Commit ba00de4
chore(deps): update vulnerable dependencies
- cryptography 46.0.3 → 46.0.5 (high: subgroup attack on SECT curves)
- urllib3 2.6.2 → 2.6.3 (high: decompression-bomb bypass on redirects)
- langsmith 0.4.43 → 0.7.3 (medium: SSRF via tracing header injection)
- langchain-core 1.2.6 → 1.2.12 (low: SSRF via image_url token counting)
- orjson 3.11.4 → 3.11.7 (medium: no fix yet, updated to latest)1 parent 7c54aaf commit ba00de4
1 file changed
Lines changed: 141 additions & 157 deletions
0 commit comments