FYI, I got a notification from Github that my project that has sphinx-autobuild in it had a vulnerability in the pyyaml package.
Upgrade pyyaml to version 4.2b1 or later.
When I run pipenv graph it showed that it was sphinx-autobuild that had pyyaml as a requirement. I added a specific requirement for pyyaml in my project for now, but would like to remove it as soon as sphinx-autobuild has been updated.
I could make a PR for this project if you would like.
FYI, I got a notification from Github that my project that has sphinx-autobuild in it had a vulnerability in the pyyaml package.
When I run
pipenv graph
it showed that it was sphinx-autobuild that had pyyaml as a requirement. I added a specific requirement for pyyaml in my project for now, but would like to remove it as soon as sphinx-autobuild has been updated.I could make a PR for this project if you would like.