scripts: dts: update pyyaml version

The currently used PyYaml version has some vulnerabilies as described on the pull request description. It updates to version 6.0, removing these supply chain vulnerabily. The OSSF Scorecard was the tool used for discovering these vulnerabilties. Signed-off-by: Javan lacerda <[email protected]>
zephyrproject-rtos · Mar 29, 2024 · dbfc1aa · dbfc1aa
1 parent fe5313f
commit dbfc1aa
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/doc/requirements.txt b/doc/requirements.txt
@@ -11,7 +11,7 @@ sphinx-copybutton
 sphinx-togglebutton
 
 # YAML validation. Used by zephyr_module.
-PyYAML>=5.1
+PyYAML>=6.0
 pykwalify
 
 # Used by pytest-twister-harness plugin

diff --git a/scripts/dts/python-devicetree/setup.py b/scripts/dts/python-devicetree/setup.py
@@ -36,7 +36,7 @@
         'Operating System :: Microsoft :: Windows',
     ],
     install_requires=[
-        'PyYAML>=5.1',
+        'PyYAML>=6.0',
     ],
     python_requires='>=3.6',
 )
diff --git a/scripts/requirements-base.txt b/scripts/requirements-base.txt
@@ -8,7 +8,7 @@ pyelftools>=0.27
 
 # used by dts generation to parse binding YAMLs, also used by
 # twister to parse YAMLs, by west, zephyr_module,...
-PyYAML>=5.1
+PyYAML>=6.0
 
 # YAML validation. Used by zephyr_module.
 pykwalify