Closed abyss638 closed 9 months ago
Resolves https://github.com/microsoft/sarif-tools/security/dependabot/3
Updated pytest to `>7.2.0' (7.4.2) which doesn't include vulnerable 'py' library.
pytest
> poetry update Updating dependencies Resolving dependencies... (1.1s) Package operations: 2 installs, 2 updates, 4 removals • Removing attrs (23.1.0) • Removing more-itertools (10.1.0) • Removing py (1.11.0) • Removing wcwidth (0.2.8) • Installing exceptiongroup (1.1.3) • Installing iniconfig (2.0.0) • Updating pluggy (0.13.1 -> 1.3.0) • Updating pytest (5.4.3 -> 7.4.2)
Resolves https://github.com/microsoft/sarif-tools/security/dependabot/3
Updated
pytest
to `>7.2.0' (7.4.2) which doesn't include vulnerable 'py' library.