Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the pip group across 1 directory with 4 updates #54

Closed
wants to merge 1 commit into from
Closed

Bump the pip group across 1 directory with 4 updates #54

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 11, 2024

Bumps the pip group with 4 updates in the / directory: flask, flask-cors, pycryptodome and requests.

Updates flask from 2.1.1 to 2.2.5

Release notes

Sourced from flask's releases.

2.2.5

This is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.

2.2.4

This is a fix release for the 2.2.x release branch.

2.2.3

This is a fix release for the 2.2.x release branch.

2.2.2

This is a fix release for the 2.2.0 feature release.

2.2.1

This is a fix release for the 2.2.0 feature release.

2.2.0

This is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

2.1.3

2.1.2

This is a fix release for the 2.1.0 feature release.

Changelog

Sourced from flask's changelog.

Version 2.2.5

Released 2023-05-02

  • Update for compatibility with Werkzeug 2.3.3.
  • Set Vary: Cookie header when the session is accessed, modified, or refreshed.

Version 2.2.4

Released 2023-04-25

  • Update for compatibility with Werkzeug 2.3.

Version 2.2.3

Released 2023-02-15

  • Autoescape is enabled by default for .svg template files. :issue:4831
  • Fix the type of template_folder to accept pathlib.Path. :issue:4892
  • Add --debug option to the flask run command. :issue:4777

Version 2.2.2

Released 2022-08-08

  • Update Werkzeug dependency to >= 2.2.2. This includes fixes related to the new faster router, header parsing, and the development server. :pr:4754
  • Fix the default value for app.env to be "production". This attribute remains deprecated. :issue:4740

Version 2.2.1

Released 2022-08-03

  • Setting or accessing json_encoder or json_decoder raises a deprecation warning. :issue:4732

Version 2.2.0

... (truncated)

Commits

Updates flask-cors from 3.0.10 to 4.0.1

Release notes

Sourced from flask-cors's releases.

4.0.1

What's Changed

New Contributors

Full Changelog: corydolphin/flask-cors@4.0.0...4.0.1

Release 4.0.0

What's Changed

New Contributors

Full Changelog: corydolphin/flask-cors@3.1.01...v4.0.0

3.1.01

What's Changed

New Contributors

Full Changelog: corydolphin/flask-cors@3.0.10...3.1.01

Changelog

Sourced from flask-cors's changelog.

4.0.1

Security

4.0.0

3.1.01

Commits

Updates pycryptodome from 3.15.0 to 3.19.1

Release notes

Sourced from pycryptodome's releases.

v3.19.1 - Zeil

Resolved issues

  • Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack. Thanks to Hubert Kario.

v3.19.1 - Zeil (pycryptodomex)

Resolved issues

  • Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack. Thanks to Hubert Kario.

v3.19.0 - Ulm

New features

  • The update() methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
  • Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

  • GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

v3.19.0 - Ulm (pycryptodomex)

New features

  • The update() methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
  • Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

  • GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

v3.18.0 - Trier

New features

  • Added support for DER BOOLEAN encodings.

  • The library now compiles on Windows ARM64. Thanks to Niyas Sait.

    Resolved issues

  • GH#722: nonce attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
  • GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
  • GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.
  • Correctly check that the scalar matches the point when importing an ECC private key.

... (truncated)

Changelog

Sourced from pycryptodome's changelog.

3.19.1 (28 December 2023) ++++++++++++++++++++++++++

Resolved issues

  • Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.

3.19.0 (16 September 2023) ++++++++++++++++++++++++++

New features

  • The update() methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
  • Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

  • GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

3.18.0 (18 May 2023) ++++++++++++++++++++++++++

New features

  • Added support for DER BOOLEAN encodings.
  • The library now compiles on Windows ARM64. Thanks to Niyas Sait.

Resolved issues

  • GH#722: nonce attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
  • GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
  • GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.
  • Correctly check that the scalar matches the point when importing an ECC private key.

3.17.0 (29 January 2023) ++++++++++++++++++++++++++

New features

  • Added support for the Counter Mode KDF defined in SP 800-108 Rev 1.
  • Reduce the minimum tag length for the EAX cipher to 2 bytes.
  • An RSA object has 4 new properties for the CRT coefficients: dp, dq, invq and invq (invp is the same value as the existing u).

