You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by mi...@apache.org on 2024/03/04 15:59:55 UTC
(superset) 03/04: chore: numexpr to fix CVE-2023-39631 (2.8.4 => 2.9.0) (#27187)
This is an automated email from the ASF dual-hosted git repository.
michaelsmolina pushed a commit to branch 3.1
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 16e5eddeb6d648cf4738ca2f0bcf5422d4e6bcb1
Author: nigzak <10...@users.noreply.github.com>
AuthorDate: Fri Mar 1 19:50:17 2024 +0100
chore: numexpr to fix CVE-2023-39631 (2.8.4 => 2.9.0) (#27187)
Co-authored-by: Stefan Arnold <st...@mercedes-benz.com>
---
requirements/base.in | 1 +
requirements/base.txt | 9 +++++----
requirements/development.txt | 11 ++++++++++-
requirements/testing.txt | 2 --
4 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/requirements/base.in b/requirements/base.in
index dc632a096a..b1c67b936a 100644
--- a/requirements/base.in
+++ b/requirements/base.in
@@ -18,3 +18,4 @@
#
-e file:.
urllib3>=1.26.18
+numexpr>=2.9.0
diff --git a/requirements/base.txt b/requirements/base.txt
index 2df0f87695..de25938a01 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -1,4 +1,4 @@
-# SHA1:89ce10cd392b720033db86b747e77633711a8b5f
+# SHA1:f8f2c882290c71f27b1d9f3263cf0c523cb88ad6
#
# This file is autogenerated by pip-compile-multi
# To update, run:
@@ -211,8 +211,10 @@ nh3==0.2.11
# via apache-superset
numba==0.57.1
# via pandas
-numexpr==2.8.4
- # via pandas
+numexpr==2.9.0
+ # via
+ # -r requirements/base.in
+ # pandas
numpy==1.23.5
# via
# apache-superset
@@ -346,7 +348,6 @@ typing-extensions==4.4.0
# apache-superset
# cattrs
# flask-limiter
- # kombu
# limits
# shillelagh
tzdata==2023.3
diff --git a/requirements/development.txt b/requirements/development.txt
index 58dd97a753..ca80cd60ed 100644
--- a/requirements/development.txt
+++ b/requirements/development.txt
@@ -82,6 +82,10 @@ ptyprocess==0.7.0
# via pexpect
pure-eval==0.2.2
# via stack-data
+pure-sasl==0.6.2
+ # via
+ # pyhive
+ # thrift-sasl
pyasn1==0.5.0
# via
# pyasn1-modules
@@ -111,7 +115,12 @@ tableschema==1.20.2
tabulator==1.53.5
# via tableschema
thrift==0.16.0
- # via apache-superset
+ # via
+ # apache-superset
+ # pyhive
+ # thrift-sasl
+thrift-sasl==0.4.3
+ # via pyhive
tomli==2.0.1
# via pylint
tomlkit==0.11.8
diff --git a/requirements/testing.txt b/requirements/testing.txt
index 382e3bee4b..fce953f8e4 100644
--- a/requirements/testing.txt
+++ b/requirements/testing.txt
@@ -118,8 +118,6 @@ pyee==9.0.4
# via playwright
pyfakefs==5.2.2
# via -r requirements/testing.in
-pyhive[presto]==0.7.0
- # via apache-superset
pytest==7.3.1
# via
# -r requirements/testing.in