Closed Alex-Izquierdo closed 5 days ago
Should we upgrade requests
in pyproject.toml file too?
@Dostonbek1
Should we upgrade
requests
in pyproject.toml file too?
I think as it is now is fine. Requests is a nested dependency so we should rely on the constraints of the dependencies that depends on that.
In our side it is defined just for the test dependencies, so that would not be critical. But even in that case the constraint is a wildcard and seems correct:
requests = { version = "*", python = "<4.0" }
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Closed in favor of https://github.com/ansible/eda-server/pull/1075
Upgrade
requests sqlparse pydantic
deps to address the following CVE's: