search

sanic-org / sanic-testing

Test clients for Sanic
https://sanic.dev/en/plugins/sanic-testing/getting-started.html
MIT License
31 stars 19 forks source link

Allow httpx 0.23.0 #38

Closed novotl closed 2 years ago

novotl commented 2 years ago

httpx < 0.23.0 contains security vulnerability https://github.com/advisories/GHSA-h8pj-cxx2-jfg2 that was fixed in httpx = 0.23.0 in:

The version containing the hotfix is currently not allowed

https://github.com/sanic-org/sanic-testing/blob/04b1b9672ba18726283697bae84e20bf0a8b684d/setup.py#L49-L51

ahopkins commented 2 years ago

Thanks. I have been very hesitant to release the upper bound because of the history of the project to introduce breaking changes.

ahopkins commented 2 years ago

@novotl Looks like it runs okay. Would you submit a PR for the change?

novotl commented 2 years ago

Thanks @nshaaban-cPacket for submitting a PR https://github.com/sanic-org/sanic-testing/pull/39!

ghost commented 2 years ago

@ahopkins What's your opinion using aiohttp?