self-hosted/home-assistant-core
self-hosted/home-assistant-core
1
0
Fork 0
mirror of https://github.com/home-assistant/core synced 2024-10-05 05:11:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add urllib3<2 package constraint (#97339)

Browse source
This commit is contained in:
Franck Nijhof 2023-07-27 18:57:13 +02:00
parent e4246902fb
commit 80092dabdf
No known key found for this signature in database
GPG key ID: D62583BA8AB11CA3
2 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
homeassistant/package_constraints.txt
View file

@ -59,7 +59,9 @@ zeroconf==0.71.4
pycryptodome>=3.6.6 pycryptodome>=3.6.6
# Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503 # Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503
urllib3>=1.26.5 # Temporary setting an upper bound, to prevent compat issues with urllib3>=2
# https://github.com/home-assistant/core/issues/97248
urllib3>=1.26.5,<2
# Constrain httplib2 to protect against GHSA-93xj-8mrv-444m # Constrain httplib2 to protect against GHSA-93xj-8mrv-444m
# https://github.com/advisories/GHSA-93xj-8mrv-444m # https://github.com/advisories/GHSA-93xj-8mrv-444m

4
script/gen_requirements_all.py
View file

@ -61,7 +61,9 @@ CONSTRAINT_BASE = """
pycryptodome>=3.6.6 pycryptodome>=3.6.6
# Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503 # Constrain urllib3 to ensure we deal with CVE-2020-26137 and CVE-2021-33503
urllib3>=1.26.5 # Temporary setting an upper bound, to prevent compat issues with urllib3>=2
# https://github.com/home-assistant/core/issues/97248
urllib3>=1.26.5,<2
# Constrain httplib2 to protect against GHSA-93xj-8mrv-444m # Constrain httplib2 to protect against GHSA-93xj-8mrv-444m
# https://github.com/advisories/GHSA-93xj-8mrv-444m # https://github.com/advisories/GHSA-93xj-8mrv-444m