⬆️ Update dependency idna to v3.7 #27

Merged
sebclem merged 1 commits from renovate/idna-3.x into main 2024-04-16 13:20:34 +02:00
Collaborator

This PR contains the following updates:

Package Update Change
idna (changelog) minor ==3.6 -> ==3.7

Release Notes

kjd/idna (idna)

v3.7

Compare Source

What's Changed

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: https://github.com/kjd/idna/compare/v3.6...v3.7


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [idna](https://github.com/kjd/idna) ([changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)) | minor | `==3.6` -> `==3.7` | --- ### Release Notes <details> <summary>kjd/idna (idna)</summary> ### [`v3.7`](https://github.com/kjd/idna/releases/tag/v3.7) [Compare Source](https://github.com/kjd/idna/compare/v3.6...v3.7) #### What's Changed - Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. \[CVE-2024-3651] Thanks to Guido Vranken for reporting the issue. **Full Changelog**: https://github.com/kjd/idna/compare/v3.6...v3.7 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yODcuMSIsInVwZGF0ZWRJblZlciI6IjM3LjI4Ny4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
renovate-bot added 1 commit 2024-04-12 03:05:13 +02:00
⬆️ Update dependency idna to v3.7
All checks were successful
ci / docker (pull_request) Successful in 26s
0c08a8c0b2
sebclem merged commit c7b312b41f into main 2024-04-16 13:20:34 +02:00
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sebclem/pixivcord#27
No description provided.