evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add urllib3<2 package constraint (#97339)

Browse source
This commit is contained in:
Franck Nijhof 2023-07-27 18:57:13 +02:00 committed by GitHub
parent 737ac8c600
commit af286a8feb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
script/gen_requirements_all.py
View file

@ -61,7 +61,9 @@ CONSTRAINT_BASE = """
pycryptodome>=3.6.6
# Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503
urllib3>=1.26.5
# Temporary setting an upper bound, to prevent compat issues with urllib3>=2
# https://github.com/home-assistant/core/issues/97248
urllib3>=1.26.5,<2
# Constrain httplib2 to protect against GHSA-93xj-8mrv-444m
# https://github.com/advisories/GHSA-93xj-8mrv-444m