From 1982510a313ffee266f3b6e4905d24b8fc4f64cd Mon Sep 17 00:00:00 2001 From: Andreas Maier Date: Sat, 30 Nov 2024 07:59:14 +0100 Subject: [PATCH] Safety issues up to 2024-11-30 Signed-off-by: Andreas Maier --- .safety-policy.yml | 2 ++ docs/changes.rst | 2 ++ minimum-constraints.txt | 2 +- test-requirements.txt | 2 +- 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.safety-policy.yml b/.safety-policy.yml index 7c7dc84..7e185bc 100644 --- a/.safety-policy.yml +++ b/.safety-policy.yml @@ -64,6 +64,8 @@ security: reason: Fixed zipp version 3.19.1 requires Python>=3.8 and is used there 72236: reason: Fixed setuptools version 70.0.0 requires Python>=3.8 and is used there + 73456: + reason: Fixed virtualenv version 20.26.6 requires Python>=3.8 and is used there # Continue with exit code 0 when vulnerabilities are found. continue-on-vulnerability-error: False diff --git a/docs/changes.rst b/docs/changes.rst index 6392e20..3b4bb9b 100644 --- a/docs/changes.rst +++ b/docs/changes.rst @@ -16,6 +16,8 @@ Released: not yet **Bug fixes:** +* Addressed safety issues up to 2024-11-30. + * Test: Fixed the issue that coveralls was not found in the test workflow on MacOS with Python 3.9-3.11, by running it without login shell. Added Python 3.11 on MacOS to the normal tests. diff --git a/minimum-constraints.txt b/minimum-constraints.txt index d4ecbdf..682bbf8 100644 --- a/minimum-constraints.txt +++ b/minimum-constraints.txt @@ -45,7 +45,7 @@ pytest==7.0.0 # virtualenv virtualenv==20.2.1; python_version <= '3.7' -virtualenv==20.23.0; python_version >= '3.8' +virtualenv==20.26.6; python_version >= '3.8' # Indirect dependencies for test (must be consistent with test-requirements.txt, if present) diff --git a/test-requirements.txt b/test-requirements.txt index 620f7f3..19e4df1 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -22,7 +22,7 @@ pytest>=7.0.0 # virtualenv 20.2.1 started removing the prior pinning of importlib-metadata to <3 # tox 3.21.0 requires virtualenv!=20.0.[0-7],>=16.0.0 and requires Python >=3.5 virtualenv>=20.2.1,<20.16.3; python_version <= '3.7' -virtualenv>=20.23.0; python_version >= '3.8' +virtualenv>=20.26.6; python_version >= '3.8' # Indirect dependencies with special constraints: