Skip to content

Bump various dependencies in Doc/requirements-oldest-sphinx.txt#110278

Merged
AlexWaygood merged 1 commit into
python:mainfrom
AlexWaygood:docs-security
Oct 3, 2023
Merged

Bump various dependencies in Doc/requirements-oldest-sphinx.txt#110278
AlexWaygood merged 1 commit into
python:mainfrom
AlexWaygood:docs-security

Conversation

@AlexWaygood
Copy link
Copy Markdown
Member

@AlexWaygood AlexWaygood commented Oct 3, 2023
edited by github-actions Bot
Loading

This resolves a Dependabot security alert on the repository for urllib3==2.0.4.

I followed the instructions here for regenerating the dependencies, which resulted in several other bumps as well:

cpython/Doc/requirements-oldest-sphinx.txt

Lines 9 to 13 in bb2e96f

# Generated from:
# pip install "Sphinx~=4.2.0"
# pip freeze
#
# Sphinx 4.2 comes from ``needs_sphinx = '4.2'`` in ``Doc/conf.py``.

The only one that's required to resolve the security alert is the urllib3 bump, though; we could stick to just that if it's preferred.

📚 Documentation preview 📚: https://cpython-previews--110278.org.readthedocs.build/

AA-Turner
AA-Turner approved these changes Oct 3, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@AA-Turner AA-Turner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thanks!

A

@AA-Turner AA-Turner added needs backport to 3.11 only security fixes needs backport to 3.12 only security fixes labels Oct 3, 2023
@AlexWaygood AlexWaygood merged commit f1663a4 into python:main Oct 3, 2023
@AlexWaygood AlexWaygood deleted the docs-security branch October 3, 2023 13:10
@miss-islington
Copy link
Copy Markdown
Contributor

miss-islington commented Oct 3, 2023

Thanks @AlexWaygood for the PR 🌮🎉.. I'm working now to backport this PR to: 3.11, 3.12.
🐍🍒⛏🤖

miss-islington pushed a commit to miss-islington/cpython that referenced this pull request Oct 3, 2023
@AlexWaygood @miss-islington
Bump various dependencies in Doc/requirements-oldest-sphinx.txt (py…
dc2ce73 
…thonGH-110278)

This resolves a Dependabot security alert on the repository for urllib3==2.0.4.
(cherry picked from commit f1663a4)

Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
@bedevere-app
Copy link
Copy Markdown

bedevere-app Bot commented Oct 3, 2023

GH-110280 is a backport of this pull request to the 3.12 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.12 only security fixes label Oct 3, 2023
@bedevere-app
Copy link
Copy Markdown

bedevere-app Bot commented Oct 3, 2023

GH-110281 is a backport of this pull request to the 3.11 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.11 only security fixes label Oct 3, 2023
miss-islington pushed a commit to miss-islington/cpython that referenced this pull request Oct 3, 2023
@AlexWaygood @miss-islington
Bump various dependencies in Doc/requirements-oldest-sphinx.txt (py…
27e0339 
…thonGH-110278)

This resolves a Dependabot security alert on the repository for urllib3==2.0.4.
(cherry picked from commit f1663a4)

Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
AlexWaygood added a commit that referenced this pull request Oct 3, 2023
@miss-islington @AlexWaygood
[3.11] Bump various dependencies in `Doc/requirements-oldest-sphinx.t…
a151afe 
…xt` (GH-110278) (#110281)

Bump various dependencies in `Doc/requirements-oldest-sphinx.txt` (GH-110278)

This resolves a Dependabot security alert on the repository for urllib3==2.0.4.
(cherry picked from commit f1663a4)

Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
AlexWaygood added a commit that referenced this pull request Oct 3, 2023
@miss-islington @AlexWaygood
[3.12] Bump various dependencies in `Doc/requirements-oldest-sphinx.t…
bd56c51 
…xt` (GH-110278) (#110280)

Bump various dependencies in `Doc/requirements-oldest-sphinx.txt` (GH-110278)

This resolves a Dependabot security alert on the repository for urllib3==2.0.4.
(cherry picked from commit f1663a4)

Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
Glyphack pushed a commit to Glyphack/cpython that referenced this pull request Sep 2, 2024
@AlexWaygood @Glyphack
Bump various dependencies in Doc/requirements-oldest-sphinx.txt (py…
3513df0 
…thon#110278)

This resolves a Dependabot security alert on the repository for urllib3==2.0.4.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AA-Turner AA-Turner AA-Turner approved these changes

@hugovk hugovk Awaiting requested review from hugovk

Assignees

No one assigned

Labels

skip issue skip news

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AlexWaygood @miss-islington @AA-Turner