Skip to content

Commit

Permalink
Update setup.py
Browse files Browse the repository at this point in the history 
Bump ipywidgets >=8.0 to resolve CVEs:

```
-> Vulnerability found in ipywidgets version 7.8.1
   Vulnerability ID: 50664
   Affected spec: <8.0.0
   ADVISORY: Ipywidgets 8.0.0 sanitizes descriptions by default.jupyter-widgets/ipywidgets#2785
   PVE-2022-50664
   For more information about this vulnerability, visit https://data.safetycli.com/v/50664/97c
   To ignore this vulnerability, use PyUp vulnerability id 50664 in safety’s ignore command-line argument or add the ignore to your safety policy file.

-> Vulnerability found in ipywidgets version 7.8.1
   Vulnerability ID: 50463
   Affected spec: <8.0.0rc2
   ADVISORY: Ipywidgets 8.0.0rc2 makes descriptions plaintext by default for security.jupyter-widgets/ipywidgets#2785
   PVE-2022-50463
   For more information about this vulnerability, visit https://data.safetycli.com/v/50463/97c
   To ignore this vulnerability, use PyUp vulnerability id 50463 in safety’s ignore command-line argument or add the ignore to your safety policy file.
```

Signed-off-by: Darren Weber <[email protected]>
  • Loading branch information
@dazza-codes
dazza-codes committed Mar 26, 2024
1 parent 4932e76 commit ba498db
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion bindings/kepler.gl-jupyter/setup.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@
'long_description': LONG_DESCRIPTION,
'include_package_data': True,
'install_requires': [
'ipywidgets>=7.0.0,<8',
'ipywidgets>=8.0.0',
'traittypes>=0.2.1',
'geopandas>=0.5.0',
'pandas>=0.23.0',
Expand Down

0 comments on commit ba498db

Please sign in to comment.