id,node_id,number,title,user,user_label,state,locked,assignee,assignee_label,milestone,milestone_label,comments,created_at,updated_at,closed_at,author_association,pull_request,body,repo,repo_label,type,active_lock_reason,performed_via_github_app,reactions,draft,state_reason
1026379132,PR_kwDOBm6k_c4tM0JV,1489,"Update pyyaml requirement from ~=5.3 to >=5.3,<7.0",49699333,dependabot[bot],closed,0,,,,,3,2021-10-14T13:09:33Z,2021-10-14T18:10:43Z,2021-10-14T18:10:42Z,CONTRIBUTOR,simonw/datasette/pulls/1489,"Updates the requirements on [pyyaml](https://github.com/yaml/pyyaml) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href=""https://github.com/yaml/pyyaml/blob/master/CHANGES"">pyyaml's changelog</a>.</em></p>
<blockquote>
<p>6.0 (2021-10-13)</p>
<ul>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/327"">yaml/pyyaml#327</a> -- Change README format to Markdown</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/483"">yaml/pyyaml#483</a> -- Add a test for YAML 1.1 types</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/497"">yaml/pyyaml#497</a> -- fix float resolver to ignore <code>.</code> and <code>._</code></li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/550"">yaml/pyyaml#550</a> -- drop Python 2.7</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/553"">yaml/pyyaml#553</a> -- Fix spelling of “hexadecimal”</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/556"">yaml/pyyaml#556</a> -- fix representation of Enum subclasses</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/557"">yaml/pyyaml#557</a> -- fix libyaml extension compiler warnings</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/560"">yaml/pyyaml#560</a> -- fix ResourceWarning on leaked file descriptors</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/561"">yaml/pyyaml#561</a> -- always require <code>Loader</code> arg to <code>yaml.load()</code></li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/564"">yaml/pyyaml#564</a> -- remove remaining direct distutils usage</li>
</ul>
<p>5.4.1 (2021-01-20)</p>
<ul>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/480"">yaml/pyyaml#480</a> -- Fix stub compat with older pyyaml versions that may unwittingly load it</li>
</ul>
<p>5.4 (2021-01-19)</p>
<ul>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/407"">yaml/pyyaml#407</a> -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/472"">yaml/pyyaml#472</a> -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/441"">yaml/pyyaml#441</a> -- Fix memory leak in implicit resolver setup</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/392"">yaml/pyyaml#392</a> -- Fix py2 copy support for timezone objects</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/378"">yaml/pyyaml#378</a> -- Fix compatibility with Jython</li>
</ul>
<p>5.3.1 (2020-03-18)</p>
<ul>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/386"">yaml/pyyaml#386</a> -- Prevents arbitrary code execution during python/object/new constructor</li>
</ul>
<p>5.3 (2020-01-06)</p>
<ul>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/290"">yaml/pyyaml#290</a> -- Use <code>is</code> instead of equality for comparing with <code>None</code></li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/270"">yaml/pyyaml#270</a> -- Fix typos and stylistic nit</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/309"">yaml/pyyaml#309</a> -- Fix up small typo</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/161"">yaml/pyyaml#161</a> -- Fix handling of <strong>slots</strong></li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/358"">yaml/pyyaml#358</a> -- Allow calling add_multi_constructor with None</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/285"">yaml/pyyaml#285</a> -- Add use of safe_load() function in README</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/351"">yaml/pyyaml#351</a> -- Fix reader for Unicode code points over 0xFFFF</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/360"">yaml/pyyaml#360</a> -- Enable certain unicode tests when maxunicode not &gt; 0xffff</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/359"">yaml/pyyaml#359</a> -- Use full_load in yaml-highlight example</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/244"">yaml/pyyaml#244</a> -- Document that PyYAML is implemented with Cython</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/329"">yaml/pyyaml#329</a> -- Fix for Python 3.10</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/310"">yaml/pyyaml#310</a> -- Increase size of index, line, and column fields</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/260"">yaml/pyyaml#260</a> -- Remove some unused imports</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/163"">yaml/pyyaml#163</a> -- Create timezone-aware datetimes when parsed as such</li>
<li><a href=""https://github-redirect.dependabot.com/yaml/pyyaml/pull/363"">yaml/pyyaml#363</a> -- Add tests for timezone</li>
</ul>
<h2>5.2 (2019-12-02)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href=""https://github.com/yaml/pyyaml/commit/8cdff2c80573b8be8e8ad28929264a913a63aa33""><code>8cdff2c</code></a> 6.0 release</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/a4fb55e943abf25055725245b0779cf527069a78""><code>a4fb55e</code></a> Update Python 3.10 versions for Windows build</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/e45b9643de3f7332e874ac67357ffd6dd5200211""><code>e45b964</code></a> Add Python 3.10 to tox.ini</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/4808fba18e067a93a4fcc25ddda1aae9b976ceb8""><code>4808fba</code></a> 6.0b1 release</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/d5aba406edc9d2618fc9d6ffccd257fe593e4283""><code>d5aba40</code></a> Omnibus CI/artifact build update</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/a6d384c52ea54ded80df27032c7b6d3a98b0c2fa""><code>a6d384c</code></a> Various setup fixes</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/8f3f9795b4ccc7087c439aad8342eaf916f273d0""><code>8f3f979</code></a> No longer using appveyor</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/c2743653bc89e42679ba097b4f9888db47c61d63""><code>c274365</code></a> The yaml.load{,_all} functions require Loader= now</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/2f87ac4838840a2e3cb48504dcd74041921ab184""><code>2f87ac4</code></a> Add a basic test file for yaml.load and yaml.dump</li>
<li><a href=""https://github.com/yaml/pyyaml/commit/7bd92df5435030b9a32f8843369ad6673d0d9294""><code>7bd92df</code></a> Makefile tweaks</li>
<li>Additional commits viewable in <a href=""https://github.com/yaml/pyyaml/compare/5.3...6.0"">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>",107914493,datasette,pull,,,"{""url"": ""https://api.github.com/repos/simonw/datasette/issues/1489/reactions"", ""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",0,