Closed jiasli closed 3 years ago
@jiasli - Brought this up in a couple of Issues (#258 & #193), but it seems like unpinning PyYAML is somehow letting it still default to version 5.3.1, which is throwing an arbitrary code execution warning on my end (via BlackDuck).
I fleshed out my reasoning on it in issue #258. Something wonky is happening - might be a good idea to re-pin this one.
I take that back. Everything was resolved in #258. Ended up being an issue with the pipeline.
Unpin PyYAML so that the latest version will always be used. This solves
https://dev.azure.com/azure-sdk/public/_build/results?buildId=781110&view=logs&j=74095127-2a27-5370-37ed-15a4193f243f&t=a1e0e2fa-9206-5f67-cee4-df0dbeea0a5f&l=515