Resolved issues

... (truncated)

Commits
  • ef270ab Update wheels action
  • 3278edd Update changelog and version
  • 10e8216 Update PSS verify signature code example.
  • 4ec4b85 Bump version
  • 0deea1b Use constant-time (faster) padding decoding also for OAEP
  • 519e7ae Avoid changing signature of RSA._decrypt() method if possible
  • 1aa9dca Update changelog and bump version
  • afb5e27 Fix side-channel leakage in RSA decryption
  • ee91c67 Update CMAC.py
  • 43a466d Fix small "passes" typo.
  • Additional commits viewable in compare view

Updates requests from 2.28.1 to 2.31.0

Release notes

Sourced from requests's releases.

v2.31.0

2.31.0 (2023-05-22)

Security

  • Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential forwarding of Proxy-Authorization headers to destination servers when following HTTPS redirects.

    When proxies are defined with user info (https://user:pass@proxy:8080), Requests will construct a Proxy-Authorization header that is attached to the request to authenticate with the proxy.

    In cases where Requests receives a redirect response, it previously reattached the Proxy-Authorization header incorrectly, resulting in the value being sent through the tunneled connection to the destination server. Users who rely on defining their proxy credentials in the URL are strongly encouraged to upgrade to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy credentials once the change has been fully deployed.

    Users who do not use a proxy or do not supply their proxy credentials through the user information portion of their proxy URL are not subject to this vulnerability.

    Full details can be read in our Github Security Advisory and CVE-2023-32681.

v2.30.0

2.30.0 (2023-05-03)

Dependencies

v2.29.0

2.29.0 (2023-04-26)

Improvements

  • Requests now defers chunked requests to the urllib3 implementation to improve standardization. (#6226)
  • Requests relaxes header component requirements to support bytes/str subclasses. (#6356)

... (truncated)

Changelog

Sourced from requests's changelog.

2.31.0 (2023-05-22)

Security

  • Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential forwarding of Proxy-Authorization headers to destination servers when following HTTPS redirects.

    When proxies are defined with user info (https://user:pass@proxy:8080), Requests will construct a Proxy-Authorization header that is attached to the request to authenticate with the proxy.

    In cases where Requests receives a redirect response, it previously reattached the Proxy-Authorization header incorrectly, resulting in the value being sent through the tunneled connection to the destination server. Users who rely on defining their proxy credentials in the URL are strongly encouraged to upgrade to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy credentials once the change has been fully deployed.

    Users who do not use a proxy or do not supply their proxy credentials through the user information portion of their proxy URL are not subject to this vulnerability.

    Full details can be read in our Github Security Advisory and CVE-2023-32681.

2.30.0 (2023-05-03)

Dependencies

2.29.0 (2023-04-26)

Improvements

  • Requests now defers chunked requests to the urllib3 implementation to improve standardization. (#6226)
  • Requests relaxes header component requirements to support bytes/str subclasses. (#6356)

2.28.2 (2023-01-12)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the pip group across 1 directory with 4 updates
380cdc1 
Bumps the pip group with 4 updates in the / directory: [flask](https://github.com/pallets/flask), [flask-cors](https://github.com/corydolphin/flask-cors), [pycryptodome](https://github.com/Legrandin/pycryptodome) and [requests](https://github.com/psf/requests).


Updates `flask` from 2.1.1 to 2.2.5
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@2.1.1...2.2.5)

Updates `flask-cors` from 3.0.10 to 4.0.1
- [Release notes](https://github.com/corydolphin/flask-cors/releases)
- [Changelog](https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md)
- [Commits](corydolphin/flask-cors@3.0.10...4.0.1)

Updates `pycryptodome` from 3.15.0 to 3.19.1
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](Legrandin/pycryptodome@v3.15.0...v3.19.1)

Updates `requests` from 2.28.1 to 2.31.0
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.28.1...v2.31.0)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: flask-cors
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pycryptodome
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: requests
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the Mend: dependency security vulnerability Security vulnerability detected by Mend label May 11, 2024
@github-actions GitHub Actions
Copy link

