search

arthurdejong / python-stdnum

A Python library to provide functions to handle, parse and validate standard numbers.
https://arthurdejong.org/python-stdnum/
GNU Lesser General Public License v2.1
498 stars 206 forks source link

new version with updated jquery #236

Closed maxmealy closed 3 years ago

maxmealy commented 4 years ago

Would it be possible to release a new versioned package with the Upgrade jQuery to 3.5.1 commit in it? The older jquery version has CVEs associated with it that can (erroneously) cause python-stdnum to get flagged by security scanning software.

Thank you!

arthurdejong commented 4 years ago

Hi @maxmealy,

The plan was to make a new release soonish ;) (sorry to not be much more specific). There are a few new number formats that I would like to get in also.

Note that jQuery as included is only used if you use the online sample application (as seen on https://arthurdejong.org/python-stdnum/check/) and it is not used normally when you use python-stdnum (i.e. the file is not even present in the wheel that you would normally install with pip install).

maxmealy commented 4 years ago

Hi @arthurdejong - thanks, I'll be patient! This is a really great tool - thanks for making this available.

Yah, I definitely agree it is a non-issue in practice. But, since it's in the manifest, it makes it into the source distribution on PyPi, which I think is what got scanned.

arthurdejong commented 3 years ago

Release 1.15 was just uploaded to PyPI that includes jQuery 3.5.1. Sorry it took so long.