Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove pyyaml==6.0 as Direct Dependency #713

Closed
NimJay opened this issue Feb 8, 2022 · 2 comments · Fixed by #985
Closed

Remove pyyaml==6.0 as Direct Dependency #713

NimJay opened this issue Feb 8, 2022 · 2 comments · Fixed by #985
Labels
priority: p3 Desirable enhancement or fix. May not be included in next release. type: cleanup An internal cleanup or hygiene concern.

Comments

@NimJay
Copy link
Collaborator

NimJay commented Feb 8, 2022

Describe request or inquiry

  • This is regarding the Python services, recommendationservice.
  • See Pinning pyyaml to 6.0 for now to get past critical security alert #711.
  • In the above pull-request, we updated the (indirect) dependency pyyaml to 6.0 by adding it to the requirements.in file (as a "direct" dependency) and specifying the version we want (6.0).
  • recommendationservice was only using pyyaml because of google-python-cloud-debugger.
  • Eventually, when google-python-cloud-debugger upgrades its version of pyyaml, we will need to upgrade google-python-cloud-debugger and remove pyyaml from requirements.in.

What purpose/environment will this feature serve?

  • This is a clean-up.
@NimJay NimJay added type: cleanup An internal cleanup or hygiene concern. priority: p3 Desirable enhancement or fix. May not be included in next release. labels Feb 8, 2022
@NimJay NimJay mentioned this issue Feb 8, 2022
Merged
@xtineskim xtineskim mentioned this issue May 24, 2022
Closed
@bourgeoisor
Copy link
Member

I think we should still do this. Commenting to reset SLO.

@mathieu-benoit mathieu-benoit mentioned this issue Aug 31, 2022
Merged
@mathieu-benoit
Copy link
Contributor

Should be fixed by #985

@mathieu-benoit mathieu-benoit linked a pull request Aug 31, 2022 that will close this issue
Remove pyyaml==6.0 as Direct Dependency #985
Merged
@tsmithv11 tsmithv11 mentioned this issue Jul 21, 2023
Open
@haseebH haseebH mentioned this issue Nov 27, 2023
Open
@DSOTraining DSOTraining mentioned this issue Nov 27, 2023
Open
@davidb-github davidb-github mentioned this issue Nov 27, 2023
Open
@DSOTraining DSOTraining mentioned this issue Nov 27, 2023
Open
@davidb-github davidb-github mentioned this issue Nov 30, 2023
Open
@haseebH haseebH mentioned this issue Dec 19, 2023
Open
This was referenced Dec 19, 2023
Open
Open
@haseebH haseebH mentioned this issue Dec 20, 2023
Open
@davidb-github davidb-github mentioned this issue Dec 20, 2023
Open
@davidb-github davidb-github mentioned this issue Mar 22, 2024
Open
This was referenced Mar 22, 2024
Open
Open
This was referenced Mar 22, 2024
Open
Open
This was referenced Mar 22, 2024
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority: p3 Desirable enhancement or fix. May not be included in next release. type: cleanup An internal cleanup or hygiene concern.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove pyyaml==6.0 as Direct Dependency GoogleCloudPlatform/microservices-demo
3 participants
@bourgeoisor @NimJay @mathieu-benoit