Skip to content

Commit 23bf0f1

Browse files
dependabot[bot]aieng-bot[bot]
dependabot[bot]
and
aieng-bot[bot]
authored
Bump ruff from 0.15.7 to 0.15.8 (#90)
* Bump ruff from 0.15.7 to 0.15.8 Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.7 to 0.15.8. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.15.7...0.15.8) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.15.8 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore: bump requests to 2.33.0 and nbconvert to 7.17.0 to fix CVEs - requests >= 2.33.0: fixes CVE-2026-25645 (predictable temp file path in extract_zipped_paths) - nbconvert >= 7.17.0: fixes CVE-2025-53000 Co-authored-by: aieng-bot <aieng-bot@vectorinstitute.ai> * chore: bump pygments to 2.20.0 to fix CVE-2026-4539 Co-authored-by: aieng-bot <aieng-bot@vectorinstitute.ai> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: aieng-bot[bot] <aieng-bot@vectorinstitute.ai>
1 parent bb1eb17 commit 23bf0f1

File tree

2 files changed

+39
-30
lines changed

2 files changed

+39
-30
lines changed

pyproject.toml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,10 @@ dependencies = [
1010
"aieng-topic-impl",
1111
"filelock==3.25.2",
1212
"jupyterlab>=4.4.8",
13+
"nbconvert>=7.17.0",
1314
"pip>=25.3",
15+
"pygments>=2.20.0",
16+
"requests>=2.33.0",
1417
"urllib3>=2.6.0",
1518
"virtualenv==21.2.0",
1619
]

uv.lock

Lines changed: 36 additions & 30 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)