Re: pyyaml 6

On Fri, 2022-10-07 at 00:10 +0200, Gordon Ball wrote: > * Upload to unstable and see what breaks? The experimental pseudo-excuses already say several packages break: https://qa.debian.org/excuses.php?experimental=1=pyyaml autopkgtest for ganeti/3.0.2-1: amd64: Regression, arm64:

Re: pyyaml 6

Hi Gordon, * Gordon Ball [2022-10-07 00:10]: * Upload to unstable and see what breaks? * Request an archive rebuild with this version and see what breaks? * File bugs against all likely affected packages with a fixed date for an upload? * Wait until after the freeze? Considering that PyYAML

pyyaml 6

pyyaml (aka python3-yaml) is an rdepend for >300 packages. We currently have 5.4.1, but version 6 was released late last year, which does quite a lot of cleanup (eg, dropping python 2 support) and disables unsafe loading (arbitrary python code execution) unless explicitly opted into.