Skip to content

Commit 8ca245f

Browse files
RoiGlinikclaude
RoiGlinik
and
claude
authored
ROB-429 CVEminator πŸ€– 2026-06-23 (#533)
### Next Steps After merge, build and release a new image: ``` # us-central1-docker.pkg.dev/genuine-flight-317411/devel/krr β€” list tags by date, bump latest. # docker build -t us-central1-docker.pkg.dev/genuine-flight-317411/devel/krr:<new-tag> . ``` ### Changes | File | Change | CVE | |------|--------|-----| | `pyproject.toml` | `requests = ">2.32.4"` β†’ `requests = ">=2.33.0"` | CVE-2026-25645 | | `poetry.lock` | `requests` 2.32.5 β†’ 2.34.2 | CVE-2026-25645 | | `requirements.txt` | `requests==2.32.5` β†’ `requests==2.34.2` | CVE-2026-25645 | Refs: - https://github.com/robusta-dev/krr/security/dependabot/69 - https://github.com/psf/requests/releases ### Test plan - `docker build -t krr-cve-test -f Dockerfile .` β€” builds clean. - `docker run --rm --entrypoint python krr-cve-test krr.py --help` β€” CLI usage prints. - `docker run --rm --entrypoint python krr-cve-test -c "import requests; print(requests.__version__)"` β†’ `2.34.2` (β‰₯ 2.33.0, CVE fixed). ### Human in the loop Nothing extra needed β€” single-line pin bump on a battle-tested HTTP library, no API surface change. `requirements.txt` was edited surgically (only the `requests==` line) rather than re-exporting from poetry, because a fresh `poetry export` re-resolves dozens of unrelated pins and would balloon the diff. πŸ€– Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 parent 847db04 commit 8ca245f

3 files changed

Lines changed: 11 additions & 11 deletions

File tree

β€Žpoetry.lockβ€Ž

Lines changed: 9 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

β€Žpyproject.tomlβ€Ž

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ alive-progress = "^3.1.2"
3333
prometrix = "0.2.11"
3434
slack-sdk = "^3.21.3"
3535
pandas = "2.2.2"
36-
requests = ">2.32.4"
36+
requests = ">=2.33.0"
3737
pyyaml = "6.0.1"
3838
typing-extensions = "4.6.0"
3939
idna = "3.7"

β€Žrequirements.txtβ€Ž

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ pytz==2024.1 ; python_version >= "3.10" and python_full_version < "3.13"
3737
pyyaml==6.0.1 ; python_version >= "3.10" and python_full_version < "3.13"
3838
regex==2023.12.25 ; python_version >= "3.10" and python_full_version < "3.13"
3939
requests-oauthlib==1.4.1 ; python_version >= "3.10" and python_full_version < "3.13"
40-
requests==2.32.5 ; python_version >= "3.10" and python_full_version < "3.13"
40+
requests==2.34.2 ; python_version >= "3.10" and python_full_version < "3.13"
4141
rich==12.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
4242
rsa==4.9 ; python_version >= "3.10" and python_full_version < "3.13"
4343
s3transfer==0.16.0 ; python_version >= "3.10" and python_full_version < "3.13"

0 commit comments

Comments
Β (0)