search

aceinnolab / Inkycal

Create awesome e-paper dashboards within minutes! Modularity? Check! Python3? Check? Works on Raspberry Pi Zero W? Check! Support for own modules? Check!
https://aceinnolab.github.io/Inkycal/
GNU General Public License v3.0
1.21k stars 128 forks source link

[INQUIRY]: Dependency marked as 'yanked' #353

Closed Stopuhr closed 4 months ago

Stopuhr commented 4 months ago

When running manual installation like written (here)[https://github.com/aceinnolab/Inkycal?tab=readme-ov-file#manual-installation], a warning occurs:

WARNING: The candidate selected for download or install is a yanked version: 'requests' candidate (version 2.32.0 at https://files.pythonhosted.org/packages/24/e8/09e8d662a9675a4e4f5dd7a8e6127b463a091d2703ed931a64aa66d00065/requests-2.32.0-py3-none-any.whl (from https://pypi.org/simple/requests/) (requires-python:>=3.8))
Reason for being yanked: Yanked due to conflicts with CVE-2024-35195 mitigation

As I where running in Docker, I had to skip the pi-specific-configuration.

Maybe not really a bug, but the Yanked-Warning should be there for a reason ;-)

aceisace commented 4 months ago

@Stopuhr Thanks for reporting this issue. I have bumped the yanked requirement of requests initially at 32.2.0 to 32.2.3, which should fix this issue.

As this has not currently raised any issues, no branch was created for this, but you can check the commit (here)[https://github.com/aceinnolab/Inkycal/commit/7c4b89cb5ffed89a61d91b30140fb26916105355]

I'm closing this issue as it has been resolved. Should you feel a need to re-open this issue, please feel free to do so. Thanks for your contribution!