Skip to content

PR checks: Update requests to 2.31.0 #1695

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
henrymercer merged 3 commits into from
May 26, 2023
Merged

PR checks: Update requests to 2.31.0 #1695

henrymercer merged 3 commits into from
May 26, 2023

Conversation

@henrymercer
Copy link
Contributor

@henrymercer henrymercer commented May 23, 2023

Update requests to 2.31.0 to address GHSA-j8r2-6x86-q33q. We don't use this in the Action itself, but instead in PR checks that test Python dependency installation.

@github/codeql-python I'd appreciate it if one of you could take a careful look at this PR to make sure I've preserved test coverage. Thanks!

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@henrymercer henrymercer requested review from a team as code owners May 23, 2023 16:06
@henrymercer henrymercer force-pushed the henrymercer/update-requests branch from 66e535c to 6e92b19 Compare May 23, 2023 16:07
@henrymercer
Copy link
Contributor Author

henrymercer commented May 23, 2023

Debug artifact upload failures fixed by #1696.

yoff
yoff approved these changes May 26, 2023
View reviewed changes
Copy link
Contributor

@yoff yoff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

(nit: It would have been nice to split the first commit in two so the rewriting of the files was clear from the diff and the moving happened separately.)

@henrymercer
Copy link
Contributor Author

henrymercer commented May 26, 2023

Thanks, that's good feedback. I had hoped that the diff would recognize the change as a rename!

@henrymercer henrymercer merged commit f8b1cb6 into main May 26, 2023
@henrymercer henrymercer deleted the henrymercer/update-requests branch May 26, 2023 10:10
@github-actions github-actions bot mentioned this pull request Jun 1, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yoff yoff yoff approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@henrymercer @yoff