Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency pydantic to v1.10.13 [security] #1303

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update dependency pydantic to v1.10.13 [security] #1303

wants to merge 1 commit into from

Conversation

plural-renovate[bot]
Copy link
Contributor

@plural-renovate plural-renovate bot commented Apr 26, 2024
edited

This PR contains the following updates:

Package Update Change
pydantic (changelog) patch ==1.10.11 -> ==1.10.13

GitHub Vulnerability Alerts

CVE-2024-3772

Regular expression denial of service in Pydantic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.

Release Notes

pydantic/pydantic (pydantic)

v1.10.13

Compare Source

v1.10.12

Compare Source

  • Fixes the maxlen property being dropped on deque validation. Happened only if the deque item has been typed. Changes the _validate_sequence_like func, #​6581 by @​maciekglowka

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@plural-renovate plural-renovate bot added the dependencies Pull requests that update a dependency file label Apr 26, 2024
@stoat-app Stoat App
Copy link

stoat-app bot commented Apr 26, 2024
edited

Easy and customizable dashboards for your build system. Learn more about Stoat ↗︎

Static Hosting

Name Link Commit Status
api-coverage Visit d2f87c8
rtc-coverage Visit d2f87c8
core-coverage Visit d2f87c8
cron-coverage Visit d2f87c8
email-coverage Visit d2f87c8
worker-coverage Visit d2f87c8
api-test-results Visit d2f87c8
graphql-coverage Visit d2f87c8
rtc-test-results Visit d2f87c8
core-test-results Visit d2f87c8
cron-test-results Visit d2f87c8
email-test-results Visit d2f87c8
worker-test-results Visit d2f87c8
graphql-test-results Visit d2f87c8

Job Runtime

job runtime chart

debug

@plural-renovate plural-renovate bot force-pushed the renovate/pypi-pydantic-vulnerability branch 2 times, most recently from 5f50848 to 352b933 Compare May 7, 2024 21:42
@plural-renovate plural-renovate bot force-pushed the renovate/pypi-pydantic-vulnerability branch from 352b933 to d2f87c8 Compare May 10, 2024 23:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants