We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There are multiple osv vulnerability issues with the Pillow 9.x package dependency. An update to 10.x (https://github.com/whylabs/whylogs/blob/mainline/python/pyproject.toml#L68) is currently not possible.
Some vulnerabilities:
poetry install
osv-scanner --lockfile poetry.lock
Could we update Pillow to its latest version?
The text was updated successfully, but these errors were encountered:
This issue is stale. Remove stale label or it will be closed next week.
Sorry, something went wrong.
changes merged to allow newer versions of PIL and updates lock file. Slated for next whylogs release, 1.4.1
released in version 1.4.1
jamie256
No branches or pull requests
Description
There are multiple osv vulnerability issues with the Pillow 9.x package dependency. An update to 10.x (https://github.com/whylabs/whylogs/blob/mainline/python/pyproject.toml#L68) is currently not possible.
Some vulnerabilities:
Steps to reproduce:
poetry install
osv-scanner --lockfile poetry.lock
(https://github.com/google/osv-scanner)Suggestions
Could we update Pillow to its latest version?
The text was updated successfully, but these errors were encountered: