issues: 1026379132
This data as json
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1026379132 | PR_kwDOBm6k_c4tM0JV | 1489 | Update pyyaml requirement from ~=5.3 to >=5.3,<7.0 | 49699333 | closed | 0 | 3 | 2021-10-14T13:09:33Z | 2021-10-14T18:10:43Z | 2021-10-14T18:10:42Z | CONTRIBUTOR | simonw/datasette/pulls/1489 | Updates the requirements on [pyyaml](https://github.com/yaml/pyyaml) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/yaml/pyyaml/blob/master/CHANGES">pyyaml's changelog</a>.</em></p> <blockquote> <p>6.0 (2021-10-13)</p> <ul> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/327">yaml/pyyaml#327</a> -- Change README format to Markdown</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/483">yaml/pyyaml#483</a> -- Add a test for YAML 1.1 types</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/497">yaml/pyyaml#497</a> -- fix float resolver to ignore <code>.</code> and <code>._</code></li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/550">yaml/pyyaml#550</a> -- drop Python 2.7</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/553">yaml/pyyaml#553</a> -- Fix spelling of “hexadecimal”</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/556">yaml/pyyaml#556</a> -- fix representation of Enum subclasses</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/557">yaml/pyyaml#557</a> -- fix libyaml extension compiler warnings</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/560">yaml/pyyaml#560</a> -- fix ResourceWarning on leaked file descriptors</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/561">yaml/pyyaml#561</a> -- always require <code>Loader</code> arg to <code>yaml.load()</code></li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/564">yaml/pyyaml#564</a> -- remove remaining direct distutils usage</li> </ul> <p>5.4.1 (2021-01-20)</p> <ul> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/480">yaml/pyyaml#480</a> -- Fix stub compat with older pyyaml versions that may unwittingly load it</li> </ul> <p>5.4 (2021-01-19)</p> <ul> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/407">yaml/pyyaml#407</a> -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/472">yaml/pyyaml#472</a> -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/441">yaml/pyyaml#441</a> -- Fix memory leak in implicit resolver setup</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/392">yaml/pyyaml#392</a> -- Fix py2 copy support for timezone objects</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/378">yaml/pyyaml#378</a> -- Fix compatibility with Jython</li> </ul> <p>5.3.1 (2020-03-18)</p> <ul> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/386">yaml/pyyaml#386</a> -- Prevents arbitrary code execution during python/object/new constructor</li> </ul> <p>5.3 (2020-01-06)</p> <ul> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/290">yaml/pyyaml#290</a> -- Use <code>is</code> instead of equality for comparing with <code>None</code></li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/270">yaml/pyyaml#270</a> -- Fix typos and stylistic nit</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/309">yaml/pyyaml#309</a> -- Fix up small typo</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/161">yaml/pyyaml#161</a> -- Fix handling of <strong>slots</strong></li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/358">yaml/pyyaml#358</a> -- Allow calling add_multi_constructor with None</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/285">yaml/pyyaml#285</a> -- Add use of safe_load() function in README</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/351">yaml/pyyaml#351</a> -- Fix reader for Unicode code points over 0xFFFF</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/360">yaml/pyyaml#360</a> -- Enable certain unicode tests when maxunicode not > 0xffff</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/359">yaml/pyyaml#359</a> -- Use full_load in yaml-highlight example</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/244">yaml/pyyaml#244</a> -- Document that PyYAML is implemented with Cython</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/329">yaml/pyyaml#329</a> -- Fix for Python 3.10</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/310">yaml/pyyaml#310</a> -- Increase size of index, line, and column fields</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/260">yaml/pyyaml#260</a> -- Remove some unused imports</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/163">yaml/pyyaml#163</a> -- Create timezone-aware datetimes when parsed as such</li> <li><a href="https://github-redirect.dependabot.com/yaml/pyyaml/pull/363">yaml/pyyaml#363</a> -- Add tests for timezone</li> </ul> <h2>5.2 (2019-12-02)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yaml/pyyaml/commit/8cdff2c80573b8be8e8ad28929264a913a63aa33"><code>8cdff2c</code></a> 6.0 release</li> <li><a href="https://github.com/yaml/pyyaml/commit/a4fb55e943abf25055725245b0779cf527069a78"><code>a4fb55e</code></a> Update Python 3.10 versions for Windows build</li> <li><a href="https://github.com/yaml/pyyaml/commit/e45b9643de3f7332e874ac67357ffd6dd5200211"><code>e45b964</code></a> Add Python 3.10 to tox.ini</li> <li><a href="https://github.com/yaml/pyyaml/commit/4808fba18e067a93a4fcc25ddda1aae9b976ceb8"><code>4808fba</code></a> 6.0b1 release</li> <li><a href="https://github.com/yaml/pyyaml/commit/d5aba406edc9d2618fc9d6ffccd257fe593e4283"><code>d5aba40</code></a> Omnibus CI/artifact build update</li> <li><a href="https://github.com/yaml/pyyaml/commit/a6d384c52ea54ded80df27032c7b6d3a98b0c2fa"><code>a6d384c</code></a> Various setup fixes</li> <li><a href="https://github.com/yaml/pyyaml/commit/8f3f9795b4ccc7087c439aad8342eaf916f273d0"><code>8f3f979</code></a> No longer using appveyor</li> <li><a href="https://github.com/yaml/pyyaml/commit/c2743653bc89e42679ba097b4f9888db47c61d63"><code>c274365</code></a> The yaml.load{,_all} functions require Loader= now</li> <li><a href="https://github.com/yaml/pyyaml/commit/2f87ac4838840a2e3cb48504dcd74041921ab184"><code>2f87ac4</code></a> Add a basic test file for yaml.load and yaml.dump</li> <li><a href="https://github.com/yaml/pyyaml/commit/7bd92df5435030b9a32f8843369ad6673d0d9294"><code>7bd92df</code></a> Makefile tweaks</li> <li>Additional commits viewable in <a href="https://github.com/yaml/pyyaml/compare/5.3...6.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> | 107914493 | pull | {"url": "https://api.github.com/repos/simonw/datasette/issues/1489/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | 0 |