chore(deps): update dependency tqdm to v4.66.3 [security]

renovate[bot] commented 6 months ago

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
tqdm	`==4.51.0` -> `==4.66.3`
tqdm	`==4.64.1` -> `==4.66.3`

GitHub Vulnerability Alerts

Impact

Any optional non-boolean CLI arguments (e.g. --delim, --buf-size, --manpath) are passed through python's eval, allowing arbitrary code execution. Example:

python -m tqdm --manpath="\" + str(exec(\"import os\nos.system('echo hi && killall python3')\")) + \""

Patches

https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316 released in tqdm>=4.66.3

Workarounds

None

References

https://github.com/tqdm/tqdm/releases/tag/v4.66.3

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

what-the-diff[bot] commented 6 months ago

PR Summary

Updated tqdm Package Version The version of the tqdm package, a tool used in our system for showing progress bars, has been updated in both the main requirements and the development requirements files. The update moves from version 4.51.0 to the newer version 4.66.3. This will likely increase the performance and stability of the progress bar feature.

codecov[bot] commented 6 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 33.67%. Comparing base (ad09368) to head (a46f87e).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #824 +/- ## ======================================= Coverage 33.67% 33.67% ======================================= Files 5 5 Lines 677 677 ======================================= Hits 228 228 Misses 449 449 ``` | [Flag](https://app.codecov.io/gh/JuryA/landscape_api_py3/pull/824/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ji%C5%99%C3%AD+Altman) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/JuryA/landscape_api_py3/pull/824/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ji%C5%99%C3%AD+Altman) | `33.67% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Ji%C5%99%C3%AD+Altman#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

JuryA / landscape_api_py3