diff options
author | Reinier van der Leer <pwuts@agpt.co> | 2024-02-13 12:36:00 +0100 |
---|---|---|
committer | Reinier van der Leer <pwuts@agpt.co> | 2024-02-13 12:36:00 +0100 |
commit | 91cec515d4ff30d8db7c6d5f9a353a1b00efb15f (patch) | |
tree | 10f91ba204f48e4395b5d2d19b4ec52a7fc8f9c9 /benchmark | |
parent | chore(agent): Update aiohttp and fastapi dependencies to mitigate vulnerabili... (diff) | |
download | Auto-GPT-91cec515d4ff30d8db7c6d5f9a353a1b00efb15f.tar.gz Auto-GPT-91cec515d4ff30d8db7c6d5f9a353a1b00efb15f.tar.bz2 Auto-GPT-91cec515d4ff30d8db7c6d5f9a353a1b00efb15f.zip |
chore(benchmark): Update `python-multipart` dependency to mitigate vulnerability
- python-multipart vulnerable to Content-Type Header ReDoS - https://github.com/Significant-Gravitas/AutoGPT/security/dependabot/55
Diffstat (limited to 'benchmark')
-rw-r--r-- | benchmark/poetry.lock | 10 | ||||
-rw-r--r-- | benchmark/pyproject.toml | 2 |
2 files changed, 6 insertions, 6 deletions
diff --git a/benchmark/poetry.lock b/benchmark/poetry.lock index af45d5f43..005086565 100644 --- a/benchmark/poetry.lock +++ b/benchmark/poetry.lock @@ -2167,17 +2167,17 @@ cli = ["click (>=5.0)"] [[package]] name = "python-multipart" -version = "0.0.6" +version = "0.0.7" description = "A streaming multipart parser for Python" optional = false python-versions = ">=3.7" files = [ - {file = "python_multipart-0.0.6-py3-none-any.whl", hash = "sha256:ee698bab5ef148b0a760751c261902cd096e57e10558e11aca17646b74ee1c18"}, - {file = "python_multipart-0.0.6.tar.gz", hash = "sha256:e9925a80bb668529f1b67c7fdb0a5dacdd7cbfc6fb0bff3ea443fe22bdd62132"}, + {file = "python_multipart-0.0.7-py3-none-any.whl", hash = "sha256:b1fef9a53b74c795e2347daac8c54b252d9e0df9c619712691c1cc8021bd3c49"}, + {file = "python_multipart-0.0.7.tar.gz", hash = "sha256:288a6c39b06596c1b988bb6794c6fbc80e6c369e35e5062637df256bee0c9af9"}, ] [package.extras] -dev = ["atomicwrites (==1.2.1)", "attrs (==19.2.0)", "coverage (==6.5.0)", "hatch", "invoke (==1.7.3)", "more-itertools (==4.3.0)", "pbr (==4.3.0)", "pluggy (==1.0.0)", "py (==1.11.0)", "pytest (==7.2.0)", "pytest-cov (==4.0.0)", "pytest-timeout (==2.1.0)", "pyyaml (==5.1)"] +dev = ["atomicwrites (==1.2.1)", "attrs (==19.2.0)", "coverage (==6.5.0)", "hatch", "invoke (==2.2.0)", "more-itertools (==4.3.0)", "pbr (==4.3.0)", "pluggy (==1.0.0)", "py (==1.11.0)", "pytest (==7.2.0)", "pytest-cov (==4.0.0)", "pytest-timeout (==2.1.0)", "pyyaml (==5.1)"] [[package]] name = "pytz" @@ -2760,4 +2760,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.10" -content-hash = "babe1a348dbaf7fb195ebf5451c7d6a5c8797cd36fab58c25850fe4db4762fc6" +content-hash = "d7893a88906b5a8eda566e13e6a9492d012c910ded0da1b1ef12b69a14f8e047" diff --git a/benchmark/pyproject.toml b/benchmark/pyproject.toml index d279add7a..c659dcc8b 100644 --- a/benchmark/pyproject.toml +++ b/benchmark/pyproject.toml @@ -28,7 +28,7 @@ selenium = "^4.11.2" pytest-asyncio = "^0.21.1" uvicorn = "^0.23.2" fastapi = "^0.109.1" -python-multipart = "^0.0.6" +python-multipart = "^0.0.7" toml = "^0.10.2" # helicone = "^1.0.9" # incompatible with openai@^1.0.0 httpx = "^0.24.0" |