Safety vulnerability ID: 61646
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Nba-api 1.1.14 updates its dependency 'numpy' to v1.22.2 to include a security fix.
Latest version: 1.4.1
An API Client package to access the APIs for NBA.com
Fixed
- Fixed a team turnover regular expression when working with PlayByPlay data.
- Endpoints
- Fixed [PlayerGameLogs](https://github.com/FarhanSajid1/nba_api/blob/master/src/nba_api/stats/endpoints/playergamelogs.py) parameter OppTeamID --> OpponentTeamID ([#311](https://github.com/swar/nba_api/pull/311) - [FarhanSajid1](https://github.com/FarhanSajid1)
Added
- [Poetry](https://python-poetry.org/): Python dependency management and packaging made easy
- [Snyk](https://snyk.io/) for Security Scanning
- Exclusion to `.gitignore` for `.dccache` files created by Snyk CLI
- Introduced .flake8, resolve a number of style guide issues, added exclusions with future TODOs
Changed
- Minimum Version for NumPy has been set to v1.22.22 due to a security vulnerability in [NumPy v1.21.6](https://security.snyk.io/package/pip/numpy/1.21.6)
Removed
- Support for Python 3.7 due to a security vulnerability in [NumPy v1.21.6](https://security.snyk.io/package/pip/numpy/1.21.6)
Security
- Upgraded NumPy from v1.21.6 to v1.22.2 due to three vulnerabilies:
- [NULL Pointer Dereference](https://security.snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964)
- [Buffer Overflow](https://security.snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966)
- [Denial of Service (DOS)](https://security.snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970)
- Integrated [DeepSource](https://deepsource.io/) for code security scanning
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application