Skip to content

build: bump poetry.lock dependencies and pre-commit hooks#656

Merged
maxrake merged 1 commit into
mainfrom
workflow-auto-updates
Jun 18, 2026
Merged

build: bump poetry.lock dependencies and pre-commit hooks#656
maxrake merged 1 commit into
mainfrom
workflow-auto-updates

Conversation

@phylum-bot

@phylum-bot phylum-bot commented Jun 1, 2026

Copy link
Copy Markdown
Collaborator

Bump dependencies in poetry.lock and hooks in .pre-commit-config.yaml.

@phylum-bot phylum-bot requested a review from a team as a code owner June 1, 2026 05:16
@phylum-bot phylum-bot requested a review from cd-work June 1, 2026 05:16
@github-actions

github-actions Bot commented Jun 1, 2026

Copy link
Copy Markdown

Phylum OSS Supply Chain Risk Analysis - INCOMPLETE WITH FAILURE

The analysis contains 2 package(s) Phylum has not yet processed,
preventing a complete risk analysis. Phylum is processing these
packages currently and should complete soon.
Please wait for up to 30 minutes, then re-run the analysis.

This repository analyzes the risk of new dependencies. An
administrator of this repository has set requirements via Phylum policy.

If you see this comment, one or more dependencies have failed Phylum's risk analysis.

Package: coverage@7.14.1 failed.

coverage@7.14.1 is decoding Base64 strings

Risk Domain: Malicious Code
Risk Level: low

Reason: Obfuscated code

View this project in the Phylum UI

@github-actions

github-actions Bot commented Jun 1, 2026

Copy link
Copy Markdown

Phylum OSS Supply Chain Risk Analysis - INCOMPLETE

The analysis contains 2 package(s) Phylum has not yet processed,
preventing a complete risk analysis. Phylum is processing these
packages currently and should complete soon.
Please wait for up to 30 minutes, then re-run the analysis.

View this project in the Phylum UI

maxrake
maxrake previously approved these changes Jun 1, 2026
View reviewed changes

@maxrake maxrake left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

There are still some packages waiting to be processed by Phylum. Will wait to merge until successful Phylum analysis.

@maxrake maxrake removed the request for review from cd-work June 1, 2026 20:20
@github-actions github-actions Bot force-pushed the workflow-auto-updates branch from a740012 to fa7ad6d Compare June 8, 2026 05:10
@github-actions github-actions Bot force-pushed the workflow-auto-updates branch from fa7ad6d to d331900 Compare June 15, 2026 05:23
maxrake
maxrake approved these changes Jun 18, 2026
View reviewed changes

@maxrake maxrake left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There was a new major release of cryptography but it's breaking changes do not affect the use of the library in this repo. The updates LGTM.

@maxrake maxrake merged commit d7bff75 into main Jun 18, 2026
18 of 23 checks passed
@maxrake maxrake deleted the workflow-auto-updates branch June 18, 2026 16:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maxrake maxrake maxrake approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@phylum-bot @maxrake