Update pyyaml requirement from >=6.0.2 to >=6.0.3 by dependabot[bot] · Pull Request #985 · dapr/python-sdk

dependabot · 2026-04-22T13:21:52Z

Updates the requirements on pyyaml to permit the latest version.

Release notes

6.0.3

What's Changed

Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)

6.0.2 (2024-08-06)

yaml/pyyaml#808 -- Support for Cython 3.x and Python 3.13

6.0.1 (2023-07-18)

yaml/pyyaml#702 -- pin Cython build dep to < 3.0

6.0 (2021-10-13)

yaml/pyyaml#327 -- Change README format to Markdown

yaml/pyyaml#483 -- Add a test for YAML 1.1 types

yaml/pyyaml#497 -- fix float resolver to ignore . and ._

yaml/pyyaml#550 -- drop Python 2.7

yaml/pyyaml#553 -- Fix spelling of “hexadecimal”

yaml/pyyaml#556 -- fix representation of Enum subclasses

yaml/pyyaml#557 -- fix libyaml extension compiler warnings

yaml/pyyaml#560 -- fix ResourceWarning on leaked file descriptors

yaml/pyyaml#561 -- always require Loader arg to yaml.load()

yaml/pyyaml#564 -- remove remaining direct distutils usage

5.4.1 (2021-01-20)

yaml/pyyaml#480 -- Fix stub compat with older pyyaml versions that may unwittingly load it

5.4 (2021-01-19)

yaml/pyyaml#407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA

yaml/pyyaml#472 -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader

yaml/pyyaml#441 -- Fix memory leak in implicit resolver setup

yaml/pyyaml#392 -- Fix py2 copy support for timezone objects

yaml/pyyaml#378 -- Fix compatibility with Jython

5.3.1 (2020-03-18)

yaml/pyyaml#386 -- Prevents arbitrary code execution during python/object/new constructor

5.3 (2020-01-06)

yaml/pyyaml#290 -- Use is instead of equality for comparing with None

yaml/pyyaml#270 -- Fix typos and stylistic nit

yaml/pyyaml#309 -- Fix up small typo

yaml/pyyaml#161 -- Fix handling of slots

yaml/pyyaml#358 -- Allow calling add_multi_constructor with None

yaml/pyyaml#285 -- Add use of safe_load() function in README

yaml/pyyaml#351 -- Fix reader for Unicode code points over 0xFFFF

... (truncated)

Commits

49790e7 Release 6.0.3 (#889)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [pyyaml](https://github.com/yaml/pyyaml) to permit the latest version. - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](yaml/pyyaml@6.0.2...6.0.3) --- updated-dependencies: - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

Updates the requirements on [pyyaml](https://github.com/yaml/pyyaml) to permit the latest version. - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](yaml/pyyaml@6.0.2...6.0.3) --- updated-dependencies: - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sam <sam@diagrid.io> Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com>

* Update pyyaml requirement from >=6.0.2 to >=6.0.3 (dapr#985) Updates the requirements on [pyyaml](https://github.com/yaml/pyyaml) to permit the latest version. - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](yaml/pyyaml@6.0.2...6.0.3) --- updated-dependencies: - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sam <sam@diagrid.io> Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Move old integration tests to examples/ Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Test DaprClient directly Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Update docs to new test structure Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Address Copilot comments (1) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Address Copilot comments (2) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Address Copilot comments (3) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Replace sleep() with polls when possible Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Address Copilot comments (4) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Address Copilot comments (5) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Update README to include both test suites Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Document wait_until() in AGENTS.md Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Update CLAUDE.md Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Fix package name Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Clean up entire process group Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * PR cleanup (1) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Fix possible race running example test Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Assert on pubsub smoke test Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Revert "Fix possible race running example test" This reverts commit df5b0fc. Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Address PR feedback (2) Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Update pydantic requirement from >=2.0.0 to >=2.13.3 (dapr#987) Updates the requirements on [pydantic](https://github.com/pydantic/pydantic) to permit the latest version. - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](pydantic/pydantic@v2.0...v2.13.3) --- updated-dependencies: - dependency-name: pydantic dependency-version: 2.13.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Rename all appareances of components to resources Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> * Rename components/ to resources/ Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Sergio Herrera <627709+seherv@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sam <sam@diagrid.io>

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 22, 2026

dependabot Bot requested review from a team as code owners April 22, 2026 13:21

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 22, 2026

Merge branch 'main' into dependabot/pip/pyyaml-gte-6.0.3

b1021e8

sicoyle approved these changes Apr 22, 2026

View reviewed changes

sicoyle added this pull request to the merge queue Apr 22, 2026

Merged via the queue into main with commit 8daa87f Apr 22, 2026
13 checks passed

dependabot Bot deleted the dependabot/pip/pyyaml-gte-6.0.3 branch April 22, 2026 15:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update pyyaml requirement from >=6.0.2 to >=6.0.3#985

Update pyyaml requirement from >=6.0.2 to >=6.0.3#985
sicoyle merged 2 commits into
mainfrom
dependabot/pip/pyyaml-gte-6.0.3

dependabot Bot commented on behalf of github Apr 22, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 22, 2026

6.0.3

What's Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant