Bump pygments from 2.6.1 to 2.7.4 in /backend/admin/pyspark_docker/pyspark_scripts/analysis #73
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [pygments](https://github.com/pygments/pygments) from 2.6.1 to 2.7.4. - [Release notes](https://github.com/pygments/pygments/releases) - [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES) - [Commits](pygments/pygments@2.6.1...2.7.4) --- updated-dependencies: - dependency-name: pygments dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
![bridgecrew[bot]](https://avatars.githubusercontent.com/in/52968?s=60&v=4){kind=small}
| @@ -43,7 +43,7 @@ pipreqs==0.4.10 | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
certifi 2020.4.5.1 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 0 | Medium: 0 | Low: 1 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2022-23491 |  LOW |
4 | 2022.12.07 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
nbconvert 5.6.1 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 0 | Medium: 1 | Low: 0 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2021-32862 |  MEDIUM |
5.4 | 6.3.0 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
bleach 3.1.5 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 0 | Medium: 1 | Low: 0 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2021-23980 | MEDIUM |
6.1 | 3.3.0 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
numpy 1.18.5 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 0 | Medium: 1 | Low: 0 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2021-34141 | MEDIUM |
5.3 | 1.22.0 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
jinja2 2.11.2 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 0 | Medium: 1 | Low: 0 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2020-28493 | MEDIUM |
5.3 | 2.11.3 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
mistune 0.8.4 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 1 | Medium: 0 | Low: 0 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2022-34749 |  HIGH |
7.5 | 2.0.3 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
click 7.1.2 / requirements.txt
Total vulnerabilities: 1
| Critical: 0 | High: 0 | Medium: 1 | Low: 0 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| PRISMA-2021-0020 | MEDIUM |
- | 8.0.0 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
pillow 7.1.2 / requirements.txt
Total vulnerabilities: 29
| Critical: 5 | High: 16 | Medium: 6 | Low: 2 |
|---|
| Vulnerability ID | Severity | CVSS | Fixed in | Status |
|---|---|---|---|---|
| CVE-2021-25287 |  CRITICAL |
9.1 | 8.2.0 |
Open |
| CVE-2021-25288 | CRITICAL |
9.1 | 8.2.0 |
Open |
| CVE-2021-25289 | CRITICAL |
9.8 | 8.1.1 |
Open |
| CVE-2022-24303 | CRITICAL |
9.1 | 9.0.1 |
Open |
| CVE-2022-22817 | CRITICAL |
9.8 | 9.0.0 |
Open |
| CVE-2020-35654 | HIGH |
8.8 | 8.1.0 |
Open |
| CVE-2020-35653 | HIGH |
7.1 | 8.1.0 |
Open |
| CVE-2021-25290 | HIGH |
7.5 | 8.1.1 |
Open |
| CVE-2021-25291 | HIGH |
7.5 | 8.1.1 |
Open |
| CVE-2021-25293 | HIGH |
7.5 | 8.1.1 |
Open |
| CVE-2021-27921 | HIGH |
7.5 | 8.1.1 |
Open |
| CVE-2021-27922 | HIGH |
7.5 | 8.1.1 |
Open |
| CVE-2021-27923 | HIGH |
7.5 | 8.1.1 |
Open |
| CVE-2021-28676 | HIGH |
7.5 | 8.2.0 |
Open |
| CVE-2021-28677 | HIGH |
7.5 | 8.2.0 |
Open |
| CVE-2021-23437 | HIGH |
7.5 | 8.3.2 |
Open |
| PRISMA-2021-0134 | HIGH |
8.5 | 8.3.2 |
Open |
| PRISMA-2021-0015 | HIGH |
- | 8.1.0 |
Open |
| PRISMA-2021-0010 | HIGH |
- | 8.1.0 |
Open |
| CVE-2022-45198 | HIGH |
7.5 | 9.2.0 |
Open |
| CVE-2022-45199 | HIGH |
7.5 | 9.3.0 |
Open |
| CVE-2020-35655 | MEDIUM |
5.4 | 8.1.0 |
Open |
| CVE-2021-25292 | MEDIUM |
6.5 | 8.1.1 |
Open |
| CVE-2021-28675 | MEDIUM |
5.5 | 8.2.0 |
Open |
| CVE-2021-28678 | MEDIUM |
5.5 | 8.2.0 |
Open |
| CVE-2022-22816 | MEDIUM |
6.5 | 9.0.0 |
Open |
| CVE-2022-22815 | MEDIUM |
6.5 | 9.0.0 |
Open |
| GHSA-jgpv-4h4c-xhw3 | LOW |
4 | 8.1.2 |
Open |
| GHSA-4fx9-vc88-q2xc | LOW |
1 | 9.0.0 |
Open |
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
docutils 0.15.2 / requirements.txt
This package contains a license that is not OSI-approved.
| @@ -43,7 +43,7 @@ | |||
| plotly==4.14.3 | |||
| plotting==0.0.6 | |||
| pydeck==0.4.0b1 | |||
| Pygments==2.6.1 | |||
| Pygments==2.7.4 | |||
There was a problem hiding this comment.
docutils 0.15.2 / requirements.txt
This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
26 similar comments
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
7 similar comments
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Bumps pygments from 2.6.1 to 2.7.4.
Release notes
Sourced from pygments's releases.
... (truncated)
Changelog
Sourced from pygments's changelog.
... (truncated)
Commits
4d555d0Bump version to 2.7.4.fc3b05dUpdate CHANGES.ad21935Revert "Added dracula theme style (#1636)"e411506Prepare for 2.7.4 release.275e34ddoc: remove Perl 6 ref2e7e8c4Fix several exponential/cubic complexity regexes found by Ben Caller/Doyenseceb39c43xquery: fix pop from empty stack2738778fix coding style in test_analyzer_lexer02e0f09Added 'ERROR STOP' to fortran.py keywords. (#1665)c83fe48support added for css variables (#1633)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.