Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade urllib3 to 1.25.2 #80

Merged
merged 1 commit into from
May 7, 2019
Merged

Upgrade urllib3 to 1.25.2 #80

merged 1 commit into from
May 7, 2019

Conversation

jaebradley
Copy link
Owner

urllib3 < 1.24.2 has a security vulnerability.

This change upgrades to the latest version of urllib3.

@codecov
Copy link

codecov bot commented May 7, 2019
edited
Loading

Codecov Report

Merging #80 into v4 will increase coverage by 0.65%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##              v4      #80      +/-   ##
=========================================
+ Coverage   92.5%   93.15%   +0.65%     
=========================================
  Files         12       12              
  Lines        307      307              
  Branches      38       38              
=========================================
+ Hits         284      286       +2     
+ Misses        19       18       -1     
+ Partials       4        3       -1
Impacted Files Coverage Δ
setup.py 0% <ø> (ø) ⬆️
...sketball_reference_web_scraper/parsers/schedule.py 100% <0%> (+5.88%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d14c6be...9f0e38e. Read the comment docs.

@jaebradley jaebradley merged commit 12a8f54 into v4 May 7, 2019
@jaebradley jaebradley deleted the update-urllib3-dependency branch May 7, 2019 05:54
@jaebradley jaebradley mentioned this pull request Jun 5, 2019
Merged
jaebradley added a commit that referenced this pull request Jun 5, 2019
@jaebradley
Downgrade urllib3 to 1.24.3 to fulfill requests@2.20.0 requirements (#83
7545416 
)

Related to #81 and #82.

I had bumped `urllib3` to the latest version at the time (`1.25.2`) in #80 to resolve a security vulnerability in `urllib3 < 1.24.2`.

However, this meant that the required `requests` version, `2.20.0` had the wrong `urllib3` version.

`urllib3@1.24.3` both avoids the security vulnerability and fulfills `requests`' `urllib3` version requirements.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@jaebradley