Safety vulnerability ID: 41832
The information on this page was manually curated by our Cybersecurity Intelligence Team.
In-toto version 1.0.1 updates its dependency "cryptography" to include a security fix.
Latest version: 3.0.0
A framework to define and secure the integrity of software supply chains
Added
* Added tests that use source and destination prefixes in match rules, courtesy of
Brandon Michael Hunter (456)
Changed
* Updated documentation of command alignment during verification workflow (455)
* Started using GitHub-native dependabot (450)
* Bump dependencies: attrs (451), six (452), securesystemslib (453),
cffi (457), python-dateutil (458), iso8601 (459), pathspec (460)
* Fixed linter warnings (462)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application