Upgrade bleach to version 3.3.0 or later - Githubissues

dbeatty10 / dbt-mysql

dbt-mysql contains all of the code enabling dbt to work with MySQL and MariaDB

Apache License 2.0

75 stars 53 forks source link

Upgrade bleach to version 3.3.0 or later #54

Closed dbeatty10 closed 3 years ago

dbeatty10 commented 3 years ago

Description

Upgrade bleach to version 3.3.0 or later

Background

pipenv graph showed the following:

twine==3.3.0
  - readme-renderer [required: >=21.0, installed: 28.0]
    - bleach [required: >=2.1.0, installed: 3.2.3]

But there is a moderate security vulnerability for versions of bleach earlier than 3.3.0.

Appropriate updates should yield something like:

twine==3.3.0
  - readme-renderer [required: >=21.0, installed: 28.0]
    - bleach [required: >=2.1.0, installed: 3.3.0]

References