Skip to content

chore(deps): update dependency pymysql to v1.1.1#11971

Merged
enocom merged 1 commit intoGoogleCloudPlatform:mainfrom
renovate-bot:renovate/pymysql-1.x
Jul 1, 2024
Merged

chore(deps): update dependency pymysql to v1.1.1#11971
enocom merged 1 commit intoGoogleCloudPlatform:mainfrom
renovate-bot:renovate/pymysql-1.x

Conversation

@renovate-bot
Copy link
Copy Markdown
Contributor

@renovate-bot renovate-bot commented Jul 1, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
PyMySQL ==1.1.0 -> ==1.1.1 age adoption passing confidence

Release Notes

PyMySQL/PyMySQL (PyMySQL)

v1.1.1

Compare Source

Release date: 2024-05-21

[!WARNING]
This release fixes a vulnerability (CVE-2024-36039).
All users are recommended to update to this version.

If you can not update soon, check the input value from
untrusted source has an expected type. Only dict input
from untrusted source can be an attack vector.

  • Prohibit dict parameter for Cursor.execute(). It didn't produce valid SQL
    and might cause SQL injection. (CVE-2024-36039)
  • Added ssl_key_password param. #​1145

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate-bot renovate-bot requested review from a team as code owners July 1, 2024 12:58
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Jul 1, 2024
@product-auto-label product-auto-label bot added samples Issues that are directly related to samples. api: cloudsql labels Jul 1, 2024
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 1, 2024
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 1, 2024
@enocom enocom merged commit fe42c69 into GoogleCloudPlatform:main Jul 1, 2024
@renovate-bot renovate-bot deleted the renovate/pymysql-1.x branch July 1, 2024 20:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@enocom enocom enocom approved these changes

+1 more reviewer

@yoshi-approver yoshi-approver yoshi-approver approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@henry54809 henry54809

Labels

api: cloudsql samples Issues that are directly related to samples.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@renovate-bot @enocom @yoshi-approver @henry54809 @kokoro-team