Update PyYaml Version

Open kentarospin98 opened this issue 2 years ago • 1 comments

Cython 3.0 was released. This breaks PyYaml 5.4.1 (a dependency of discord-logger). PyYaml<=5.4 has a bug which can lead to ACE (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14) set version to 6.0.1 because discord-logger depends on PyYaml >5.4, <6.0

Sep 23 '23 04:09 kentarospin98

@chinnichaitanya This is also relevant for me so if you could merge this that'd be super :)

Nov 03 '23 21:11 Strafer14