ComposeAE

ComposeAE copied to clipboard

Bumps [pillow](https://github.com/python-pillow/Pillow) from 5.2.0 to 8.3.2. Release notes Sourced from pillow's releases. 8.3.2 https://pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html Security CVE-2021-23437 Raise ValueError if color specifier is too long [hugovk, radarhere] Fix 6-byte OOB read...

dependabot[bot]

Bumps [nltk](https://github.com/nltk/nltk) from 3.3 to 3.6.3. Changelog Sourced from nltk's changelog. Version 3.6.4 2021-10-01 deprecate nltk.usage(obj) in favor of help(obj) resolve ReDoS vulnerability in Corpus Reader solidify performance tests improve...

dependabot[bot]

Bumps [jupyterlab](https://github.com/jupyterlab/jupyterlab) from 0.32.1 to 1.2.21. Changelog Sourced from jupyterlab's changelog. github_url: 'https://github.com/jupyterlab/jupyterlab/blob/master/CHANGELOG.md' JupyterLab Changelog 4.0 4.0.0a4 (Full Changelog) Enhancements made Don't sort context menu items by selector #10666 (@​fcollonval)...

dependabot[bot]

Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.23 to 1.26.5. Release notes Sourced from urllib3's releases. 1.26.5 :warning: IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap Fixed...

dependabot[bot]

Bumps [flask-cors](https://github.com/corydolphin/flask-cors) from 3.0.4 to 3.0.9. Release notes Sourced from flask-cors's releases. Release 3.0.9 Security Escape path before evaluating resource rules (thanks @​praetorian-colby-morgan). Prior to this, flask-cors incorrectly evaluated CORS...

dependabot[bot]

Bumps [py](https://github.com/pytest-dev/py) from 1.5.3 to 1.10.0. Changelog Sourced from py's changelog. 1.10.0 (2020-12-12) Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651) Update vendored apipkg: 1.4...

dependabot[bot]

Bumps [lxml](https://github.com/lxml/lxml) from 4.2.1 to 4.6.3. Changelog Sourced from lxml's changelog. 4.6.3 (2021-03-21) Bugs fixed A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung, which allowed JavaScript...

dependabot[bot]

Bumps [pygments](https://github.com/pygments/pygments) from 2.2.0 to 2.7.4. Release notes Sourced from pygments's releases. 2.7.4 Updated lexers: Apache configurations: Improve handling of malformed tags (#1656) CSS: Add support for variables (#1633, #1666)...

dependabot[bot]

Bumps [pyyaml](https://github.com/yaml/pyyaml) from 3.12 to 5.4. Changelog Sourced from pyyaml's changelog. 5.4 (2021-01-19) yaml/pyyaml#407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA yaml/pyyaml#472 -- Fix for...

dependabot[bot]

Bumps [jinja2](https://github.com/pallets/jinja) from 2.10 to 2.11.3. Release notes Sourced from jinja2's releases. 2.11.3 This contains a fix for a speed issue with the urlize filter. urlize is likely to be...

dependabot[bot]