Poetry warns that `requests-2.32.0-py3-none-any.whl` is yanked

lervag / apy

CLI script for interacting with local Anki collection

MIT License

228 stars 17 forks source link

Poetry warns that `requests-2.32.0-py3-none-any.whl` is yanked #96

Closed camoz closed 3 months ago

camoz commented 3 months ago

No idea really why this is the case or how important it is, but I wanted to mention that when I was installing apy dependencies via poetry just now, I got this warning:

Warning: The file chosen for install of requests 2.32.0 (requests-2.32.0-py3-none-any.whl) is yanked. Reason for being yanked: Yanked due to conflicts with CVE-2024-35195 mitigation

(What's confusing me is that this CVE appears to be fixed in requests 2.32.0...)

lervag commented 3 months ago

Huh, interesting. I'll try to reproduce.

lervag commented 3 months ago

Ok, I've updated dependencies and that seemed to fix it.

camoz commented 3 months ago

Yes, can confirm it's fixed.

lervag commented 3 months ago

Cool, thanks for confirming it!