[Snyk] Security upgrade sqlparse from 0.4.4 to 0.5.0 #47

TheRealVizard · 2024-04-17T00:51:35Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- docs/requirements.txt

⚠️

Warning

Django 3.2.25 requires sqlparse, which is not installed.

Vulnerabilities that will be fixed

By pinning:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled Recursion SNYK-PYTHON-SQLPARSE-6615674	`sqlparse:` `0.4.4 -> 0.5.0`	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674

codecov · 2024-04-17T00:52:39Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.36%. Comparing base (35cdd8d) to head (29410da).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #47   +/-   ##
=======================================
  Coverage   94.36%   94.36%           
=======================================
  Files           8        8           
  Lines         284      284           
=======================================
  Hits          268      268           
  Misses         16       16

Flag	Coverage Δ
unittests	`94.36% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

github-actions · 2024-05-03T00:32:54Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

codecov-commenter · 2024-05-03T00:33:43Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.36%. Comparing base (35cdd8d) to head (29410da).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #47   +/-   ##
=======================================
  Coverage   94.36%   94.36%           
=======================================
  Files           8        8           
  Lines         284      284           
=======================================
  Hits          268      268           
  Misses         16       16

Flag	Coverage Δ
unittests	`94.36% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

github-actions · 2024-05-19T00:34:18Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-06-05T00:31:56Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-06-21T00:32:04Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-07-07T00:36:56Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-07-24T00:34:52Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-08-09T00:35:09Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-08-25T00:38:37Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-09-10T00:37:22Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2024-12-18T00:41:48Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-01-04T00:39:03Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-01-21T00:38:44Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-02-06T00:39:59Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-02-23T00:43:45Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-03-12T00:41:37Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-03-28T00:42:42Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-04-13T02:10:36Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-04-30T00:45:24Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

github-actions · 2025-05-17T00:45:01Z

This pull request is stale because it has been open 15 days with no activity. Remove stale label or comment or this will be closed in 15 days.

fix: docs/requirements.txt to reduce vulnerabilities

29410da

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674

github-actions bot added the no-pr-activity label May 3, 2024

github-actions bot removed the no-pr-activity label May 4, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels May 19, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Jun 5, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Jun 21, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Jul 7, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Jul 24, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Aug 9, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Aug 25, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Sep 10, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Dec 18, 2024

github-actions bot added no-pr-activity and removed no-pr-activity labels Jan 4, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Jan 21, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Feb 6, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Feb 23, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Mar 12, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Mar 28, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Apr 13, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels Apr 30, 2025

github-actions bot added no-pr-activity and removed no-pr-activity labels May 17, 2025

[Snyk] Security upgrade sqlparse from 0.4.4 to 0.5.0 #47

Are you sure you want to change the base?

[Snyk] Security upgrade sqlparse from 0.4.4 to 0.5.0 #47

Uh oh!

Conversation

TheRealVizard commented Apr 17, 2024

Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

By pinning:

Uh oh!

codecov bot commented Apr 17, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

github-actions bot commented May 3, 2024

Uh oh!

codecov-commenter commented May 3, 2024 • edited by codecov bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

github-actions bot commented May 19, 2024

Uh oh!

github-actions bot commented Jun 5, 2024

Uh oh!

github-actions bot commented Jun 21, 2024

Uh oh!

github-actions bot commented Jul 7, 2024

Uh oh!

github-actions bot commented Jul 24, 2024

Uh oh!

github-actions bot commented Aug 9, 2024

Uh oh!

github-actions bot commented Aug 25, 2024

Uh oh!

github-actions bot commented Sep 10, 2024

Uh oh!

github-actions bot commented Dec 18, 2024

Uh oh!

github-actions bot commented Jan 4, 2025

Uh oh!

github-actions bot commented Jan 21, 2025

Uh oh!

github-actions bot commented Feb 6, 2025

Uh oh!

github-actions bot commented Feb 23, 2025

Uh oh!

github-actions bot commented Mar 12, 2025

Uh oh!

github-actions bot commented Mar 28, 2025

Uh oh!

github-actions bot commented Apr 13, 2025

Uh oh!

github-actions bot commented Apr 30, 2025

Uh oh!

github-actions bot commented May 17, 2025

Uh oh!

Uh oh!

codecov bot commented Apr 17, 2024 •

edited

Loading

codecov-commenter commented May 3, 2024 •

edited by codecov bot

Loading