Safety CI > mostafa/grest

pyup-update-dicttoxml-1.7.4-to-1.7.15

1 year, 11 months ago

7d1d2760

Update dicttoxml from 1.7.4 to 1.7.15

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.14

1 year, 11 months ago

2ca62be6

Update dicttoxml from 1.7.4 to 1.7.14

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.13

1 year, 11 months ago

43c708dc

Update dicttoxml from 1.7.4 to 1.7.13

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.12

1 year, 11 months ago

d3a8acf0

Update dicttoxml from 1.7.4 to 1.7.12

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.11

1 year, 12 months ago

5ad4d488

Update dicttoxml from 1.7.4 to 1.7.11

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.10

1 year, 12 months ago

b7f32c0b

Update dicttoxml from 1.7.4 to 1.7.10

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.8

1 year, 12 months ago

b948f98c

Update dicttoxml from 1.7.4 to 1.7.8

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.7

1 year, 12 months ago

50872101

Update dicttoxml from 1.7.4 to 1.7.7

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.6

1 year, 12 months ago

754d99b4

Update dicttoxml from 1.7.4 to 1.7.6

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-dicttoxml-1.7.4-to-1.7.5

1 year, 12 months ago

52395251

Update dicttoxml from 1.7.4 to 1.7.5

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-setuptools-57.0.0-to-65.6.3

1 year, 12 months ago

96c1809c

Update setuptools from 57.0.0 to 65.6.3

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-setuptools-57.0.0-to-65.6.2

2 years ago

f75ac04a

Update setuptools from 57.0.0 to 65.6.2

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-flake8-3.9.2-to-6.0.0

2 years ago

7a7a81fa

Update flake8 from 3.9.2 to 6.0.0

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-setuptools-57.0.0-to-65.6.1

2 years ago

21ce2451

Update setuptools from 57.0.0 to 65.6.1

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

pyup-update-setuptools-57.0.0-to-65.6.0

2 years ago

a6d810d1

Update setuptools from 57.0.0 to 65.6.0

neomodel 4.0.4, cookiecutter 1.7.3 and pytest-runner 5.3.1 have known security vulnerabilities.

Package	Installed	Affected	Info
neomodel	4.0.4	<4.0.5	show Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).
cookiecutter	1.7.3	<2.1.1	show Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.
pytest-runner	5.3.1	>0	show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst

Package

Installed

Affected

Info

neomodel

4.0.4

<4.0.5

show

Neomodel 4.0.5 fixes issue with enforcing secure URI scheme (+s).

cookiecutter

1.7.3

<2.1.1

show

Cookiecutter 2.1.1 includes a fix for CVE-2022-24065: Cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

pytest-runner

5.3.1

>0

show

Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684.
It is recommended that you:
- Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option.
- Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option.
- Select a tool to bootstrap and then run tests such as tox.
https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst