Update Ipywidgets>=8.x to fix security vulnerabilities #2545
Commits on Mar 26, 2024
-
Bump ipywidgets >=8.0 to resolve CVEs: ``` -> Vulnerability found in ipywidgets version 7.8.1 Vulnerability ID: 50664 Affected spec: <8.0.0 ADVISORY: Ipywidgets 8.0.0 sanitizes descriptions by default.jupyter-widgets/ipywidgets#2785 PVE-2022-50664 For more information about this vulnerability, visit https://data.safetycli.com/v/50664/97c To ignore this vulnerability, use PyUp vulnerability id 50664 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in ipywidgets version 7.8.1 Vulnerability ID: 50463 Affected spec: <8.0.0rc2 ADVISORY: Ipywidgets 8.0.0rc2 makes descriptions plaintext by default for security.jupyter-widgets/ipywidgets#2785 PVE-2022-50463 For more information about this vulnerability, visit https://data.safetycli.com/v/50463/97c To ignore this vulnerability, use PyUp vulnerability id 50463 in safety’s ignore command-line argument or add the ignore to your safety policy file. ``` Signed-off-by: Darren Weber <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.