Dostonbek1
commented
3 months ago Should we upgrade requests in pyproject.toml file too?
Closed Alex-Izquierdo closed 5 days ago
Dostonbek1
commented
3 months ago Should we upgrade requests in pyproject.toml file too?
Alex-Izquierdo
commented
3 months ago @Dostonbek1
Should we upgrade
requestsin pyproject.toml file too?
I think as it is now is fine. Requests is a nested dependency so we should rely on the constraints of the dependencies that depends on that.
In our side it is defined just for the test dependencies, so that would not be critical. But even in that case the constraint is a wildcard and seems correct:
requests = { version = "*", python = "<4.0" }
sonarcloud[bot]
commented
2 months ago 
Quality Gate passedIssues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
sonarcloud[bot]
commented
5 days ago Quality Gate passedIssues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Alex-Izquierdo
commented
5 days ago Closed in favor of https://github.com/ansible/eda-server/pull/1075
Upgrade
requests sqlparse pydanticdeps to address the following CVE's: