- From: Jens Oliver Meiert via GitHub <sysbot+gh@w3.org>
- Date: Fri, 02 Aug 2024 19:09:14 +0000
- To: public-css-archive@w3.org
j9t has just submitted a new pull request for https://github.com/w3c/csswg-drafts: == [css-?] Update bin/requirements.txt to reduce vulnerabilities == Casual find after Snyk complained about this in my csswg-drafts fork. Filing PR after [brief chat](https://github.com/j9t/csswg-drafts/pull/1#issuecomment-2265045632) with @tabatkins. ---- The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-5798483 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6057353 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091623 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6808823 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 See https://github.com/w3c/csswg-drafts/pull/10676 -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 2 August 2024 19:09:15 UTC