Skip to content

Commit cc73f7c

Browse files
ayushdggreptile-apps[bot]
ayushdg
and
greptile-apps[bot]
authored
More CVE fixes (#1843)
* Bump pyopenssl due to cve Signed-off-by: Ayush Dattagupta <ayushdg95@gmail.com> * remove diskcache since it's unused Signed-off-by: Ayush Dattagupta <ayushdg95@gmail.com> * Update pyproject.toml Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Signed-off-by: Ayush Dattagupta <ayushdg95@gmail.com> * Re-add diskcache since it's a required import in vllm 0.15.1 Signed-off-by: Ayush Dattagupta <ayushdg95@gmail.com> --------- Signed-off-by: Ayush Dattagupta <ayushdg95@gmail.com> Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
1 parent 7b90edc commit cc73f7c

2 files changed

Lines changed: 9 additions & 6 deletions

File tree

pyproject.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -271,6 +271,7 @@ constraint-dependencies = [
271271
"pillow>=12.1.1", # Address CVE GHSA-cfh3-3jmp-rvhc
272272
"protobuf>=5.29.6,<7.0", # Address CVE GHSA-8qvm-5x2c-j2w7; <7.0 due to ray serve FieldDescriptor API breakage
273273
"pyasn1>=0.6.2", # Address CVE GHSA-63vm-454h-vhhq
274+
"pyopenssl>=26.0.0", # Address CVE GHSA-5pwr-322w-8jr4
274275
"python-multipart>=0.0.22", # Address CVE GHSA-wp53-j4wj-2cfg
275276
"starlette>=0.49.1", # Address CVE GHSA-7f5h-v6xp-fcq8
276277
"urllib3>=2.6.3", # Address CVE GHSA-38jv-5279-wg99

uv.lock

Lines changed: 8 additions & 6 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)