Skip to content

chore: bump werkzeug 3.1.5 to 3.1.6 (security fix)#17

Merged
spydisec merged 1 commit intomainfrom
chore/bump-werkzeug
Mar 7, 2026
Merged

chore: bump werkzeug 3.1.5 to 3.1.6 (security fix)#17
spydisec merged 1 commit intomainfrom
chore/bump-werkzeug

Conversation

@spydisec
Copy link
Owner

@spydisec spydisec commented Mar 7, 2026

Bumps werkzeug from 3.1.5 to 3.1.6 (security fix). Regenerated requirements.txt with pip-compile --generate-hashes --upgrade-package werkzeug.

Supersedes Dependabot PR #15.

@spydisec
chore: bump werkzeug 3.1.5 to 3.1.6 (security fix)
409fab5 
Regenerated requirements.txt with proper hash verification.
Fixes GHSA-29vq-49wr-vm6x: safe_join on Windows device name bypass.
Supersedes Dependabot PR #15.
@github-actions
Copy link
Contributor

github-actions bot commented Mar 7, 2026

⚠️ Conventional Commits Check Failed

Please ensure your commit messages follow the Conventional Commits format:

<type>: <description>

[optional body]
[optional footer]

Allowed types:

  • feat: - New feature
  • fix: - Bug fix
  • docs: - Documentation changes
  • chore: - Maintenance tasks
  • style: - Code style changes (formatting)
  • refactor: - Code refactoring
  • perf: - Performance improvements
  • test: - Test changes
  • build: - Build system changes
  • ci: - CI/CD changes
  • revert: - Revert previous commit

Examples:

  • feat: Add support for Westpac bank statements
  • fix: Correct MEMO field truncation issue
  • docs: Update README with installation steps
  • chore: Update dependencies

@spydisec spydisec merged commit 688328b into main Mar 7, 2026
1 check failed
@spydisec spydisec mentioned this pull request Mar 7, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@spydisec