[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1

guibranco commented 1 month ago

This PR was automatically created by Snyk using the credentials of a real user.

![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123) ### Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project. #### Snyk changed the following file(s): - `requirements.txt` --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - Max score is 1000. Note that the real score may have changed since the PR was raised. > - This PR was automatically created by Snyk using the credentials of a real user. > - Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: 🧐 [View latest project report](https://app.snyk.io/org/guibranco/project/7069b772-2ca6-4fae-b46b-2e00c1467d65?utm_source=github&utm_medium=referral&page=fix-pr) 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) 🛠 [Adjust project settings](https://app.snyk.io/org/guibranco/project/7069b772-2ca6-4fae-b46b-2e00c1467d65?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read about Snyk's upgrade logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr) [//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"zipp","from":"3.15.0","to":"3.19.1"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"}],"prId":"6e7fc5a7-b348-4010-9f0b-4c94f5d262f6","prPublicId":"6e7fc5a7-b348-4010-9f0b-4c94f5d262f6","packageManager":"pip","priorityScoreList":[738],"projectPublicId":"7069b772-2ca6-4fae-b46b-2e00c1467d65","projectUrl":"https://app.snyk.io/org/guibranco/project/7069b772-2ca6-4fae-b46b-2e00c1467d65?utm_source=github&utm_medium=referral&page=fix-pr","prType":"backlog","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["pkg-based-remediation","updated-fix-title","priorityScore"],"type":"auto","upgrade":[],"vulns":["SNYK-PYTHON-ZIPP-7430899"],"patch":[],"isBreakingChange":false,"remediationStrategy":"dependency"}'

codacy-production[bot] commented 1 month ago

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
:white_check_mark: +0.00% (target: -1.00%)	:white_check_mark: ∅

Coverage variation details

| | Coverable lines | Covered lines | Coverage | | ------------- | ------------- | ------------- | ------------- | | Common ancestor commit (ed9e005826eba0e26aa07690b94b12f0674947bd) | 212 | 202 | 95.28% | | | Head commit (de500334fd2c52f53858e1406797de5f4e634a2d) | 212 (+0) | 202 (+0) | 95.28% (**+0.00%**) | **Coverage variation** is the difference between the coverage for the head and common ancestor commits of the pull request branch: ` - `

Diff coverage details

| | Coverable lines | Covered lines | Diff coverage | | ------------- | ------------- | ------------- | ------------- | | Pull request (#185) | 0 | 0 | **∅ (not applicable)** | **Diff coverage** is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: `/ * 100%`

See your quality gate settings Change summary preferences

_{:rocket: Don’t miss a bit, follow what’s new on Codacy.}

_{Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more}

github-actions[bot] commented 1 month ago

Infisical secrets check: :white_check_mark: No secrets leaked!

Scan results:

1:57AM INF scanning for exposed secrets...
1:58AM INF 126 commits scanned.
1:58AM INF scan completed in 412ms
1:58AM INF no leaks found

codecov[bot] commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 95.16%. Comparing base (ed9e005) to head (de50033). Report is 1 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #185 +/- ## ======================================= Coverage 95.16% 95.16% ======================================= Files 7 7 Lines 207 207 ======================================= Hits 197 197 Misses 10 10 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

deepsource-io[bot] commented 1 month ago

Here's the code health analysis summary for commits ed9e005..de50033. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Link
Test coverage	✅ Success	View Check ↗
SQL	✅ Success	View Check ↗
Secrets	✅ Success	View Check ↗
PHP	✅ Success	View Check ↗
Docker	✅ Success	View Check ↗