py3-werkzeug/3.0.4 package update by octo-sts[bot] · Pull Request #26839 · wolfi-dev/os

octo-sts · 2024-08-21T19:49:19Z

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

github-actions · 2024-08-21T19:53:18Z

Package py3-werkzeug: Click to expand/collapse

Package py3-werkzeug:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.6-18-gf2fd84a
+ 	# Generated by melange
  	pkgname = py3-werkzeug
- 	pkgver = 3.0.3-r0
+ 	pkgver = 3.0.4-r0
  	arch = x86_64
- 	size = 868114
+ 	size = 869938
  	origin = py3-werkzeug
  	pkgdesc = The comprehensive WSGI web application library.
  	url = 
- 	commit = e6eb9e7950846cb02d2dd8bf4d18bc97f34c147a
- 	builddate = 1714969651
+ 	commit = 6324c725770909f1c5e6b3cfbc158c1449935acc
  	license = BSD-3-Clause
  	depend = py3-markupsafe
  	depend = python-3
- 	datahash = 6d2079e23357427586b98f4c4ed927923003e36411b657838581861a39c56787
+ 	datahash = 57579e457bf35d4cf684425068d47eaa93d33ad52fe61926d5cc48b088b191fe
  	"""
  )

Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/LICENSE.txt
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/WHEEL
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/init.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/shared/debugger.js
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/tbtools.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/formparser.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/http.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/routing/rules.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/serving.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/wrappers/request.py
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/LICENSE.txt
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/METADATA
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/RECORD
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/WHEEL

bincapz found differences: Click to expand/collapse

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/23269a7f816365aee4382e0901c9

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d3bf620eba76c53c86cfa367aedc

octo-sts · 2024-08-21T20:01:29Z

Open AI suggestions to solve the build error:

The error message is: "fatal: detected dubious ownership in repository at '/github/home'\nTo add an exception for this directory, call:\n\ngit config --global --add safe.directory /github/home"

To fix this error:
1. Open your terminal.
2. Run the command: `git config --global --add safe.directory /github/home`
3. Verify the configuration by running: `git config --global --get-all safe.directory`

github-actions · 2024-08-22T11:25:12Z

Package py3-werkzeug: Click to expand/collapse

Package py3-werkzeug:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.6-18-gf2fd84a
+ 	# Generated by melange
  	pkgname = py3-werkzeug
- 	pkgver = 3.0.3-r0
+ 	pkgver = 3.0.4-r0
  	arch = x86_64
- 	size = 868114
+ 	size = 869938
  	origin = py3-werkzeug
  	pkgdesc = The comprehensive WSGI web application library.
  	url = 
- 	commit = e6eb9e7950846cb02d2dd8bf4d18bc97f34c147a
- 	builddate = 1714969651
+ 	commit = 6324c725770909f1c5e6b3cfbc158c1449935acc
  	license = BSD-3-Clause
  	depend = py3-markupsafe
  	depend = python-3
- 	datahash = 6d2079e23357427586b98f4c4ed927923003e36411b657838581861a39c56787
+ 	datahash = 57579e457bf35d4cf684425068d47eaa93d33ad52fe61926d5cc48b088b191fe
  	"""
  )

Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/LICENSE.txt
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/WHEEL
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/init.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/shared/debugger.js
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/tbtools.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/formparser.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/http.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/routing/rules.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/serving.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/wrappers/request.py
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/LICENSE.txt
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/METADATA
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/RECORD
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/WHEEL

bincapz found differences: Click to expand/collapse

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/23269a7f816365aee4382e0901c9

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d3bf620eba76c53c86cfa367aedc

octo-sts · 2024-08-22T11:26:54Z

Open AI suggestions to solve the build error:

The error message is: "fatal: detected dubious ownership in repository at '/github/home'\nTo add an exception for this directory, call:\n\ngit config --global --add safe.directory /github/home"

To fix this error, follow these steps:
1. Open your terminal.
2. Run: `git config --global --add safe.directory /github/home`
3. Verify by running: `git config --global --get-all safe.directory`

github-actions · 2024-08-22T11:42:57Z

Package py3-werkzeug: Click to expand/collapse

Package py3-werkzeug:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.6-18-gf2fd84a
+ 	# Generated by melange
  	pkgname = py3-werkzeug
- 	pkgver = 3.0.3-r0
+ 	pkgver = 3.0.4-r0
  	arch = x86_64
- 	size = 868114
+ 	size = 869938
  	origin = py3-werkzeug
  	pkgdesc = The comprehensive WSGI web application library.
  	url = 
- 	commit = e6eb9e7950846cb02d2dd8bf4d18bc97f34c147a
- 	builddate = 1714969651
+ 	commit = 6324c725770909f1c5e6b3cfbc158c1449935acc
  	license = BSD-3-Clause
  	depend = py3-markupsafe
  	depend = python-3
- 	datahash = 6d2079e23357427586b98f4c4ed927923003e36411b657838581861a39c56787
+ 	datahash = 57579e457bf35d4cf684425068d47eaa93d33ad52fe61926d5cc48b088b191fe
  	"""
  )

Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/LICENSE.txt
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/WHEEL
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/init.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/shared/debugger.js
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/tbtools.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/formparser.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/http.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/routing/rules.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/serving.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/wrappers/request.py
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/LICENSE.txt
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/METADATA
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/RECORD
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/WHEEL

bincapz found differences: Click to expand/collapse

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/23269a7f816365aee4382e0901c9

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d3bf620eba76c53c86cfa367aedc

octo-sts · 2024-08-22T11:44:48Z

Open AI suggestions to solve the build error:

