sonar-python icon indicating copy to clipboard operation
sonar-python copied to clipboard

Published 20 hours ago verified publisher icon SonarSource

Update typeshed dependencies

Open joke1196 opened this issue 2 years ago • 2 comments

joke1196 avatar Aug 21 '23 11:08 joke1196

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

sonarqube-next[bot] avatar Aug 21 '23 11:08 sonarqube-next[bot]

Yes, the main goal was to satisfy the WhiteSource issue. I was told the issue came from Typeshed that's why I taught this would solve the problem. If we can ignore this check in WhiteSource then it would be preferable to do that, as we know our stubs are working correctly currently. For the update of the libraries, they are just regular updates (only cryptography is a major one).

joke1196 avatar Aug 21 '23 12:08 joke1196

We are only using these dependencies to generate stubs. White source alarm are FPs as there are not risk involved. We can keep the dependencies unchanged

joke1196 avatar Jun 28 '24 07:06 joke1196