Commit 798a48f
committed
fix(security): bump pytest to 9.0.3 to clear CVE-2025-71176
The Dependency Audit job flagged pytest 8.4.2 in
compliance/requirements.lock.txt as vulnerable to CVE-2025-71176, fixed in
9.0.3. Bump the pinned version and the requirements.txt lower bound. SDK
tests and the schema compliance suite both pass on pytest 9.0.3, and
`pip-audit` against all three lock files (reference, compliance, docs)
now reports no known vulnerabilities.
Made-with: Cursor1 parent 0b2f03e commit 798a48f
2 files changed
Lines changed: 2 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
7 | | - | |
| 7 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
0 commit comments