Safety CI > dssg/triage

postmodeling_revision_2023

2 years, 3 months ago

cc91ded4

Merge branch 'postmodeling_revision_2023' of github.com:dssg/triage into postmodeling_revision_2023

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

d7c0688b

saving features and labels as tuples

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

382326c3

get the directory of the storage

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

f9b482f0

get directory from matrix path

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

b7f03d26

open csv

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

5546c784

adding save with command line function

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

1130b475

fixing paths to store csvs

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

ae29e1d4

adjusting outer_join

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

86ad67c2

remove unncessary csvs

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

bb82c9fc

remove unnecessary csv files generated to stitch the design matrix

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

94bf07fd

reverting dump of metadata matrix yaml

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

3c7ab2d2

matrix metadata not required as parameter

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

csvmatrix-memory-issue

2 years, 3 months ago

26ede1cc

Bytes streaming for saving csv matrices

wheel 0.37.1 and sqlparse 0.4.2 have known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.37.1	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages
sqlparse	0.4.2	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.2	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

wheel

0.37.1

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

sqlparse

0.4.2

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.2

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-scheduled-update-2023-05-01

2 years, 3 months ago

0ddef259

Update tox from 3.25.0 to 4.5.1

No dependencies with known security vulnerabilities.

pyup-scheduled-update-2023-05-01

2 years, 3 months ago

557e4bde

Update codecov from 2.1.12 to 2.1.13

No dependencies with known security vulnerabilities.