Skip to content

Commit 4a7ad9e

Browse files
author
Chao Huang
committed
fix(deps): bump urllib3 from 2.6.3 to 2.7.0
Fixes two high-severity vulnerabilities: - Sensitive headers forwarded across origins in proxied redirects - Decompression-bomb safeguards bypassed in streaming API
1 parent f2b691b commit 4a7ad9e

2 files changed

Lines changed: 117 additions & 117 deletions

File tree

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ dependencies = [
4040
"openai>=2.21.0",
4141
"redis[hiredis]>=5.0.0",
4242
"aiohttp>=3.13.4",
43-
"urllib3>=2.6.3",
43+
"urllib3>=2.7.0",
4444
"cryptography>=46.0.7",
4545
"requests>=2.33.0",
4646
# Observability

uv.lock

Lines changed: 116 additions & 116 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)