Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit58d0cb7

Browse files
committed
5.4 release
1 parenta60f7a1 commit58d0cb7

File tree

6 files changed

+39
-21
lines changed

6 files changed

+39
-21
lines changed

‎CHANGES

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,22 @@ For a complete changelog, see:
44
* https://github.com/yaml/pyyaml/commits/
55
* https://bitbucket.org/xi/pyyaml/commits/
66

7+
5.4 (2021-01-19)
8+
9+
* https://github.com/yaml/pyyaml/pull/407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA
10+
* https://github.com/yaml/pyyaml/pull/472 -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader
11+
* https://github.com/yaml/pyyaml/pull/441 -- Fix memory leak in implicit resolver setup
12+
* https://github.com/yaml/pyyaml/pull/392 -- Fix py2 copy support for timezone objects
13+
* https://github.com/yaml/pyyaml/pull/378 -- Fix compatibility with Jython
14+
715
5.3.1 (2020-03-18)
816

917
* https://github.com/yaml/pyyaml/pull/386 -- Prevents arbitrary code execution during python/object/new constructor
1018

1119
5.3 (2020-01-06)
1220

1321
* https://github.com/yaml/pyyaml/pull/290 -- Use `is` instead of equality for comparing with `None`
14-
* https://github.com/yaml/pyyaml/pull/270 --fix typos and stylistic nit
22+
* https://github.com/yaml/pyyaml/pull/270 --Fix typos and stylistic nit
1523
* https://github.com/yaml/pyyaml/pull/309 -- Fix up small typo
1624
* https://github.com/yaml/pyyaml/pull/161 -- Fix handling of __slots__
1725
* https://github.com/yaml/pyyaml/pull/358 -- Allow calling add_multi_constructor with None
@@ -21,8 +29,8 @@ For a complete changelog, see:
2129
* https://github.com/yaml/pyyaml/pull/359 -- Use full_load in yaml-highlight example
2230
* https://github.com/yaml/pyyaml/pull/244 -- Document that PyYAML is implemented with Cython
2331
* https://github.com/yaml/pyyaml/pull/329 -- Fix for Python 3.10
24-
* https://github.com/yaml/pyyaml/pull/310 --increase size of index, line, and column fields
25-
* https://github.com/yaml/pyyaml/pull/260 --remove some unused imports
32+
* https://github.com/yaml/pyyaml/pull/310 --Increase size of index, line, and column fields
33+
* https://github.com/yaml/pyyaml/pull/260 --Remove some unused imports
2634
* https://github.com/yaml/pyyaml/pull/163 -- Create timezone-aware datetimes when parsed as such
2735
* https://github.com/yaml/pyyaml/pull/363 -- Add tests for timezone
2836

‎LICENSE

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
Copyright (c) 2017-2020 Ingy döt Net
1+
Copyright (c) 2017-2021 Ingy döt Net
22
Copyright (c) 2006-2016 Kirill Simonov
33

44
Permission is hereby granted, free of charge, to any person obtaining a copy of

‎announcement.msg

Lines changed: 24 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,34 @@
1-
From:Tina Müller <post@tinita.de>
1+
From:Ingy döt Net <ingy@ingy.net>
22
To: python-list@python.org, python-announce@python.org, yaml-core@lists.sourceforge.net
3-
Subject: [ANN] PyYAML-5.3.1: YAML parser and emitter for Python
3+
Subject: [ANN] PyYAML-5.4 Released
44

5-
=======================
6-
Announcing PyYAML-5.3.1
7-
=======================
5+
=====================
6+
Announcing PyYAML-5.4
7+
=====================
88

99
A new release of PyYAML is now available:
10-
https://pypi.org/project/PyYAML/
10+
https://github.com/yaml/pyyaml/releases/tag/5.4
1111

12-
This release contains a security fix for CVE-2020-1747. FullLoader was still
13-
exploitable for arbitrary command execution.
14-
https://bugzilla.redhat.com/show_bug.cgi?id=1807367
12+
This release contains a security fix for CVE-2020-14343. It removes the
13+
python/module, python/object, and python/object/new tags from the FullLoader.
14+
YAML that uses these tags must be loaded by UnsafeLoader, or a custom loader
15+
that has explicitly enabled them.
16+
17+
This release also adds Python wheels for manylinux1 (x86_64) and MacOS (x86_64)
18+
with the libyaml extension included (built on libyaml 0.2.5).
19+
20+
PyYAML 5.4 will be the last release to support Python 2.7 (except for possible
21+
critical bug fix releases).
1522

16-
Thanks to Riccardo Schirone (https://github.com/ret2libc) for both reporting
17-
this and providing the fixes to resolve it.
1823

1924
Changes
2025
=======
2126

22-
* https://github.com/yaml/pyyaml/pull/386 -- Prevents arbitrary code execution during python/object/new constructor
27+
* https://github.com/yaml/pyyaml/pull/407 -- build modernization, remove distutils, fix metadata, build wheels, CI to GHA
28+
* https://github.com/yaml/pyyaml/pull/472 -- fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader
29+
* https://github.com/yaml/pyyaml/pull/441 -- fix memory leak in implicit resolver setup
30+
* https://github.com/yaml/pyyaml/pull/392 -- fix py2 copy support for timezone objects
31+
* https://github.com/yaml/pyyaml/pull/378 -- fix compatibility with Jython
2332

2433

2534
Resources
@@ -55,6 +64,7 @@ files to object serialization and persistence.
5564
Example
5665
=======
5766

67+
```
5868
>>> import yaml
5969

6070
>>> yaml.full_load("""
@@ -72,7 +82,7 @@ name: PyYAML
7282
homepage: https://github.com/yaml/pyyaml
7383
description: YAML parser and emitter for Python
7484
keywords: [YAML, serialization, configuration, persistence, pickle]
75-
85+
```
7686

7787
Maintainers
7888
===========
@@ -89,7 +99,7 @@ See: https://github.com/yaml/pyyaml/pulls
8999
Copyright
90100
=========
91101

92-
Copyright (c) 2017-2020 Ingy döt Net <ingy@ingy.net>
102+
Copyright (c) 2017-2021 Ingy döt Net <ingy@ingy.net>
93103
Copyright (c) 2006-2016 Kirill Simonov <xi@resolvent.net>
94104

95105
The PyYAML module was written by Kirill Simonov <xi@resolvent.net>.

‎lib/yaml/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
fromloaderimport*
99
fromdumperimport*
1010

11-
__version__='5.4.0a0'
11+
__version__='5.4'
1212

1313
try:
1414
fromcyamlimport*

‎lib3/yaml/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
from .loaderimport*
99
from .dumperimport*
1010

11-
__version__='5.4.0a0'
11+
__version__='5.4'
1212
try:
1313
from .cyamlimport*
1414
__with_libyaml__=True

‎setup.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11

22
NAME='PyYAML'
3-
VERSION='5.4.0a0'
3+
VERSION='5.4'
44
DESCRIPTION="YAML parser and emitter for Python"
55
LONG_DESCRIPTION="""\
66
YAML is a data serialization format designed for human readability

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp