-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix dependency vulnerabilities in source packages #47
base: develop
Are you sure you want to change the base?
Conversation
Bumps the pip group with 1 update in the / directory: [black](https://github.com/psf/black). Updates `black` from 23.3.0 to 24.3.0 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@23.3.0...24.3.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:development dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the pip group with 1 update in the / directory: [pyarrow](https://github.com/apache/arrow). Updates `pyarrow` from 12.0.0 to 14.0.1 - [Release notes](https://github.com/apache/arrow/releases) - [Commits](apache/arrow@go/v12.0.0...go/v14.0.1) --- updated-dependencies: - dependency-name: pyarrow dependency-type: direct:development dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the pip group with 1 update in the / directory: [idna](https://github.com/kjd/idna). Updates `idna` from 3.4 to 3.7 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.4...v3.7) --- updated-dependencies: - dependency-name: idna dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the pip group with 1 update in the / directory: [certifi](https://github.com/certifi/python-certifi). Updates `certifi` from 2023.5.7 to 2024.7.4 - [Commits](certifi/python-certifi@2023.05.07...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the pip group with 1 update in the / directory: [requests](https://github.com/psf/requests). Updates `requests` from 2.30.0 to 2.32.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.30.0...v2.32.2) --- updated-dependencies: - dependency-name: requests dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bump requests from 2.30.0 to 2.32.2 in the pip group across 1 directory
Bump idna from 3.4 to 3.7 in the pip group across 1 directory
Bump certifi from 2023.5.7 to 2024.7.4 in the pip group across 1 directory
Bump black from 23.3.0 to 24.3.0 in the pip group across 1 directory
Bumps the pip group with 1 update in the / directory: [idna](https://github.com/kjd/idna). Updates `idna` from 3.7 to 3.10 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.7...v3.10) --- updated-dependencies: - dependency-name: idna dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the pip group with 1 update in the / directory: [urllib3](https://github.com/urllib3/urllib3). Updates `urllib3` from 2.0.2 to 2.2.2 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.0.2...2.2.2) --- updated-dependencies: - dependency-name: urllib3 dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>
Bump pyarrow from 12.0.0 to 14.0.1 in the pip group across 1 directory
Bump idna from 3.7 to 3.10 in the pip group across 1 directory
Bump urllib3 from 2.0.2 to 2.2.2 in the pip group across 1 directory
Generate changelog in
|
You can find patched security vulnerabilities in this fork repo - https://github.com/arpitjain099/palantir-python-sdk/pulls?q=is%3Apr+label%3Adependencies+is%3Aclosed It is important to merge this as this SDK gets used by other developers as well. Type
Description Fix dependency vulnerabilities in source packages
|
You can find patched security vulnerabilities in this fork repo - https://github.com/arpitjain099/palantir-python-sdk/pulls?q=is%3Apr+label%3Adependencies+is%3Aclosed
It is important to merge this as this SDK gets used by other developers as well.
Type
Description Fix dependency vulnerabilities in source packages