public/roboluke-tasks
3
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 48 Activity

[SECURITY] Update dependency future to v0.18.3 [SECURITY] #1

Merged
renovate[bot] merged 1 commits from renovate/pypi-future-vulnerability into main 2023-04-05 22:02:53 +02:00
Conversation 1 Commits 1 Files Changed 1 +1 -1
renovate[bot] commented 2023-04-05 21:58:30 +02:00 (Migrated from github.com)
Copy Link

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
future ==0.18.2 -> ==0.18.3 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-40899

An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. This issue has been patched in version 0.18.3.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [future](https://python-future.org) | `==0.18.2` -> `==0.18.3` | [![age](https://badges.renovateapi.com/packages/pypi/future/0.18.3/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/pypi/future/0.18.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/pypi/future/0.18.3/compatibility-slim/0.18.2)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/pypi/future/0.18.3/confidence-slim/0.18.2)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2022-40899](https://nvd.nist.gov/vuln/detail/CVE-2022-40899) An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. This issue has been patched in version 0.18.3. --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/luketainton/roboluke-tasks). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4zMi4yIiwidXBkYXRlZEluVmVyIjoiMzUuMzIuMiJ9-->
luketainton (Migrated from github.com) reviewed 2023-04-05 21:58:30 +02:00
sonarqubecloud[bot] commented 2023-04-05 22:00:05 +02:00 (Migrated from github.com)
Copy Link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

Kudos, SonarCloud Quality Gate passed!&nbsp; &nbsp; [![Quality Gate passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png 'Quality Gate passed')](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=1) [![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png 'Bug')](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=BUG) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=BUG) [![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png 'Vulnerability')](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=VULNERABILITY) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=VULNERABILITY) [![Security Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png 'Security Hotspot')](https://sonarcloud.io/project/security_hotspots?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=SECURITY_HOTSPOT) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/security_hotspots?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=SECURITY_HOTSPOT) [![Code Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png 'Code Smell')](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=CODE_SMELL) [![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png 'A')](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=1&resolved=false&types=CODE_SMELL) [![No Coverage information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png 'No Coverage information')](https://sonarcloud.io/component_measures?id=luketainton_roboluke-tasks&pullRequest=1&metric=coverage&view=list) No Coverage information [![No Duplication information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/NoDuplicationInfo-16px.png 'No Duplication information')](https://sonarcloud.io/component_measures?id=luketainton_roboluke-tasks&pullRequest=1&metric=duplicated_lines_density&view=list) No Duplication information
Sign in to join this conversation.
Reviewers
No reviewers
luketainton
Labels
Clear labels   
bug

Something isn't working

  
dependencies

Pull requests that update a dependency file

  
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
question

Further information is requested

  
security

   
wontfix

This will not be worked on

No Label
bug
dependencies
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: public/roboluke-tasks#1
No description provided.
Delete Branch "renovate/pypi-future-vulnerability"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?