Safety CI > cookiecutter/cookiecutter-django

pyup-update-black-23.1.0-to-23.3.0

3 years, 1 month ago

a1ca4f47

Update black from 23.1.0 to 23.3.0

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

pyup-update-black-23.1.0-to-23.3.0

3 years, 1 month ago

123b396d

Update black from 23.1.0 to 23.3.0

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

update/pre-commit-autoupdate

3 years, 1 month ago

f75dc174

Auto-update pre-commit hooks

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

d77b33df

Update code of conduct link

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

pyup-update-sentry-sdk-1.17.0-to-1.18.0

3 years, 1 month ago

f116bd2a

Update sentry-sdk from 1.17.0 to 1.18.0

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

dependabot/npm_and_yarn/{{cookiecutter.project_slug}}/cssnano-6.0.0

3 years, 1 month ago

e96581e9

Bump cssnano from 5.1.15 to 6.0.0 in /{{cookiecutter.project_slug}} Bumps [cssnano](https://github.

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

53029732

Release 2023.03.27

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

6475dffb

Update watchfiles from 0.18.1 to 0.19.0 (#4232)

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

pyup-update-watchfiles-0.18.1-to-0.19.0

3 years, 1 month ago

b779686e

Update watchfiles from 0.18.1 to 0.19.0

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

b1d06f32

Release 2023.03.26

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

3ca2c87a

Update tox from 4.4.7 to 4.4.8 (#4231)

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

pyup-update-tox-4.4.7-to-4.4.8

3 years, 1 month ago

747a5868

Update tox from 4.4.7 to 4.4.8

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

8156efd5

Update pre-commit to 3.2.1 (#4229) * Update pre-commit from 3.2.0 to 3.2.1 * Update pre-commit f

redis 4.5.3 has known security vulnerabilities.

Package	Installed	Affected	Info
redis	4.5.3	>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4	show Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general. https://github.com/advisories/GHSA-8fww-64cx-x8p5

Package

Installed

Affected

Info

redis

4.5.3

>=4.5.0,<4.5.4 , >=4.2.0rc1,<4.4.4

show

Redis 4.4.4 and 4.5.4 include a fix for CVE-2023-28859: Redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. (This could, for example, happen for a non-pipeline operation.) NOTE: the solutions for CVE-2023-28859 address data leakage across AsyncIO connections in general.
https://github.com/advisories/GHSA-8fww-64cx-x8p5

master

3 years, 1 month ago

2517d037

Release 2023.03.25

No dependencies with known security vulnerabilities.

pyup-update-pre-commit-3.2.0-to-3.2.1

3 years, 1 month ago

c6376375

Update pre-commit from 3.2.0 to 3.2.1

No dependencies with known security vulnerabilities.