Open vogelsgesang opened 8 months ago
Tagging potential owners of the requirements files based previous discussions in #64417
@tru re llvm/utils/git/requirements.txt
: Afaict, the change https://reviews.llvm.org/D157254 never actually landed. Can we land an updated version of this patch?
@mtrofin re third-party/benchmark/requirements.txt
: An update to the latest upstream benchmark
library should resolve the issues. There was previously https://reviews.llvm.org/D157101 but the discussion on the review died down.
MSVC has similar automated security scanning, which inspects our LLVM submodules - it identified three of the dependencies mentioned above, two for reasons not mentioned above. I'll list them here in case it helps.
An automated security scan of 18.1.0-rc2 complained about the following dependencies:
This is the follow-up from #64417 for the 18.1.0 release