andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-04-30 23:02:50 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

fix: bump pytest to 9.0.3 for GHSA-6w46-j5rx-g56g
Some checks failed
CodeQL Advanced / Analyze (actions) (push) Has been cancelled
Details
CodeQL Advanced / Analyze (python) (push) Has been cancelled
Details
Vulnerability Scan / pip-audit (push) Has been cancelled
Details
Build uv cache / build-cache (3.10) (push) Has been cancelled
Details
Nightly Canary Release / Publish nightly to PyPI (push) Has been cancelled
Details
Build uv cache / build-cache (3.11) (push) Has been cancelled
Details
Build uv cache / build-cache (3.12) (push) Has been cancelled
Details
Mark stale issues and pull requests / stale (push) Has been cancelled
Details
Build uv cache / build-cache (3.13) (push) Has been cancelled
Details
Nightly Canary Release / Check for new commits (push) Has been cancelled
Details
Nightly Canary Release / Build nightly packages (push) Has been cancelled
Details

Browse Source 
pytest <9.0.3 has an insecure tmpdir vulnerability (CVE / GHSA-6w46-j5rx-g56g).
Bump pytest-split to 0.11.0 to satisfy the new pytest>=9 requirement.
This commit is contained in:
Greyson LaLonde
2026-04-14 02:38:05 +08:00
committed by GitHub
parent 58208fdbae
commit 0dba95e166
2 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pyproject.toml
View File

@@ -12,7 +12,7 @@ dev = [
"mypy==1.19.1",
"pre-commit==4.5.1",
"bandit==1.9.2",
"pytest==8.4.2",
"pytest==9.0.3",
"pytest-asyncio==1.3.0",
"pytest-subprocess==1.5.3",
"vcrpy==7.0.0", # pinned, less versions break pytest-recording
@@ -20,7 +20,7 @@ dev = [
"pytest-randomly==4.0.1",
"pytest-timeout==2.4.0",
"pytest-xdist==3.8.0",
"pytest-split==0.10.0",
"pytest-split==0.11.0",
"types-requests~=2.31.0.6",
"types-pyyaml==6.0.*",
"types-regex==2026.1.15.*",