kompetenzinventar/ki-backend
5
6
Fork 7
Code Issues Pull Requests 13 Packages Projects Releases 1 Activity

Update dependency flask-cors to v5 #114

Merged
Brain merged 1 commits from renovate/flask-cors-5.x into main 2024-09-05 11:26:35 +02:00
Conversation 0 Commits 1 Files Changed 2 +11 -19
renovate-bot commented 2024-09-04 23:36:06 +02:00
Member
Copy Link

This PR contains the following updates:

Package Type Update Change
flask-cors packages major ==3.0.10 -> ==5.0.0

Release Notes

corydolphin/flask-cors (flask-cors)

v5.0.0

Compare Source

What's Changed

Full Changelog: https://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0

v4.0.2

Compare Source

What's Changed

New Contributors

Full Changelog: https://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2

v4.0.1

Compare Source

Security

v4.0.0

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [flask-cors](https://github.com/corydolphin/flask-cors) | packages | major | `==3.0.10` -> `==5.0.0` | --- ### Release Notes <details> <summary>corydolphin/flask-cors (flask-cors)</summary> ### [`v5.0.0`](https://github.com/corydolphin/flask-cors/releases/tag/5.0.0) [Compare Source](https://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0) #### What's Changed - Breaking: Change default to disable private network access by [@&#8203;corydolphin](https://github.com/corydolphin) in https://github.com/corydolphin/flask-cors/pull/368 This effectively resolves https://github.com/advisories/GHSA-hxwh-jpp2-84pm https://osv.dev/vulnerability/PYSEC-2024-71 **Full Changelog**: https://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0 ### [`v4.0.2`](https://github.com/corydolphin/flask-cors/releases/tag/4.0.2) [Compare Source](https://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2) #### What's Changed - Bump requests from 2.31.0 to 2.32.0 in /docs by [@&#8203;dependabot](https://github.com/dependabot) in https://github.com/corydolphin/flask-cors/pull/358 - Backwards Compatible Fix for CVE-2024-6221 by [@&#8203;adrianosela](https://github.com/adrianosela) in https://github.com/corydolphin/flask-cors/pull/363 - Add unit tests for Private-Network by [@&#8203;corydolphin](https://github.com/corydolphin) in https://github.com/corydolphin/flask-cors/pull/367 #### New Contributors - [@&#8203;dependabot](https://github.com/dependabot) made their first contribution in https://github.com/corydolphin/flask-cors/pull/358 - [@&#8203;adrianosela](https://github.com/adrianosela) made their first contribution in https://github.com/corydolphin/flask-cors/pull/363 **Full Changelog**: https://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2 ### [`v4.0.1`](https://github.com/corydolphin/flask-cors/blob/HEAD/CHANGELOG.md#401) [Compare Source](https://github.com/corydolphin/flask-cors/compare/4.0.0...4.0.1) ##### Security - Address [CVE-2024-1681](https://github.com/advisories/GHSA-84pr-m4jr-85g5) which is a log injection vulnerability when the log level is set to debug by [@&#8203;aneshujevic](https://github.com/aneshujevic) in https://github.com/corydolphin/flask-cors/pull/351 ### [`v4.0.0`](https://github.com/corydolphin/flask-cors/blob/HEAD/CHANGELOG.md#400) [Compare Source](https://github.com/corydolphin/flask-cors/compare/3.0.10...4.0.0) - Remove support for Python versions older than 3.8 by [@&#8203;WAKayser](https://github.com/WAKayser) in https://github.com/corydolphin/flask-cors/pull/330 - Add GHA tooling by [@&#8203;corydolphin](https://github.com/corydolphin) in https://github.com/corydolphin/flask-cors/pull/331 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuNyIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
renovate-bot added 1 commit 2024-09-04 23:36:07 +02:00
Update dependency flask-cors to v5
All checks were successful
continuous-integration/drone/pr Build is passing
Details
6b7517fc7a
Brain merged commit 3d128d771c into main 2024-09-05 11:26:35 +02:00
Brain added the
security
 label 2024-09-05 11:26:42 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something is not working

  
doing

   
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
ready

Bereit für Release

  
review

   
security

   
wontfix

This won't be fixed

No Label
bug
doing
duplicate
enhancement
help wanted
invalid
question
ready
review
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: kompetenzinventar/ki-backend#114
No description provided.
Delete Branch "renovate/flask-cors-5.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?