Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump requests from 2.28.2 to 2.31.0 #1071

Merged

Conversation

miettal
Copy link
Contributor

@miettal miettal commented Aug 17, 2023

SUMMARY

I bumped requests library 2.28.2 to 2.31.0, because my environment dependabot alert to requests 2.28.2.
I understood this code is part of testing and this has no effect.
But this is annoying warning for users with dependabot enabled.

this is just suggestion, if this project decide to don't care it, please just close this PR.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

molecule(testing tool)

ADDITIONAL INFORMATION

GHSA-j8r2-6x86-q33q

@pyrodie18
Copy link
Collaborator

@miettal , not sure what changed between those two versions but looking at the test run, something definitely changed. If you are willing to figure out what broke, then please keep this open and update it when you figure it out otherwise go ahead and close it and I would suggest putting in a ticket.

@miettal
Copy link
Contributor Author

miettal commented Aug 18, 2023

it seems docker python client has no compatibility to latest urllib3 library.
I try to update docker dependency.
docker/docker-py#3113

@pyrodie18 pyrodie18 merged commit 3df6a62 into ansible-collections:main Aug 19, 2023
278 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants