Safety CI > tawilkinson/boardgamebot

main

21 hours ago

8fad48b8

Merge pull request #294 from tawilkinson/pyup-update-python_dotenv-1.1.0-to-1.1.1 Update python_dot

No dependencies with known security vulnerabilities.

pyup-update-python_dotenv-1.1.0-to-1.1.1

21 hours ago

55aae79f

Merge branch 'main' into pyup-update-python_dotenv-1.1.0-to-1.1.1

No dependencies with known security vulnerabilities.

main

21 hours ago

75fe346d

Merge pull request #293 from tawilkinson/pyup-update-lxml-5.4.0-to-6.0.0 Update lxml to 6.0.0

No dependencies with known security vulnerabilities.

pyup-update-lxml-5.4.0-to-6.0.0

21 hours ago

0fc3656c

Merge branch 'main' into pyup-update-lxml-5.4.0-to-6.0.0

No dependencies with known security vulnerabilities.

main

21 hours ago

ee249dae

Merge pull request #292 from tawilkinson/pyup-update-numpy-2.2.5-to-2.3.1 Update numpy to 2.3.1

No dependencies with known security vulnerabilities.

main

21 hours ago

e72f4a5c

Merge pull request #291 from tawilkinson/pyup-update-cachetools-5.5.2-to-6.1.0 Update cachetools to

No dependencies with known security vulnerabilities.

main

21 hours ago

d4a6cd0d

Merge pull request #290 from tawilkinson/pyup-update-requests-2.32.3-to-2.32.4 Update requests to 2

No dependencies with known security vulnerabilities.

main

21 hours ago

e602ab39

Merge pull request #288 from tawilkinson/pyup-update-scikit-learn-1.6.1-to-1.7.0 Update scikit-lear

requests 2.32.3 has known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.32.3	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

Package

Installed

Affected

Info

requests

2.32.3

<2.32.4

show

Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

pyup-update-python_dotenv-1.1.0-to-1.1.1

1 day, 15 hours ago

50d8fb8b

Update python_dotenv from 1.1.0 to 1.1.1

requests 2.32.3 has known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.32.3	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

Package

Installed

Affected

Info

requests

2.32.3

<2.32.4

show

Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

pyup-update-lxml-5.4.0-to-6.0.0

1 day, 15 hours ago

82f58dc9

Update lxml from 5.4.0 to 6.0.0

requests 2.32.3 has known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.32.3	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

Package

Installed

Affected

Info

requests

2.32.3

<2.32.4

show

Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

pyup-update-numpy-2.2.5-to-2.3.1

6 days ago

37cbd7b6

Update numpy from 2.2.5 to 2.3.1

requests 2.32.3 has known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.32.3	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

Package

Installed

Affected

Info

requests

2.32.3

<2.32.4

show

Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

pyup-update-cachetools-5.5.2-to-6.1.0

1 week, 4 days ago

6336dc50

Update cachetools from 5.5.2 to 6.1.0

requests 2.32.3 has known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.32.3	<2.32.4	show Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

Package

Installed

Affected

Info

requests

2.32.3

<2.32.4

show

Requests is an HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

pyup-update-requests-2.32.3-to-2.32.4

2 weeks, 3 days ago

d6641e06

Update requests from 2.32.3 to 2.32.4

No dependencies with known security vulnerabilities.

pyup-update-numpy-2.2.5-to-2.3.0

2 weeks, 6 days ago

56b2901d

Update numpy from 2.2.5 to 2.3.0

No dependencies with known security vulnerabilities.

pyup-update-scikit-learn-1.6.1-to-1.7.0

3 weeks, 1 day ago

5fff9747

Update scikit-learn from 1.6.1 to 1.7.0

No dependencies with known security vulnerabilities.