Skip to content

Commit e02b74d

Browse files
dependabot[bot]aieng-bot[bot]
dependabot[bot]
and
aieng-bot[bot]
authored
Bump pymdown-extensions from 10.21.2 to 10.21.3 (#183)
* Bump pymdown-extensions from 10.21.2 to 10.21.3 Bumps [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) from 10.21.2 to 10.21.3. - [Release notes](https://github.com/facelessuser/pymdown-extensions/releases) - [Commits](facelessuser/pymdown-extensions@10.21.2...10.21.3) --- updated-dependencies: - dependency-name: pymdown-extensions dependency-version: 10.21.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore: bump idna to >=3.15 to fix CVE-2026-45409 idna 3.11 is vulnerable to denial-of-service via specially crafted inputs to idna.encode(). Version 3.15 extends the fix to cover all affected code paths. Co-authored-by: aieng-bot <aieng-bot@vectorinstitute.ai> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: aieng-bot[bot] <aieng-bot@vectorinstitute.ai>
1 parent e5a7962 commit e02b74d

2 files changed

Lines changed: 7 additions & 3 deletions

File tree

pyproject.toml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,8 @@ dependencies = [
3535
"meds-transforms>=0.6.1",
3636
# urllib3>=2.7.0 fixes CVE-2026-44431 and CVE-2026-44432
3737
"urllib3>=2.7.0",
38+
# idna>=3.15 fixes CVE-2026-45409
39+
"idna>=3.15",
3840
]
3941

4042
[project.optional-dependencies]

uv.lock

Lines changed: 5 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)