bump PyYAML to 5.1 for CVE-2017-18342 (#902)

spec-first · Mar 15, 2019 · d3d1836 · d3d1836
1 parent 08e4536
commit d3d1836
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/connexion/utils.py b/connexion/utils.py
@@ -252,4 +252,4 @@ def ignore_aliases(self, *args):
     # Dump long lines as "|".
     yaml.representer.SafeRepresenter.represent_scalar = my_represent_scalar
 
-    return yaml.dump(openapi, default_flow_style=False, allow_unicode=True, Dumper=NoAnchorDumper)
+    return yaml.dump(openapi, allow_unicode=True, Dumper=NoAnchorDumper)
diff --git a/setup.py b/setup.py
@@ -23,7 +23,7 @@ def read_version(package):
 install_requires = [
     'clickclick>=1.2',
     'jsonschema>=2.5.1,<3.0.0',
-    'PyYAML>=3.13',
+    'PyYAML>=5.1',
     'requests>=2.9.1',
     'six>=1.9',
     'inflection>=0.3.1',