The error message is: "fatal: detected dubious ownership in repository at '/github/home'
To add an exception for this directory, call:

git config --global --add safe.directory /github/home"

To fix this error, follow these steps:
1. Open your terminal.
2. Run: `git config --global --add safe.directory /github/home`
3. Verify with: `git config --global --get-all safe.directory`

philroche · 2024-08-22T22:06:03Z

Changes summay:
Total files changed: 21

Total changes: 353
Total additions: 206
Total deletions: 147

Total commits: 22

release version 3.0.3 ([Wolfi Package Request]: LibreOffice #2896)

David Lord (davidism@gmail.com) @ 2024-05-05T23:11:05Z
test with python 3.13

David Lord (davidism@gmail.com) @ 2024-05-11T17:02:40Z
test with python 3.13 (Bump k8s deps in the aws-* packages to remove GHSAs. #2900)

David Lord (davidism@gmail.com) @ 2024-05-11T17:15:11Z
split tox update envs

David Lord (davidism@gmail.com) @ 2024-05-18T15:28:43Z
update dev dependencies

David Lord (davidism@gmail.com) @ 2024-05-18T15:43:13Z
Test with cffi 1.17.0rc1 (llvm-libunwind/16.0.6 package update #2910)

Edgar Ramírez Mondragón (16805946+edgarrmondragon@users.noreply.github.com) @ 2024-05-24T21:41:43Z
Improve types for AST handling (vim/9.0.1640 package update #2905)

Jelle Zijlstra (jelle.zijlstra@gmail.com) @ 2024-08-20T16:14:13Z
pass args through tox to pip-compile

David Lord (davidism@gmail.com) @ 2024-08-20T16:20:50Z
update mypy

David Lord (davidism@gmail.com) @ 2024-08-20T16:21:14Z
update mypy (newrelic-fluent-bit-output/1.17.2 package update #2936)

David Lord (davidism@gmail.com) @ 2024-08-20T16:24:39Z
start version 3.0.4

David Lord (davidism@gmail.com) @ 2024-08-20T16:26:10Z
restore invalid bytes behavior for form parser

David Lord (davidism@gmail.com) @ 2024-08-20T17:58:30Z
restore invalid bytes behavior for form parser (remove meson dependency on strip #2938)

David Lord (davidism@gmail.com) @ 2024-08-20T18:03:30Z
improve parse_options_header performance

David Lord (davidism@gmail.com) @ 2024-08-21T04:30:45Z
improve parse_options_header performance (tigera-operator/1.30.4 package update #2939)

David Lord (davidism@gmail.com) @ 2024-08-21T04:41:57Z
synchronize failed pin entry

David Lord (davidism@gmail.com) @ 2024-08-21T14:16:19Z
synchronize failed pin entry (hugo/0.114.0 package update #2940)

David Lord (davidism@gmail.com) @ 2024-08-21T14:29:24Z
treat SSLEOFError as dropped connection

David Lord (davidism@gmail.com) @ 2024-08-21T16:02:30Z
treat SSLEOFError as dropped connection (hugo-extended/0.114.0 package update #2941)

David Lord (davidism@gmail.com) @ 2024-08-21T16:59:03Z
debugger works on urls with query string

David Lord (davidism@gmail.com) @ 2024-08-21T19:23:52Z
debugger works on urls with query string (aws-efs-csi-driver/1.5.7 package update #2942)

David Lord (davidism@gmail.com) @ 2024-08-21T19:30:22Z
release version 3.0.4

David Lord (davidism@gmail.com) @ 2024-08-21T19:35:55Z

GitHub compare URL: pallets/werkzeug@f9995e9...b933ccb

philroche

This is a patch version bump with mainly dependency version bumps included.

All checks pass apart from CVE check but these CVE check failures will be picked up with automated CVE remediation.

py3-werkzeug/3.0.4 package update

e25d280

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

octo-sts bot added request-version-update request for a newer version of a package automated pr labels Aug 21, 2024

ajayk enabled auto-merge (squash) August 22, 2024 20:37

philroche self-assigned this Aug 22, 2024

philroche approved these changes Aug 22, 2024

View reviewed changes

ajayk merged commit eec2088 into main Aug 22, 2024

ajayk deleted the wolfictl-f6edd872-58d4-4133-8971-394f92f76b41 branch August 22, 2024 22:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

py3-werkzeug/3.0.4 package update#26839

py3-werkzeug/3.0.4 package update#26839
ajayk merged 1 commit intomainfrom
wolfictl-f6edd872-58d4-4133-8971-394f92f76b41

octo-sts bot commented Aug 21, 2024

Uh oh!

github-actions bot commented Aug 21, 2024

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

Uh oh!

octo-sts bot commented Aug 21, 2024

Uh oh!

github-actions bot commented Aug 22, 2024

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

Uh oh!

octo-sts bot commented Aug 22, 2024

Uh oh!

github-actions bot commented Aug 22, 2024

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

Uh oh!

octo-sts bot commented Aug 22, 2024

Uh oh!

philroche commented Aug 22, 2024

Uh oh!

philroche left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

octo-sts bot commented Aug 21, 2024

Uh oh!

github-actions bot commented Aug 21, 2024

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

Uh oh!

octo-sts bot commented Aug 21, 2024

Uh oh!

github-actions bot commented Aug 22, 2024

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

Uh oh!

octo-sts bot commented Aug 22, 2024

Uh oh!

github-actions bot commented Aug 22, 2024

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

Uh oh!

octo-sts bot commented Aug 22, 2024

Uh oh!

philroche commented Aug 22, 2024

Uh oh!

philroche left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants