Commit 2867301
Bump requests to 2.33.0 and advance granulate-utils submodule pin
Pins requests==2.33.0 (was ==2.32.4) to pick up the upstream fix for
CVE-2024-47081 (.netrc credential leak via crafted URLs).
This PR is self-contained: a fresh `pip install -r requirements.txt`
resolves cleanly after merge.
Changes:
- requirements.txt: requests==2.32.4 -> 2.33.0
- granulate-utils submodule pointer: d57bcd0 -> 094d4116
Advances to pinterest/granulate-utils@master following
pinterest/granulate-utils#6, which bumped granulate-utils to
`requests~=2.33.0`. Without this advance the submodule would
continue to pin `~=2.32.4` and pip would report a resolver
conflict against the new top-level pin.
- .gitmodules: corrects the URL to pinterest/granulate-utils.
The pinned commit (and every Pinterest-only commit since this
fork diverged from intel) lives on pinterest/granulate-utils,
not intel. Before this fix, a fresh
`git clone --recurse-submodules` of master could not check out
the submodule, since the pinned commit isn't reachable from
intel's master.
Co-authored-by: Cursor <cursoragent@cursor.com>1 parent 56273b6 commit 2867301
3 files changed
Lines changed: 3 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
Submodule granulate-utils updated 1 file
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | | - | |
| 2 | + | |
3 | 3 | | |
4 | 4 | | |
5 | 5 | | |
| |||
0 commit comments