.info/gems/rubocop/RuboCop/Cop/Security/IoMethods

Why and what is being done.

Pre-Merge Checklist

• [x] CHANGELOG.md updated with short summary

[grosser]

nice find!

[grosser]

1.17.1