New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump pywin32 version in setup.py, update in requirements.txt #2943
Conversation
Signed-off-by: John Doe <john@doe.null>
setup.py
Outdated
@@ -16,7 +16,7 @@ | |||
|
|||
extras_require = { | |||
# win32 APIs if on Windows (required for npipe support) | |||
':sys_platform == "win32"': 'pywin32==227', | |||
':sys_platform == "win32"': 'pywin32>=227', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
':sys_platform == "win32"': 'pywin32>=227', | |
':sys_platform == "win32"': 'pywin32>=301', |
maybe? to avoid GHSA-hwfp-hg2m-9vr2
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. I just updated that.
Signed-off-by: John Doe <john@doe.null>
Could this please be merged? 🙏🏻 |
Awesome! Impatiently waiting for the merge 😄 |
Related PRs (potential duplicates/overlaps): |
@StefanScherer would it be possible for you to review this or a related MR? This dependency issue is a potential security vulnerability for some, and a false positive for others. We could really use a Docker 5.0.2 release with these changes. |
@ulyssessouza @aiordache @StefanScherer could you please review this PR? 🙏 This dependency issue is causing a lot of trouble for Windows users. It's a potential security vulnerability, but also prevents installing |
@ulyssessouza @aiordache @StefanScherer any news here? |
Unfortunately, it sounds like Docker won't be addressing this and we may be forced to fork. |
I understand docker has different priorities, but this is completely blocking the use of docker-py on Windows with Python 3.10, which FWIW, LocalStack is relying on. |
Hi! Thanks so much for your PR and apologies for the delay in review. A fix for this has been merged and we're planning to issue a new release containing it soon. For context, changes similar to yours were done in #3004 to address some CI changes in the repo, which blocked merging of your PR as-is, and given the delay on this, we wanted to be respectful of our contributor's time and not require you to rebase + re-review. |
Thank you! |
thank you @milas!! 🙏 |
Fixes: #2902