Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security vulnerability in requests #491

Closed
jaraco opened this issue Sep 7, 2019 · 1 comment · Fixed by #497
Closed

Security vulnerability in requests #491

jaraco opened this issue Sep 7, 2019 · 1 comment · Fixed by #497

Comments

@jaraco
Copy link
Member

jaraco commented Sep 7, 2019

Github informs me that requests prior to 2.20 has a security vulnerability and recommends pinning to requests>=2.20. That seems reasonable and I'm willing to accept the proposal.
@sigmavirus24
Copy link
Member

👍

jaraco added a commit that referenced this issue Sep 22, 2019
@jaraco
Pin to requests 2.20 or later. Fixes #491.
20c33ca
@jaraco jaraco mentioned this issue Sep 22, 2019
Merged
PeterDaveHello added a commit to PeterDaveHello/octodns that referenced this issue Dec 20, 2020
@PeterDaveHello
Update development dependency twine to v3.2.0
bdf4a6f 
Twine version < 2.0 was reported has a security vulnerability

From Twine version 2.0+, it requires Python 3.6, but doesn't seem to
have other breaking changes.

Reference:

- pypa/twine#491
- https://twine.readthedocs.io/en/latest/changelog.html
@PeterDaveHello PeterDaveHello mentioned this issue Dec 20, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Pin to requests 2.20 or later. pypa/twine
2 participants
@sigmavirus24 @jaraco