Skip to content

Update python-multipart to fix security alert #821

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
seapagan merged 1 commit into from
Jan 27, 2026
Merged

Update python-multipart to fix security alert #821

seapagan merged 1 commit into from
Jan 27, 2026

Conversation

@seapagan
Copy link
Owner

@seapagan seapagan commented Jan 27, 2026
edited by coderabbitai bot
Loading

Security issue in python-multipart 0.0.20 - update to patched version 0.0.22

Summary by CodeRabbit

  • Chores
    • Updated python-multipart dependency to version 0.0.22 across development and production environments.

✏️ Tip: You can customize this high-level summary in your review settings.

@seapagan seapagan self-assigned this Jan 27, 2026
@seapagan seapagan added the security Security Fixes label Jan 27, 2026
@coderabbitai
Copy link

coderabbitai bot commented Jan 27, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The python-multipart dependency has been updated from version 0.0.20 to 0.0.22 across both development and production requirements files, with no other modifications to dependencies or logic.

Changes

Cohort / File(s) Change Summary
Dependency Version Bumps
requirements-dev.txt, requirements.txt		 Updated python-multipart from 0.0.20 to 0.0.22 in both files

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A version so humble, yet needed it seems,
Python-multipart hopping through our requirements streams,
From point-oh-twenty to point-oh-two-two,
Our dependencies dance with a hop and a "poo!" 🥕

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: updating python-multipart dependency to address a security vulnerability, which aligns with the actual file modifications and PR objectives.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@codacy-production
Copy link

codacy-production bot commented Jan 27, 2026
edited
Loading

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.00% (target: -1.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (5149544) 2445 2445 100.00%
Head commit (488c09f) 2445 (+0) 2445 (+0) 100.00% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#821) 0 0 ∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

@seapagan seapagan merged commit 23ac77e into main Jan 27, 2026
18 checks passed
@seapagan seapagan deleted the security/update-python-multipart branch January 27, 2026 19:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@seapagan seapagan

Labels

security Security Fixes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@seapagan