theQRL / QRL

Quantum Resistant Ledger
https://theqrl.org/
MIT License
417 stars 109 forks source link

[Snyk] Security upgrade pyyaml from 5.1 to 5.2 #1649

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

By pinning:
Severity Issue Upgrade Breaking Change Exploit Maturity
high severity Improper Access Control
SNYK-PYTHON-PYYAML-550022
pyyaml:
5.1 -> 5.2
No Mature

Note that some vulnerabilities couldn’t be fully fixed, and so will still fail the Snyk test report.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

cyyber commented 4 years ago

PyYaml already upgraded to 5.3.1