arpitjain099 opened a new pull request, #63188:
URL: https://github.com/apache/doris/pull/63188
### What problem does this PR solve?
Issue Number: N/A
Related PR: N/A
Problem Summary:
`pytest/requirements.txt` currently pins several dependencies to vulnerable
versions flagged by Dependabot. This PR updates the pinned versions for
`certifi`, `idna`, `PyMySQL`, `requests`, and `urllib3` to patched releases so
the pytest tooling dependencies are no longer on known vulnerable ranges.
### Release note
None
### Check List (For Author)
- Test
- [ ] Regression test
- [ ] Unit Test
- [x] Manual test (add detailed scripts or steps below)
- Ran `python3 -m pip install --dry-run requests==2.32.4
urllib3==2.6.3 PyMySQL==1.1.1 certifi==2024.7.4 idna==3.7` to verify the
updated dependency set resolves.
- [ ] No need to test or manual test. Explain why:
- [ ] This is a refactor/code format and no logic has been changed.
- [ ] Previous test can cover this change.
- [ ] No code files have been changed.
- [ ] Other reason
- Behavior changed:
- [x] No.
- [ ] Yes.
- Does this need documentation?
- [x] No.
- [ ] Yes.
### Check List (For Reviewer who merge this PR)
- [ ] Confirm the release note
- [ ] Confirm test cases
- [ ] Confirm document
- [ ] Add branch pick label
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
