Skip to content

Update pyproject.toml to avoid h11 dependency security issue #1008

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lovelydinosaur merged 3 commits into from
Apr 24, 2025
Merged

Update pyproject.toml to avoid h11 dependency security issue #1008

lovelydinosaur merged 3 commits into from
Apr 24, 2025

Conversation

@ljdelavega
Copy link
Contributor

@ljdelavega ljdelavega commented Apr 24, 2025

To address the Critical-level CVE:

GHSA-vqfr-h8mv-ghfj

Summary

Checklist

  • I understand that this PR may be closed in case there was no previous discussion. (This doesn't apply to typos!)

@ljdelavega ljdelavega mentioned this pull request Apr 24, 2025
Closed
lukehsiao
lukehsiao reviewed Apr 24, 2025
View reviewed changes
lukehsiao
lukehsiao approved these changes Apr 24, 2025
View reviewed changes
Copy link

@lukehsiao lukehsiao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My approval means nothing, but thanks for making this PR!

@alexpdp7 alexpdp7 mentioned this pull request Apr 24, 2025
Closed
lkasser1
lkasser1 reviewed Apr 24, 2025
View reviewed changes
techgaun
techgaun approved these changes Apr 24, 2025
View reviewed changes
Copy link

@techgaun techgaun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

came exactly for this, could we get this out asap? would appreciate it :)

kingbuzzman
kingbuzzman approved these changes Apr 24, 2025
View reviewed changes
Copy link

@kingbuzzman kingbuzzman left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Kinda blocked by this..

@joanise joanise mentioned this pull request Apr 24, 2025
Merged
@joanise
Copy link

joanise commented Apr 24, 2025

Waiting on this to resolve the issue for our project too. I recommend accepting @lkasser1 's suggestion before merging, but we don't depend on that.

@lovelydinosaur @lkasser1
Update pyproject.toml
9c8fa1d 
Co-authored-by: Lucas Kasser <lkasser8@gmail.com>
@lovelydinosaur
Copy link
Contributor

lovelydinosaur commented Apr 24, 2025

Thanks.

Aside; request contributors to not unnecessarily pile on in issues please. The initial prompt is sufficient.

@lovelydinosaur lovelydinosaur merged commit d1e17c5 into encode:master Apr 24, 2025
5 checks passed
@lovelydinosaur lovelydinosaur mentioned this pull request Apr 24, 2025
Merged
@mstechly mstechly mentioned this pull request Jun 11, 2025
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lovelydinosaur lovelydinosaur lovelydinosaur approved these changes

+4 more reviewers

@lkasser1 lkasser1 lkasser1 left review comments

@kingbuzzman kingbuzzman kingbuzzman approved these changes

@techgaun techgaun techgaun approved these changes

@lukehsiao lukehsiao lukehsiao approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@ljdelavega @joanise @lovelydinosaur @kingbuzzman @techgaun @lukehsiao @lkasser1