-
Notifications
You must be signed in to change notification settings - Fork 5.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update pyyaml on 6.0.1 #11140
Comments
Please keep the conversation in the original issue to avoid discussion splitting |
@glours you closed issue before we finished discussion, by this reason I opened new issue. |
A closed issue can be re-open if needed |
docker-compose (python) is End of Life after having been deprecated for 1 year, and you should just not install it. We don't offer any maintenance on this package anymore, including security updates. Like Windows 95, docker-compose python is just dead - don't use it. |
let's maintain a public docker-compose package |
@alingse why not just use the actively developed version ? |
@alingse are you looking for a python package to include in a program or are you using |
I have been assigned to deploy a Python project, which uses docker-compose 1.29.2 to import and export some configurations. It not only depends on the CLI, but also needs to run some Python code. However, docker-compose relies on PyYAML 5.4.1, which cannot be directly installed on Python 3.10 or above versions. So my idea is to remove the limit of 'PyYAML >= 3.10, < 6' in the setup.py file. see alingse-forks#2 --> setup a python Github Action |
Hello, @glours !
Yeah
5.4.1
is not affected by CVE, but this version has problem with installation , all the versions <5.4.1
has this CVE.I mean that the users which will have problem with
5.4.1
, will got version5.3.1
that have security issue.I understanding EOL, but security issue anyway should be fixed
Originally posted by @ikheifets-splunk in #11139 (comment)
The text was updated successfully, but these errors were encountered: