what-the-diff[bot]
commented
6 months ago PR Summary
- Upgraded 'Black' Package in 'docs/requirements.txt' The version of 'Black' we use for automatically formatting our code in the documentation has been upgraded from 22.10.0 to 24.3.0. This update will provide us with the latest features and improvements for better code formatting in our documentation.
- Updated 'Black' Package in 'requirements-dev.txt' Similarly, the version of 'Black' for our development environment has been updated from 22.8.0 to 24.3.0. This ensures consistency across our environments and allows developers to leverage the most current features of this tool.
codecov[bot]
This PR contains the following updates:
==22.8.0->==24.3.0==22.10.0->==24.3.0GitHub Vulnerability Alerts
CVE-2024-21503
Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service.
Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.
Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Enabled.
β» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.