Skip to content

Commit

Permalink
[security] enforce min starlette version (#228)
Browse files Browse the repository at this point in the history 
Why
===
* Dependabot has a security warning that is resolved after starlette
0.40.0

What changed
===
* Add this indirect dependency to our pyproject.toml file and put the
min version at the level where the security issue was resolved

Test plan
===
* CI passes
  • Loading branch information
@ryantm
ryantm authored Feb 19, 2025
1 parent d4132bc commit c4355c3
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 11 deletions.
20 changes: 10 additions & 10 deletions poetry.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,8 @@ types-requests = "^2.31.0.10"

[tool.poetry.group.docs.dependencies]
Sphinx = ">=7.0.1"
sphinx-autobuild = ">=2021.3.14"
sphinx-autobuild = ">=2024.10.3"
starlette = ">=0.40.0"
sphinx-autodoc-typehints = ">=1.11.0"
sphinx-click = ">=4.4.0"
sphinx-rtd-theme = ">=0.5.0"
Expand Down

0 comments on commit c4355c3

Please sign in to comment.