Skip to content
This repository has been archived by the owner on Dec 3, 2024. It is now read-only.

[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1 #256

Open
wants to merge 542 commits into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1 #256

wants to merge 542 commits into from

Conversation

sscottgvit
Copy link
Contributor

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

  • requirements.txt
⚠️ Warning ``` flake8 5.0.4 has requirement importlib-metadata<4.3,>=1.1.0; python_version < "3.8", but you have importlib-metadata 6.7.0. 
</details>





---

> [!IMPORTANT]
>
> - Check the changes in this PR to ensure they won't cause issues with your project.
> - Max score is 1000. Note that the real score may have changed since the PR was raised.
> - This PR was automatically created by Snyk using the credentials of a real user.
> - Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI1MTM3MDQxZi02MTE5LTQ4Y2QtYmFhMi02ODcyMmJjNDA3ZTQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjUxMzcwNDFmLTYxMTktNDhjZC1iYWEyLTY4NzIyYmM0MDdlNCJ9fQ==" width="0" height="0"/>
🧐 [View latest project report](https://app.snyk.io/org/sscottgvit/project/94852d80-10a9-4668-95ef-cf5e448a13f8?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr)
📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates)
🛠 [Adjust project settings](https://app.snyk.io/org/sscottgvit/project/94852d80-10a9-4668-95ef-cf5e448a13f8?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr/settings)
📚 [Read about Snyk's upgrade logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)

---

**Learn how to fix vulnerabilities with free interactive lessons:**

🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc&#x3D;fix-pr)

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"zipp","from":"3.15.0","to":"3.19.1"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"}],"prId":"5137041f-6119-48cd-baa2-68722bc407e4","prPublicId":"5137041f-6119-48cd-baa2-68722bc407e4","packageManager":"pip","priorityScoreList":[738],"projectPublicId":"94852d80-10a9-4668-95ef-cf5e448a13f8","projectUrl":"https://app.snyk.io/org/sscottgvit/project/94852d80-10a9-4668-95ef-cf5e448a13f8?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["updated-fix-title","pr-warning-shown","priorityScore"],"type":"auto","upgrade":[],"vulns":["SNYK-PYTHON-ZIPP-7430899"],"patch":[],"isBreakingChange":false,"remediationStrategy":"vuln"}'

