Safety CI > aergoio/herapy

pyup-scheduled-update-2020-04-01

6 years ago

3348b82a

Update bleach from 3.1.3 to 3.1.4

No dependencies with known security vulnerabilities.

dependabot/pip/bleach-3.1.4

6 years ago

64c25873

Bump bleach from 3.1.3 to 3.1.4 Bumps [bleach](https://github.com/mozilla/bleach) from 3.1.3 to 3.1

No dependencies with known security vulnerabilities.

develop

6 years, 1 month ago

cf8a6ab0

Fix bare except: specify exception (#83) * Fix bare except: specify exception * Update test depe

No dependencies with known security vulnerabilities.

dependabot/pip/bleach-3.1.2

6 years, 1 month ago

d3a3a784

Bump bleach from 3.1.1 to 3.1.2 Bumps [bleach](https://github.com/mozilla/bleach) from 3.1.1 to 3.1

codecov 2.0.16 has known security vulnerabilities.

Package	Installed	Affected	Info

fix_bare_except

6 years, 1 month ago

64aa34f9

Wrapp UnicodeDecodeError in ValueError to give error message

No dependencies with known security vulnerabilities.

develop

6 years, 1 month ago

9c4d40e1

fix bug for creating account without a node connection

bleach 3.1.1 and codecov 2.0.16 have known security vulnerabilities.

Package	Installed	Affected	Info
bleach	3.1.1	<3.3.0	show Bleach 3.3.0 includes a fix for CVE-2021-23980: A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.
bleach	3.1.1	<3.1.2	show Bleach 3.1.2 includes a fix for CVE-2020-6816: Mutation XSS via whitelisted math or svg and RCDATA tag with strip=False. https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743
bleach	3.1.1	<=3.1.3	show Bleach 3.1.4 includes a fix for CVE-2020-6817: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

Package

Installed

Affected

Info

bleach

3.1.1

<3.3.0

show

Bleach 3.3.0 includes a fix for CVE-2021-23980: A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.

bleach

3.1.1

<3.1.2

show

Bleach 3.1.2 includes a fix for CVE-2020-6816: Mutation XSS via whitelisted math or svg and RCDATA tag with strip=False.
https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743

bleach

3.1.1

<=3.1.3

show

Bleach 3.1.4 includes a fix for CVE-2020-6817: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

fix_bare_except

6 years, 1 month ago

dd79f882

Update test dependencies

No dependencies with known security vulnerabilities.

fix_bare_except

6 years, 1 month ago

d5967703

Fix bare except: specify exception

bleach 3.1.1 and codecov 2.0.16 have known security vulnerabilities.

Package	Installed	Affected	Info
bleach	3.1.1	<3.3.0	show Bleach 3.3.0 includes a fix for CVE-2021-23980: A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.
bleach	3.1.1	<3.1.2	show Bleach 3.1.2 includes a fix for CVE-2020-6816: Mutation XSS via whitelisted math or svg and RCDATA tag with strip=False. https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743
bleach	3.1.1	<=3.1.3	show Bleach 3.1.4 includes a fix for CVE-2020-6817: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

Package

Installed

Affected

Info

bleach

3.1.1

<3.3.0

show

Bleach 3.3.0 includes a fix for CVE-2021-23980: A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.

bleach

3.1.1

<3.1.2

show

Bleach 3.1.2 includes a fix for CVE-2020-6816: Mutation XSS via whitelisted math or svg and RCDATA tag with strip=False.
https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743

bleach

3.1.1

<=3.1.3

show

Bleach 3.1.4 includes a fix for CVE-2020-6817: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

develop

6 years, 1 month ago

ce4cb80a

update release 2.0.dev1

No dependencies with known security vulnerabilities.

develop

6 years, 1 month ago

71ea3542

Merge pull request #82 from aergoio/features/async_wait_batch_tx_result Features/async wait batch t

No dependencies with known security vulnerabilities.

features/async_wait_batch_tx_result

6 years, 1 month ago

ffb3ad73

fix flake8 error

No dependencies with known security vulnerabilities.

features/async_wait_batch_tx_result

6 years, 1 month ago

59eedd3c

fix for mypy error

No dependencies with known security vulnerabilities.

features/async_wait_batch_tx_result

6 years, 1 month ago

422decaa

apply asyncio for waiting tx result, especially for the performance of getting batch result

No dependencies with known security vulnerabilities.

develop

6 years, 1 month ago

66c9b5c2

separate decode_contract_code(0 from decode_address() and add CONTRACT_VERSION

No dependencies with known security vulnerabilities.

develop

6 years, 1 month ago

365f03aa

rename exception when node connection is not initialized

No dependencies with known security vulnerabilities.