[Mlir-commits] [mlir] d60008d - [mlir] [python] Update PyYAML minimum version to 5.4 and limit ml_dtypes to 0.4.0 (#102178)
llvmlistbot at llvm.org
llvmlistbot at llvm.org
Wed Aug 7 08:24:19 PDT 2024
Author: Nhat Nguyen
Date: 2024-08-07T08:24:15-07:00
New Revision: d60008d861d2f5e6a73c4b5d403e1132e41e1704
URL: https://github.com/llvm/llvm-project/commit/d60008d861d2f5e6a73c4b5d403e1132e41e1704
DIFF: https://github.com/llvm/llvm-project/commit/d60008d861d2f5e6a73c4b5d403e1132e41e1704.diff
LOG: [mlir] [python] Update PyYAML minimum version to 5.4 and limit ml_dtypes to 0.4.0 (#102178)
PyYAML 5.3.1 has a security vulnerability as described here:
https://nvd.nist.gov/vuln/detail/CVE-2020-14343. Update the minimum
PyYAML version to 5.4. Also limit ml_dtypes version to 0.4.0.
Added:
Modified:
mlir/python/requirements.txt
Removed:
################################################################################
diff --git a/mlir/python/requirements.txt b/mlir/python/requirements.txt
index 6ec63e43adf896..d1b5418cca5b23 100644
--- a/mlir/python/requirements.txt
+++ b/mlir/python/requirements.txt
@@ -1,4 +1,4 @@
numpy>=1.19.5, <=1.26
pybind11>=2.9.0, <=2.10.3
-PyYAML>=5.3.1, <=6.0.1
-ml_dtypes # provides several NumPy dtype extensions, including the bf16
\ No newline at end of file
+PyYAML>=5.4.0, <=6.0.1
+ml_dtypes>=0.1.0, <=0.4.0 # provides several NumPy dtype extensions, including the bf16
More information about the Mlir-commits
mailing list