Skip to content

fix(deps): vuln httplib2 (unstable → 0.31.2) [stardog]#3038

Draft
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
masterfrom
engraver-auto-version-upgrade/unstable/pep621/stardog/4-1781533340
Draft

fix(deps): vuln httplib2 (unstable → 0.31.2) [stardog]#3038
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
masterfrom
engraver-auto-version-upgrade/unstable/pep621/stardog/4-1781533340

Conversation

@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown

Summary: High-severity security update — 1 package upgraded (UNSTABLE changes included)

Manifests changed:

  • stardog (pep621)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.


Updates

Package From To Type Dep Type Vulnerabilities Fixed
httplib2 0.10.3 0.31.2 unstable Direct 3 HIGH, 3 MEDIUM

Security Details

🚨 Critical & High Severity (3 fixed)
Package CVE Severity Summary Unsafe Version Fixed In
httplib2 PYSEC-2021-16 high - 0.10.3 bd9ee252c8f099608019709e22c0d705e98d26bc
httplib2 CVE-2021-21240 high - 0.10.3 -
httplib2 GHSA-93xj-8mrv-444m HIGH Regular Expression Denial of Service (REDoS) in httplib2 0.10.3 0.19.0
ℹ️ Other Vulnerabilities (3)
Package CVE Severity Summary Unsafe Version Fixed In
httplib2 PYSEC-2020-46 medium - 0.10.3 a1457cc31f3206cf691d11d2bf34e98865873e9e
httplib2 CVE-2020-11078 medium - 0.10.3 -
httplib2 GHSA-gg84-qgv9-w4pq MODERATE CRLF injection in httplib2 0.10.3 0.18.0
⚠️ Dependencies that have Reached EOL (1)
Dependency Unsafe Version EOL Date New Version Path
httplib2 0.10.3 - 0.31.2 stardog/pyproject.toml

Review Checklist

Standard review:

  • Review changes for compatibility with your code
  • Check for breaking changes in release notes
  • Run tests locally or wait for CI
  • Approve and merge this PR

Update Mode: all_vulns

🤖 Generated by DataDog Automated Dependency Management System

@datadog-official

datadog-official Bot commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

Pipelines

Fix all issues with BitsAI

⚠️ Warnings

🚦 2 Pipeline jobs failed

PR | test / test-minimum-base-package (linux, ubuntu-22.04, stardog, Stardog (py3.13), py3.13) / minimum-base-package-Stardog (py3.13)-py3.13   View in Datadog   GitHub Actions

PR | test / check   View in Datadog   GitHub Actions

Useful? React with 👍 / 👎

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: aac3a31 | Docs | Datadog PR Page | Give us feedback!

@dd-octo-sts-6cbbf8 dd-octo-sts-6cbbf8 Bot force-pushed the engraver-auto-version-upgrade/unstable/pep621/stardog/4-1781533340 branch from 20a542a to fa85c25 Compare June 24, 2026 13:06
@gh-worker-campaigns-3e9aa4

gh-worker-campaigns-3e9aa4 Bot commented Jun 24, 2026

Copy link
Copy Markdown
Author

Auto-rebase complete

Branch is up to date with master — rebased onto 9e7e3dc.


Auto-Rebase · Add no-auto-rebase to opt out

Co-authored-by: dd-octo-sts-6cbbf8[bot] <256648585+dd-octo-sts-6cbbf8[bot]@users.noreply.github.com>
@dd-octo-sts-6354d5 dd-octo-sts-6354d5 Bot force-pushed the engraver-auto-version-upgrade/unstable/pep621/stardog/4-1781533340 branch from fa85c25 to aac3a31 Compare June 29, 2026 14:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants