[Mlir-commits] [mlir] [mlir] [python] Update PyYAML minimum version to 5.4 (PR #102178)
llvmlistbot at llvm.org
llvmlistbot at llvm.org
Tue Aug 6 09:29:35 PDT 2024
llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-mlir
Author: Nhat Nguyen (nhat-nguyen)
<details>
<summary>Changes</summary>
PyYAML 5.3.1 has a security vulnerability as described here: https://nvd.nist.gov/vuln/detail/CVE-2020-14343. Update the minimum PyYAML version to 5.4.
---
Full diff: https://github.com/llvm/llvm-project/pull/102178.diff
1 Files Affected:
- (modified) mlir/python/requirements.txt (+2-2)
``````````diff
diff --git a/mlir/python/requirements.txt b/mlir/python/requirements.txt
index 6ec63e43adf89..4d86dd2134e8e 100644
--- a/mlir/python/requirements.txt
+++ b/mlir/python/requirements.txt
@@ -1,4 +1,4 @@
numpy>=1.19.5, <=1.26
pybind11>=2.9.0, <=2.10.3
-PyYAML>=5.3.1, <=6.0.1
-ml_dtypes # provides several NumPy dtype extensions, including the bf16
\ No newline at end of file
+PyYAML>=5.4, <=6.0.1
+ml_dtypes # provides several NumPy dtype extensions, including the bf16
``````````
</details>
https://github.com/llvm/llvm-project/pull/102178
More information about the Mlir-commits
mailing list