seankfh
commented
1 year ago I was not using the --upgrade flag of pip-tools correctly to fetch the latest secondary and tertiary dependencies. Closing.
Closed seankfh closed 1 year ago
seankfh
commented
1 year ago I was not using the --upgrade flag of pip-tools correctly to fetch the latest secondary and tertiary dependencies. Closing.
Checking-in here to see whether the project is active and accepting pull requests. pip-audit informed us that a dependency of django-cryptography 1.1, the cryptography 39.0.0 library has been deprecated due to a vulnerability. I don't see where the version of cryptography that django-cryptography depends on is specified other than the installation instructions at the bottom of the README. What am I missing?
Name Version ID Fix Versions cryptography 39.0.0 GHSA-w7pp-m8wf-vj6r 39.0.1 cryptography 39.0.0 GHSA-x4qr-2fvf-3mr5 39.0.1
Thank you! -Sean