Pysnyk depends on Retry, which has not had a pypi release since 2016.
That release of Retry included a dependency on Py which has had a CVE raised against it (CVE-2022-42969)
Although this has been determined to be a false positive by Snyk (ST-1653) it can still raise queries from customers.
Retry has pushed a fix to master to remove this dependency, but there is no pypi release.
Suggestion is to investigate use of other more actively maintained projects that perform a similar function, such as backoff or tenacity
Is there an existing feature request for this?
Description
Pysnyk depends on Retry, which has not had a pypi release since 2016. That release of Retry included a dependency on Py which has had a CVE raised against it (CVE-2022-42969) Although this has been determined to be a false positive by Snyk (ST-1653) it can still raise queries from customers.
Retry has pushed a fix to master to remove this dependency, but there is no pypi release.
Suggestion is to investigate use of other more actively maintained projects that perform a similar function, such as backoff or tenacity
Additional Information
No response