aboutsummaryrefslogtreecommitdiff
path: root/benchmark
diff options
context:
space:
mode:
authorGravatar Reinier van der Leer <pwuts@agpt.co> 2024-02-13 12:36:00 +0100
committerGravatar Reinier van der Leer <pwuts@agpt.co> 2024-02-13 12:36:00 +0100
commit91cec515d4ff30d8db7c6d5f9a353a1b00efb15f (patch)
tree10f91ba204f48e4395b5d2d19b4ec52a7fc8f9c9 /benchmark
parentchore(agent): Update aiohttp and fastapi dependencies to mitigate vulnerabili... (diff)
downloadAuto-GPT-91cec515d4ff30d8db7c6d5f9a353a1b00efb15f.tar.gz
Auto-GPT-91cec515d4ff30d8db7c6d5f9a353a1b00efb15f.tar.bz2
Auto-GPT-91cec515d4ff30d8db7c6d5f9a353a1b00efb15f.zip
chore(benchmark): Update `python-multipart` dependency to mitigate vulnerability
- python-multipart vulnerable to Content-Type Header ReDoS - https://github.com/Significant-Gravitas/AutoGPT/security/dependabot/55
Diffstat (limited to 'benchmark')
-rw-r--r--benchmark/poetry.lock10
-rw-r--r--benchmark/pyproject.toml2
2 files changed, 6 insertions, 6 deletions
diff --git a/benchmark/poetry.lock b/benchmark/poetry.lock
index af45d5f43..005086565 100644
--- a/benchmark/poetry.lock
+++ b/benchmark/poetry.lock
@@ -2167,17 +2167,17 @@ cli = ["click (>=5.0)"]
[[package]]
name = "python-multipart"
-version = "0.0.6"
+version = "0.0.7"
description = "A streaming multipart parser for Python"
optional = false
python-versions = ">=3.7"
files = [
- {file = "python_multipart-0.0.6-py3-none-any.whl", hash = "sha256:ee698bab5ef148b0a760751c261902cd096e57e10558e11aca17646b74ee1c18"},
- {file = "python_multipart-0.0.6.tar.gz", hash = "sha256:e9925a80bb668529f1b67c7fdb0a5dacdd7cbfc6fb0bff3ea443fe22bdd62132"},
+ {file = "python_multipart-0.0.7-py3-none-any.whl", hash = "sha256:b1fef9a53b74c795e2347daac8c54b252d9e0df9c619712691c1cc8021bd3c49"},
+ {file = "python_multipart-0.0.7.tar.gz", hash = "sha256:288a6c39b06596c1b988bb6794c6fbc80e6c369e35e5062637df256bee0c9af9"},
]
[package.extras]
-dev = ["atomicwrites (==1.2.1)", "attrs (==19.2.0)", "coverage (==6.5.0)", "hatch", "invoke (==1.7.3)", "more-itertools (==4.3.0)", "pbr (==4.3.0)", "pluggy (==1.0.0)", "py (==1.11.0)", "pytest (==7.2.0)", "pytest-cov (==4.0.0)", "pytest-timeout (==2.1.0)", "pyyaml (==5.1)"]
+dev = ["atomicwrites (==1.2.1)", "attrs (==19.2.0)", "coverage (==6.5.0)", "hatch", "invoke (==2.2.0)", "more-itertools (==4.3.0)", "pbr (==4.3.0)", "pluggy (==1.0.0)", "py (==1.11.0)", "pytest (==7.2.0)", "pytest-cov (==4.0.0)", "pytest-timeout (==2.1.0)", "pyyaml (==5.1)"]
[[package]]
name = "pytz"
@@ -2760,4 +2760,4 @@ multidict = ">=4.0"
[metadata]
lock-version = "2.0"
python-versions = "^3.10"
-content-hash = "babe1a348dbaf7fb195ebf5451c7d6a5c8797cd36fab58c25850fe4db4762fc6"
+content-hash = "d7893a88906b5a8eda566e13e6a9492d012c910ded0da1b1ef12b69a14f8e047"
diff --git a/benchmark/pyproject.toml b/benchmark/pyproject.toml
index d279add7a..c659dcc8b 100644
--- a/benchmark/pyproject.toml
+++ b/benchmark/pyproject.toml
@@ -28,7 +28,7 @@ selenium = "^4.11.2"
pytest-asyncio = "^0.21.1"
uvicorn = "^0.23.2"
fastapi = "^0.109.1"
-python-multipart = "^0.0.6"
+python-multipart = "^0.0.7"
toml = "^0.10.2"
# helicone = "^1.0.9" # incompatible with openai@^1.0.0
httpx = "^0.24.0"
Copyright © 1990 – 2022 jet tsang zeon-git.
All Rights Reverse Engineered.