Safety CI > mzollin/qr-pirate

master

2 months, 2 weeks ago

d904f790

Merge pull request #311 from mzollin/pyup-update-requests-2.32.4-to-2.32.5 Update requests to 2.32.

No dependencies with known security vulnerabilities.

pyup-update-lxml-6.0.0-to-6.0.1

2 months, 2 weeks ago

80ffd43e

Update lxml from 6.0.0 to 6.0.1

No dependencies with known security vulnerabilities.

pyup-update-requests-2.32.4-to-2.32.5

2 months, 2 weeks ago

286a361d

Update requests from 2.32.4 to 2.32.5

No dependencies with known security vulnerabilities.

master

2 months, 2 weeks ago

01036505

Merge pull request #310 from mzollin/pyup-update-certifi-2025.7.14-to-2025.8.3 Update certifi to 20

No dependencies with known security vulnerabilities.

pyup-update-certifi-2025.7.14-to-2025.8.3

3 months ago

4bf52b1a

Update certifi from 2025.7.14 to 2025.8.3

No dependencies with known security vulnerabilities.

master

3 months, 2 weeks ago

a01576ad

Merge pull request #309 from mzollin/pyup-update-certifi-2025.6.15-to-2025.7.14 Update certifi to 2

No dependencies with known security vulnerabilities.

pyup-update-certifi-2025.6.15-to-2025.7.14

3 months, 3 weeks ago

cc3ea9d8

Update certifi from 2025.6.15 to 2025.7.14

No dependencies with known security vulnerabilities.

pyup-update-certifi-2025.6.15-to-2025.7.9

3 months, 4 weeks ago

d3dfa5b9

Update certifi from 2025.6.15 to 2025.7.9

No dependencies with known security vulnerabilities.

master

4 months ago

62481fab

Merge pull request #307 from mzollin/pyup-update-pillow-11.2.1-to-11.3.0 Update pillow to 11.3.0

No dependencies with known security vulnerabilities.

pyup-update-pillow-11.2.1-to-11.3.0

4 months ago

4da17c4c

Update pillow from 11.2.1 to 11.3.0

No dependencies with known security vulnerabilities.

master

4 months, 1 week ago

f132233a

Merge pull request #306 from mzollin/pyup-update-lxml-5.4.0-to-6.0.0 Update lxml to 6.0.0

No dependencies with known security vulnerabilities.

pyup-update-lxml-5.4.0-to-6.0.0

4 months, 1 week ago

303c3f0b

Update lxml from 5.4.0 to 6.0.0

No dependencies with known security vulnerabilities.

master

4 months, 1 week ago

0974bc08

Merge pull request #305 from mzollin/pyup-update-urllib3-2.4.0-to-2.5.0 Update urllib3 to 2.5.0

No dependencies with known security vulnerabilities.

master

4 months, 1 week ago

840902db

Merge pull request #304 from mzollin/pyup-update-certifi-2025.4.26-to-2025.6.15 Update certifi to 2

urllib3 2.4.0 has known security vulnerabilities.

Package	Installed	Affected	Info
urllib3	2.4.0	>=2.2.0,<2.5.0	show Urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and before 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime, utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behaviour. This issue has been patched in version 2.5.0.
urllib3	2.4.0	<2.5.0	show urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0.

Package

Installed

Affected

Info

urllib3

2.4.0

>=2.2.0,<2.5.0

show

Urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and before 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime, utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behaviour. This issue has been patched in version 2.5.0.

urllib3

2.4.0

<2.5.0

show

urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0.

pyup-update-urllib3-2.4.0-to-2.5.0

4 months, 2 weeks ago

e40c19de

Update urllib3 from 2.4.0 to 2.5.0

No dependencies with known security vulnerabilities.