Closed dependabot[bot] closed 1 month ago
✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.
Package | Version | Score | Details | ||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
pip/Flask | 2.1.1 | :green_circle: 6.7 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/Flask-Cors | 3.0.10 | :green_circle: 4.9 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/pycryptodome | 3.15.0 | :green_circle: 5.2 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/requests | 2.28.1 | :green_circle: 8.8 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/Flask | 2.2.5 | :green_circle: 6.7 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/Flask-Cors | 4.0.1 | :green_circle: 4.9 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/pycryptodome | 3.19.1 | :green_circle: 5.2 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
pip/requests | 2.32.0 | :green_circle: 8.8 | Details
|
Here's the code health analysis summary for commits 015f7b6..f29dbfe
. View details on DeepSource ↗.
Analyzer | Status | Summary | Link |
---|---|---|---|
KubeLinter | ⚠️ Artifact not reported | Timed out: Artifact was never reported | View Check ↗ |
Dart Analyze | ⚠️ Artifact not reported | Timed out: Artifact was never reported | View Check ↗ |
Slither | ⚠️ Artifact not reported | Timed out: Artifact was never reported | View Check ↗ |
Solhint | ⚠️ Artifact not reported | Timed out: Artifact was never reported | View Check ↗ |
AWS CloudFormation Linter | ⚠️ Artifact not reported | Timed out: Artifact was never reported | View Check ↗ |
Terraform | ✅ Success | View Check ↗ | |
Swift | ✅ Success | View Check ↗ | |
SQL | ✅ Success | View Check ↗ | |
Shell | ✅ Success | View Check ↗ | |
Secrets | ✅ Success | View Check ↗ | |
Scala | ✅ Success | View Check ↗ | |
Rust | ✅ Success | View Check ↗ | |
Ruby | ✅ Success | View Check ↗ | |
Python | ✅ Success | View Check ↗ | |
PHP | ✅ Success | View Check ↗ | |
Kotlin | ✅ Success | View Check ↗ | |
JavaScript | ✅ Success | View Check ↗ | |
Java | ✅ Success | View Check ↗ | |
Go | ✅ Success | View Check ↗ | |
Docker | ✅ Success | View Check ↗ | |
C & C++ | ✅ Success | View Check ↗ | |
C# | ✅ Success | View Check ↗ | |
Ansible | ✅ Success | View Check ↗ |
💡 If you’re a repository administrator, you can configure the quality gates from the settings.
Stale pull request message
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml
Bumps the pip group with 4 updates in the / directory: flask, flask-cors, pycryptodome and requests.
Updates
flask
from 2.1.1 to 2.2.5Release notes
Sourced from flask's releases.
Changelog
Sourced from flask's changelog.
... (truncated)
Commits
47af817
release version 2.2.5afd63b1
Merge pull request #5109 from pallets/backport-vary-cookie8646edc
setVary: Cookie
header consistently for sessiona6367da
Merge pull request #5108 from pallets/werkzeug-compat3fbfbad
werkzeug 2.3.3 compatibility726d3f4
start version 2.2.5ddc7acc
Merge pull request #5081 from pallets/release-2.2.474e0329
release version 2.2.42d46068
update dev env64bc458
update dev dependenciesUpdates
flask-cors
from 3.0.10 to 4.0.1Release notes
Sourced from flask-cors's releases.
Changelog
Sourced from flask-cors's changelog.
Commits
1df178c
Release 0.4.1 (#353)5090b4a
Update CI to include Python 3.12 and flask 3.0.3 (#354)6172c20
Update extension.py to clean request.path before logging it (#351)cadade9
Fix Read the Docs builds (#345)40acc80
Update CHANGELOG to reflect 4.0.0 release (#335)dbabb27
Testing: Move from deprecated assertEquals to assertEqual (#332)0b74401
Convert CI to use GHA (#331)637595d
Remove support for old python versions (#330)c9c55e1
Release Version 3.1.01 (#329)98aca1a
Fix typo (#316)Updates
pycryptodome
from 3.15.0 to 3.19.1Release notes
Sourced from pycryptodome's releases.
... (truncated)
Changelog
Sourced from pycryptodome's changelog.
... (truncated)
Commits
ef270ab
Update wheels action3278edd
Update changelog and version10e8216
Update PSS verify signature code example.4ec4b85
Bump version0deea1b
Use constant-time (faster) padding decoding also for OAEP519e7ae
Avoid changing signature of RSA._decrypt() method if possible1aa9dca
Update changelog and bump versionafb5e27
Fix side-channel leakage in RSA decryptionee91c67
Update CMAC.py43a466d
Fix small "passes" typo.Updates
requests
from 2.28.1 to 2.32.0Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
d6ebc4a
v2.32.09a40d12
Avoid reloading root certificates to improve concurrent performance (#6667)0c030f7
Merge pull request #6702 from nateprewitt/no_char_detection555b870
Allow character detection dependencies to be optional in post-packaging stepsd6dded3
Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-testbf24b7d
Use an invalid URI that will not cause httpbin to throw 5002d5f547
Pin 3.8 and 3.9 runners back to macos-13 (#6688)f1bb07d
Merge pull request #6687 from psf/dependabot/github_actions/github/codeql-act...60047ad
Bump github/codeql-action from 3.24.0 to 3.25.031ebb81
Merge pull request #6682 from frenzymadness/pytest8Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show