Skip to content

Commit

Permalink
deps: update black 23.12.1 -> 24.8.0
Browse files Browse the repository at this point in the history 
Before this change, "make safety" would complain of the following vulnerability:

-> Vulnerability found in black version 23.12.1
   Vulnerability ID: 66742
   Affected spec: <24.3.0
   ADVISORY: Affected versions of Black are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by
   crafting a malicious input that causes a denial of service.
   CVE-2024-21503
   For more information about this vulnerability, visit https://data.safetycli.com/v/66742/97c
   To ignore this vulnerability, use PyUp vulnerability id 66742 in safety’s ignore command-line argument or add the ignore to your safety policy file.
  • Loading branch information
muxator committed Sep 6, 2024
1 parent 6ddcfae commit aa4b741
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 25 deletions.
48 changes: 24 additions & 24 deletions poetry.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ gymnasium = "^0.27.1"

[tool.poetry.dev-dependencies]
bandit = "^1.7.5"
black = "^23.9.1"
black = "^24.8.0"
codecov = "^2.1.13"
darglint = "^1.8.1"
hypothesis = "^6.86.2"
Expand Down

0 comments on commit aa4b741

Please sign in to comment.