Skip to content

Fix requests insecure temp file reuse vulnerability#23

Open
iteuscher wants to merge 1 commit intomainfrom
fix/requests-vulnerability
Open

Fix requests insecure temp file reuse vulnerability#23
iteuscher wants to merge 1 commit intomainfrom
fix/requests-vulnerability

Conversation

@iteuscher
Copy link
Copy Markdown
Collaborator

@iteuscher iteuscher commented Apr 1, 2026

Summary

Test plan

  • Verify pip install -r requirements.txt succeeds with the new version constraint
  • Confirm Dependabot alert is resolved after merge

🤖 Generated with Claude Code

@claude
Fix requests insecure temp file reuse vulnerability
1d03d01 
Bump requests minimum version from 2.25.1 to 2.33.0 to address
extract_zipped_paths() predictable filename vulnerability.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@iteuscher