github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2025-09-13 21:47:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

infra: Update package version to apply CVE-related patch (#19490)

Browse Source 
- **Description:** [CVE
2024-21503](https://www.cve.org/CVERecord?id=CVE-2024-21503) was
recently identified. The python linter "black" suffers from a potential
Regex-related denial of service attack. Updated version from the
vulnerable 24.2.0 to the patched 24.3.0.
- **Issue:** N/A
- **Dependencies:** The 'black' package in both `langchain` (top-level)
and `templates/python-lint`.

Co-authored-by: Bagatur <22008038+baskaryan@users.noreply.github.com>
This commit is contained in:
Jacob Lezberg
2024-03-25 03:11:23 -04:00
committed by GitHub
parent 96dc180883
commit 64e1df3d3a
4 changed files with 50 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
templates/python-lint/pyproject.toml
View File

@@ -7,7 +7,7 @@ readme = "README.md"
[tool.poetry.dependencies]
ruff = ">=0.1.8"
black = ">=23.12.0"
black = "^24.2.0"
mypy = ">=1.7.1"
python = ">=3.8.1,<4.0"
langchain = "^0.1"