Skip to content

deps: bump soupsieve to 2.8.4 for CVE-2026-49476/49477#1177

Merged
FabioLeitao merged 1 commit into
mainfrom
chore/bump-soupsieve-cve
Jul 10, 2026
Merged

deps: bump soupsieve to 2.8.4 for CVE-2026-49476/49477#1177
FabioLeitao merged 1 commit into
mainfrom
chore/bump-soupsieve-cve

Conversation

@FabioLeitao

Copy link
Copy Markdown
Collaborator

Summary

  • bump soupsieve from 2.8.3 to 2.8.4 in uv.lock
  • regenerate requirements.txt with canonical command uv export --frozen --no-emit-project -o requirements.txt
  • keep the change surgical: only soupsieve moved in lock + requirements

Security context

Validation

  • ./scripts/lint-only.sh passed
  • uvx pip-audit -r requirements.txt reports: No known vulnerabilities found

Made with Cursor

@FabioLeitao FabioLeitao merged commit 7caac16 into main Jul 10, 2026
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant