Skip to content

M12 connectors#65

Merged
jantman merged 5 commits into
mainfrom
m12
Nov 16, 2025
Merged

M12 connectors#65
jantman merged 5 commits into
mainfrom
m12

Conversation

@jantman

@jantman jantman commented Nov 15, 2025

Copy link
Copy Markdown
Contributor

No description provided.

- Update requests from ^2.32.3 to ^2.32.4 (CVE-2024-47081)
- Update aiohttp from ^3.11.4 to ^3.12.14 (CVE-2025-53643)
- Update nox-poetry from >= 1.0.3 to >= 1.2.0 (FIPS compliance)
- Update poetry-plugin-export from ^1.8.0 to ^1.9.0
- Update all other dependencies to latest versions

This addresses multiple security vulnerabilities including:
- urllib3 vulnerabilities (CVE-2025-50181, CVE-2025-50182)
- setuptools path traversal (CVE-2025-47273)
- jinja2 sandbox bypass (CVE-2024-56201, CVE-2025-27516, CVE-2024-56326)
- h2 request smuggling (CVE-2025-57804)
- h11 request smuggling (CVE-2025-43859)
- flask session signing issue (CVE-2025-47278)
- cryptography OpenSSL issue (CVE-2024-12797)
- authlib authentication bypass (CVE-2025-59420)
Add pytest-asyncio dependency and --asyncio-mode=auto flag to typeguard
session to support async test functions. Pytest 9.0+ requires explicit
async support configuration.
@github-actions

github-actions Bot commented Nov 16, 2025

Copy link
Copy Markdown

Coverage

Coverage Report
FileStmtsMissCoverMissing
src/dm_mac
   __init__.py690100% 
   cli_utils.py150100% 
   neongetter.py1860100% 
   slack_handler.py1500100% 
   utils.py250100% 
src/dm_mac/models
   __init__.py00100% 
   machine.py3140100% 
   users.py940100% 
src/dm_mac/views
   __init__.py00100% 
   api.py220100% 
   machine.py690100% 
   prometheus.py980100% 
TOTAL10420100% 

Tests Skipped Failures Errors Time
141 0 💤 0 ❌ 0 🔥 12.287s ⏱️

@jantman jantman merged commit dee1e8c into main Nov 16, 2025
16 checks passed
@jantman jantman deleted the m12 branch November 16, 2025 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant