This is an automated email from the ASF dual-hosted git repository.

hello-stephen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git


The following commit(s) were added to refs/heads/master by this push:
     new 8f65b7ccb41 [fix](build) Update pytest dependency pins for security 
advisories (#63188)
8f65b7ccb41 is described below

commit 8f65b7ccb41f35e1f88a754dd7caf7038c287c7a
Author: Arpit Jain <[email protected]>
AuthorDate: Fri Jul 10 17:46:38 2026 +0900

    [fix](build) Update pytest dependency pins for security advisories (#63188)
    
    Problem Summary:
    `pytest/requirements.txt` currently pins several dependencies to
    vulnerable versions flagged by Dependabot. This PR updates the pinned
    versions for `certifi`, `idna`, `PyMySQL`, `requests`, and `urllib3` to
    patched releases so the pytest tooling dependencies are no longer on
    known vulnerable ranges.
    
    
    Signed-off-by: Arpit Jain <[email protected]>
---
 pytest/requirements.txt | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/pytest/requirements.txt b/pytest/requirements.txt
index 17804c41fb2..4d3384b8973 100644
--- a/pytest/requirements.txt
+++ b/pytest/requirements.txt
@@ -17,23 +17,22 @@
 
 attrs==23.1.0
 boltons==23.0.0
-certifi==2023.7.22
+certifi==2024.7.4
 charset-normalizer==3.2.0
-idna==3.4
+idna==3.7
 kafka-python==2.0.2
 numpy==1.24.2
 petl==1.7.12
 pexpect==4.8.0
 ptyprocess==0.7.0
 pycurl==7.45.2
-PyMySQL==1.0.3
+PyMySQL==1.1.1
 pytest==7.4.0
 pytest-html==3.2.0
 pytest-metadata==3.0.0
 pytest-timeout==2.1.0
 python-dateutil==2.8.2
 pytz==2023.3
-requests==2.28.2
+requests==2.32.4
 six==1.16.0
-urllib3==1.26.1
-
+urllib3==2.6.3


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to