evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add urllib3<2 package constraint (#97339)

Browse source
This commit is contained in:
Franck Nijhof 2023-07-27 18:57:13 +02:00 committed by GitHub
parent 737ac8c600
commit af286a8feb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
homeassistant/package_constraints.txt
View file

@ -59,7 +59,9 @@ zeroconf==0.71.4
pycryptodome>=3.6.6 pycryptodome>=3.6.6
# Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503 # Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503
urllib3>=1.26.5 # Temporary setting an upper bound, to prevent compat issues with urllib3>=2
# https://github.com/home-assistant/core/issues/97248
urllib3>=1.26.5,<2
# Constrain httplib2 to protect against GHSA-93xj-8mrv-444m # Constrain httplib2 to protect against GHSA-93xj-8mrv-444m
# https://github.com/advisories/GHSA-93xj-8mrv-444m # https://github.com/advisories/GHSA-93xj-8mrv-444m

4
script/gen_requirements_all.py
View file

@ -61,7 +61,9 @@ CONSTRAINT_BASE = """
pycryptodome>=3.6.6 pycryptodome>=3.6.6
# Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503 # Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503
urllib3>=1.26.5 # Temporary setting an upper bound, to prevent compat issues with urllib3>=2
# https://github.com/home-assistant/core/issues/97248
urllib3>=1.26.5,<2
# Constrain httplib2 to protect against GHSA-93xj-8mrv-444m # Constrain httplib2 to protect against GHSA-93xj-8mrv-444m
# https://github.com/advisories/GHSA-93xj-8mrv-444m # https://github.com/advisories/GHSA-93xj-8mrv-444m