sscottgvit and others added 30 commits June 13, 2019 02:11
@sscottgvit
Revise travis rules to push master to latest and development to devel…
4dce5eb 
…opment
@web-flow
Fixing potential AttributeError
e8dc50c
@web-flow
Added back all Hydra functions
ceaed76
@web-flow
Added dialogue for Hydra usage
12fa653
@web-flow
Added theharvester
bbd6e5a
@web-flow
Added theharvester
d8affa0
@web-flow
Enabled host multi selection
c4b21be
@web-flow
Addressing cognitive complexity
bc184e9
@web-flow
Attribute error in findFinishedServiceTab function
7e33c3d
@web-flow
Fixed typo
b087f79
@web-flow
Update README.md
dd01a37
@sscottgvit
Regression fixed
5607b06
@sscottgvit
Msgbox fix
3cf33bf
@sscottgvit
Msgbox fix
7b2e78a
@sscottgvit
Cleanup trash
55e0e2f
@web-flow
Update README.md
561b37a 
Changed links to govanguard.com, added Keybase team link.
@ddubson
Update README typos and line wrapping
a63eb06
@ddubson
Fix complex predicate bug
0404068 
- Addresses github issue #18
@web-flow
Updating govanguard.io links to govanguard.com
c37a287
@web-flow
Merge pull request #118 from ddubson/bug/complex-logic-bug-#18
cd576b6 
Fix complex predicate bug
@web-flow
Merge pull request #117 from ddubson/fix-typos
91a7877 
Update README typos and line wrapping
@web-flow
Merge branch 'master' into development
859a3af
@web-flow
Merge pull request #119 from GoVanguard/development
e7fe8cd 
Merge latest dev into master
@ddubson
Fix complexity bug in eventfilter
a219ccc 
- Ran ui/eventfilter.py through CodeClimate CLI and is no longer showing any cognitive complexity issues in the logic
@ddubson
Fix unbalanced tickmark issue in legion.conf
e03aaf4 
- The file was not loaded correctly by Legion on startup due to an error with a trailing single quote
@ddubson
Reduce cognitive complexity on logic.py
9618449 
- GitHub issue #19
- Introduce concept of Shell - which should abstract all operations pertaining to lower level OS calls, e.g. creating/removing directories, etc.
- This commit does not close issue #19 but is part of a series of commits to spend down the technical debt surrounding `logic.py` file
@ddubson
Refactoring logic.py into smaller components
46bbdec 
- This commit is the 2nd iteration on reducing complexity of `logic.py`
- Introduces the concept of a repository. A repository is an abstraction on a data store. In the case of Legion, the underlying data store is based on SQLite, and so the repository implementations should contain all SQL code within the app.
- There is a repository for each concept within the app, such as a Process, a Service, a Host, a Port, etc. (e.g. ProcessRepository, HostRepository, etc.)
- This commit does not complete the full refactoring of all SQL related code to a repository. Further commits will be added to complete the work.
- All new code added was driven by an underlying unit test. In order to gain confidence in proper refactoring of existing logic, a backporting of unit tests was needed.
@web-flow
Merge pull request #121 from ddubson/bug/complex-logic-bug-#18
75d233b 
Fix complexity bug in eventfilter
@web-flow
Merge pull request #122 from ddubson/fix-conf-file-issue
497d775 
Fix unbalanced tickmark issue in legion.conf
@web-flow
Merge pull request #123 from ddubson/complex-logic-issue-19
77d7d99 
Reduce cognitive complexity on logic.py
sscottgvit and others added 27 commits July 7, 2022 08:14
@sscottgvit
Merge pull request #226 from Tdeforge/master
96595d0 
Update README.md
@sscottgvit
Merge pull request #224 from t3chn0t3s/cutycapt-ignore-cert-errors
c6d8681 
Added Cutycapt --insecure flag to ignore SSL/TLS certificate errors
@dennis-carlson-sudo
Ensure progress is cast to an int
2036043
@sscottgvit
Merge pull request #229 from dcarlsongvit/resolve-update-progress-cra…
c4a940d 
…sh-1

Fix updateProgress to always use an integer
@Tdeforge
Update medium_scope_custom_ports.conf
66e983b
@sscottgvit
Update README.md
d59a291
@sscottgvit
Update README.md
cea6969
@sscottgvit
Update README.md
62627a0
@sscottgvit
Update to release 0.3.8
9d665ba
@sscottgvit
:Merge branch 'master' of github.com:GoVanguard/legion
d8bbb68
@sscottgvit
Update to release 0.3.8
1e9add6
@sscottgvit
Update to release 0.3.9
cd190fb
@seunghaekim-duse
fix bad interpreter: /bin/bash^M: no such file or directory
cceb9fc
@sscottgvit
Merge pull request #232 from seunghaekim-duse/master
af199bf 
fix bad interpreter: /bin/bash^M: no such file or directory
@christiancscott
Update README.md
4d40498 
Removed old dead links.
@sscottgvit
Updated to PyQt6, more to come
0f202e2
@sscottgvit
Tons of updates
dde87f0
@sscottgvit
Update debian build bits
2439acb
@sscottgvit
Update README.md
f88c6dc
@sscottgvit
Update README.md
cc87e77
@sscottgvit
Minor fixes for last update
a60070d
@sscottgvit
Merge branch 'master' of github.com:GoVanguard/legion
7167d39
@sscottgvit
Spelling
e27480c
@sscottgvit
Updates, cleanup, fixes
df4f0d7
@sscottgvit
Updates to nmap importer, add script to build huge bogus nmap XML to …
83a253f 
…test with
@sscottgvit
Updates
15b6bd2
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
467ed60 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
@sscottgvit sscottgvit force-pushed the master branch 3 times, most recently from 35e18d0 to ea40ce5 Compare November 4, 2024 18:10
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.