mend-for-github-com[bot]
mend-for-github-com[bot]
## CVE-2024-37891 - Medium Severity Vulnerability Vulnerable Library - urllib3-1.26.18-py2.py3-none-any.whl HTTP library with thread-safe connection pooling, file post, and more. Library home page: https://files.pythonhosted.org/packages/b0/53/aa91e163dcfd1e5b82d8a890ecf13314e3e149c05270cc644581f77f17fd/urllib3-1.26.18-py2.py3-none-any.whl Dependency Hierarchy: - :x: **urllib3-1.26.18-py2.py3-none-any.whl** (Vulnerable...
## CVE-2024-3651 - High Severity Vulnerability Vulnerable Library - idna-3.4-py3-none-any.whl Internationalized Domain Names in Applications (IDNA) Library home page: https://files.pythonhosted.org/packages/fc/34/3030de6f1370931b9dbb4dad48f6ab1015ab1d32447850b9fc94e60097be/idna-3.4-py3-none-any.whl Dependency Hierarchy: - :x: **idna-3.4-py3-none-any.whl** (Vulnerable Library) Found in HEAD...
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@custom-elements-manifest/analyzer](https://togithub.com/open-wc/custom-elements-manifest) ([source](https://togithub.com/open-wc/custom-elements-manifest/tree/HEAD/packages/analyzer)) | [`^0.5.7` -> `^0.10.0`](https://renovatebot.com/diffs/npm/@custom-elements-manifest%2fanalyzer/0.5.7/0.10.3) | [](https://docs.renovatebot.com/merge-confidence/) |...
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [vue](https://togithub.com/vuejs/core/tree/main/packages/vue#readme) ([source](https://togithub.com/vuejs/core)) | [`2.7.8` -> `2.7.16`](https://renovatebot.com/diffs/npm/vue/2.7.8/2.7.16) | [](https://docs.renovatebot.com/merge-confidence/) |...
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. ## Repository problems Renovate tried to run on this repository, but found these problems....
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Jinja2](https://togithub.com/pallets/jinja) ([changelog](https://jinja.palletsprojects.com/changes/)) | patch | `==3.1.2` -> `==3.1.3` | | [jinja2](https://togithub.com/pallets/jinja) ([changelog](https://jinja.palletsprojects.com/changes/)) | patch |...
Vulnerable Library - zipp-3.15.0-py3-none-any.whl Backport of pathlib-compatible object wrapper for zip files Library home page: https://files.pythonhosted.org/packages/5b/fa/c9e82bbe1af6266adf08afb563905eb87cab83fde00a0a08963510621047/zipp-3.15.0-py3-none-any.whl Path to dependency file: /number-insight/async-callback/Pipfile Path to vulnerable library: /number-insight/async-callback/Pipfile,/sms/verify-signed-sms/requirements.txt,/jwt/decode-jwt/Pipfile,/requirements.txt ## Vulnerabilities | CVE...
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [idna](https://togithub.com/kjd/idna) ([changelog](https://togithub.com/kjd/idna/blob/master/HISTORY.rst)) | major | `==2.7` -> `==3.7` | By merging this PR, the issue...
Vulnerable Library - idna-2.7-py2.py3-none-any.whl Internationalized Domain Names in Applications (IDNA) Library home page: https://files.pythonhosted.org/packages/4b/2a/0276479a4b3caeb8a8c1af2f8e4355746a97fab05a372e4a2c6a6b876165/idna-2.7-py2.py3-none-any.whl Path to dependency file: /sms/verify-signed-sms/requirements.txt Path to vulnerable library: /sms/verify-signed-sms/requirements.txt,/requirements.txt ## Vulnerabilities | CVE | Severity...
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [urllib3](https://togithub.com/urllib3/urllib3) ([changelog](https://togithub.com/urllib3/urllib3/blob/main/CHANGES.rst)) | major | `==1.26.18` -> `==2.2.2` | By merging this PR, the issue...