Safety CI > tawilkinson/boardgamebot

pyup-update-requests-2.32.5-to-2.33.1

1 week, 1 day ago

19e42d5e

Update requests from 2.32.5 to 2.33.1

No dependencies with known security vulnerabilities.

pyup-update-numpy-2.4.2-to-2.4.4

1 week, 3 days ago

df25a413

Update numpy from 2.4.2 to 2.4.4

requests 2.32.5 has known security vulnerabilities.

Package	Installed	Affected	Info
requests	2.32.5	<2.33.0	show Affected versions of the requests package are vulnerable to Insecure Temporary File reuse due to predictable temporary filename generation in extract_zipped_paths(). The requests.utils.extract_zipped_paths() utility extracts files from zip archives into the system temporary directory using a deterministic path, and if that file already exists, the function reuses it without validating that it is the expected extracted content.

Package

Installed

Affected

Info

requests

2.32.5

<2.33.0

show

Affected versions of the requests package are vulnerable to Insecure Temporary File reuse due to predictable temporary filename generation in extract_zipped_paths(). The requests.utils.extract_zipped_paths() utility extracts files from zip archives into the system temporary directory using a deterministic path, and if that file already exists, the function reuses it without validating that it is the expected extracted content.

pyup-update-requests-2.32.5-to-2.33.0

1 week, 6 days ago

745d8c90

Update requests from 2.32.5 to 2.33.0

No dependencies with known security vulnerabilities.

pyup-update-cachetools-7.0.1-to-7.0.5

1 month ago

1733c59d

Update cachetools from 7.0.1 to 7.0.5

No dependencies with known security vulnerabilities.

pyup-update-numpy-2.4.2-to-2.4.3

1 month ago

11bc2148

Update numpy from 2.4.2 to 2.4.3

No dependencies with known security vulnerabilities.

pyup-update-cachetools-7.0.1-to-7.0.4

1 month ago

00b2a933

Update cachetools from 7.0.1 to 7.0.4

No dependencies with known security vulnerabilities.

pyup-update-cachetools-7.0.1-to-7.0.3

1 month ago

01c94b72

Update cachetools from 7.0.1 to 7.0.3

No dependencies with known security vulnerabilities.

pyup-update-discord.py-2.7.0-to-2.7.1

1 month ago

4bbe5ce7

Update discord.py from 2.7.0 to 2.7.1

No dependencies with known security vulnerabilities.

pyup-update-python_dotenv-1.2.1-to-1.2.2

1 month, 1 week ago

906fe771

Update python_dotenv from 1.2.1 to 1.2.2

No dependencies with known security vulnerabilities.

pyup-update-cachetools-7.0.1-to-7.0.2

1 month, 1 week ago

5d1699dd

Update cachetools from 7.0.1 to 7.0.2

No dependencies with known security vulnerabilities.

main

1 month, 1 week ago

63e84ba5

Merge pull request #326 from tawilkinson/pyup-update-discord.py-2.6.3-to-2.7.0 Update discord.py to

No dependencies with known security vulnerabilities.

pyup-update-discord.py-2.6.3-to-2.7.0

1 month, 1 week ago

29a763c3

Merge branch 'main' into pyup-update-discord.py-2.6.3-to-2.7.0

No dependencies with known security vulnerabilities.

main

1 month, 1 week ago

786572ab

Merge pull request #325 from tawilkinson/pyup-update-cachetools-6.2.4-to-7.0.1 Update cachetools to

No dependencies with known security vulnerabilities.

main

1 month, 1 week ago

71ee9472

Merge pull request #323 from tawilkinson/pyup-update-numpy-2.3.5-to-2.4.2 Update numpy to 2.4.2

No dependencies with known security vulnerabilities.

main

1 month, 1 week ago

ac79cb1c

Merge pull request #319 from tawilkinson/pyup-update-scikit_image-0.25.1-to-0.26.0 Update scikit_im

No dependencies with known security vulnerabilities.