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
pip/Flask 2.1.1 🟢 6.7
Details
CheckScoreReason
Code-Review⚠️ 1Found 2/15 approved changesets -- score normalized to 1
Maintained🟢 1030 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases🟢 105 out of the last 5 releases have a total of 5 signed artifacts.
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
Fuzzing🟢 10project is fuzzed
Packaging🟢 10packaging workflow detected
Security-Policy🟢 9security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 64 existing vulnerabilities detected
pip/Flask-Cors 3.0.10 🟢 5
Details
CheckScoreReason
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Code-Review🟢 6Found 19/29 approved changesets -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
Vulnerabilities🟢 73 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/pycryptodome 3.15.0 🟢 5.1
Details
CheckScoreReason
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
Maintained⚠️ 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/requests 2.28.1 🟢 8.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Pinned-Dependencies🟢 10all dependencies are pinned
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 10SAST tool is run on all commits
pip/Flask 2.2.5 🟢 6.7
Details
CheckScoreReason
Code-Review⚠️ 1Found 2/15 approved changesets -- score normalized to 1
Maintained🟢 1030 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases🟢 105 out of the last 5 releases have a total of 5 signed artifacts.
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
Fuzzing🟢 10project is fuzzed
Packaging🟢 10packaging workflow detected
Security-Policy🟢 9security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 64 existing vulnerabilities detected
pip/Flask-Cors 4.0.1 🟢 5
Details
CheckScoreReason
Maintained🟢 54 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5
Code-Review🟢 6Found 19/29 approved changesets -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
Vulnerabilities🟢 73 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/pycryptodome 3.19.1 🟢 5.1
Details
CheckScoreReason
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
Maintained⚠️ 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 9license file detected
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/requests 2.31.0 🟢 8.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Pinned-Dependencies🟢 10all dependencies are pinned
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 10SAST tool is run on all commits

Scanned Manifest Files

requirements.txt

github-actions[bot]
github-actions bot reviewed May 11, 2024
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Message that will be displayed on users' first pull request

@deepsource-io deepsource.io
Copy link
Contributor

deepsource-io bot commented May 11, 2024
edited
Loading

Here's the code health analysis summary for commits d0d8125..380cdc1. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource KubeLinter LogoKubeLinter⚠️ Artifact not reportedTimed out: Artifact was never reportedView Check ↗
DeepSource Dart Analyze LogoDart Analyze⚠️ Artifact not reportedTimed out: Artifact was never reportedView Check ↗
DeepSource Slither LogoSlither⚠️ Artifact not reportedTimed out: Artifact was never reportedView Check ↗
DeepSource Solhint LogoSolhint⚠️ Artifact not reportedTimed out: Artifact was never reportedView Check ↗
DeepSource AWS CloudFormation Linter LogoAWS CloudFormation Linter⚠️ Artifact not reportedTimed out: Artifact was never reportedView Check ↗
DeepSource Terraform LogoTerraform✅ SuccessView Check ↗
DeepSource Swift LogoSwift✅ SuccessView Check ↗
DeepSource SQL LogoSQL✅ SuccessView Check ↗
DeepSource Shell LogoShell✅ SuccessView Check ↗
DeepSource Secrets LogoSecrets✅ SuccessView Check ↗
DeepSource Scala LogoScala✅ SuccessView Check ↗
DeepSource Rust LogoRust✅ SuccessView Check ↗
DeepSource Ruby LogoRuby✅ SuccessView Check ↗
DeepSource Python LogoPython✅ SuccessView Check ↗
DeepSource PHP LogoPHP✅ SuccessView Check ↗
DeepSource Kotlin LogoKotlin✅ SuccessView Check ↗
DeepSource JavaScript LogoJavaScript✅ SuccessView Check ↗
DeepSource Java LogoJava✅ SuccessView Check ↗
DeepSource Go LogoGo✅ SuccessView Check ↗
DeepSource Docker LogoDocker✅ SuccessView Check ↗
DeepSource C & C++ LogoC & C++✅ SuccessView Check ↗
DeepSource C# LogoC#✅ SuccessView Check ↗
DeepSource Ansible LogoAnsible✅ SuccessView Check ↗
💡 If you’re a repository administrator, you can configure the quality gates from the settings.

@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github May 21, 2024

Superseded by #62.

@dependabot dependabot bot closed this May 21, 2024
@dependabot dependabot bot deleted the dependabot/pip/pip-93c20e88f7 branch May 21, 2024 04:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees
No one assigned
Labels
Mend: dependency security vulnerability Security vulnerability detected by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants