New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Python package update to fix the dependabot alerts #8117
Conversation
smuzaffar
commented
Oct 3, 2022
•
edited
edited
- OAuthLib vulnerable to DoS: https://github.com/cms-sw/cmsdist/security/dependabot/139
- joblib vulnerable to arbitrary code execution: https://github.com/cms-sw/cmsdist/security/dependabot/199
- protobuf-cpp and protobuf-python have potential Denial of Service issue : https://github.com/cms-sw/cmsdist/security/dependabot/198
please test |
A new Pull Request was created by @smuzaffar (Malik Shahzad Muzaffar) for branch IB/CMSSW_12_6_X/master. @smuzaffar, @aandvalenzuela, @iarspider can you please review it and eventually sign? Thanks. |
-1 Failed Tests: RelVals RelVals
|
please test |
+1 Summary: https://cmssdt.cern.ch/SDT/jenkins-artifacts/pull-request-integration/PR-de40c1/27966/summary.html Comparison Summary@slava77 comparisons for the following workflows were not done due to missing matrix map:
Summary:
|
This pull request is fully signed and it will be integrated in one of the next IB/CMSSW_12_6_X/master IBs (tests are also fine). This pull request will now be reviewed by the release team before it's merged. @perrotta, @dpiparo, @rappoccio (and backports should be raised in the release meeting by the corresponding L2) |
+externals |
This pull request is fully signed and it will be integrated in one of the next IB/CMSSW_12_6_X/master IBs (tests are also fine). This pull request will now be reviewed by the release team before it's merged. @perrotta, @dpiparo, @rappoccio (and backports should be raised in the release meeting by the corresponding L2) |