chore(deps): update dependency requests to v2.31.0 [security] #1055
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
added
📝 dependencies 📦
ollibowers
added a commit
that referenced
this pull request
Mar 29, 2024
* chore(deps): update dependency eslint to v8.36.0 (#957) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency @testing-library/dom to v8.20.0 (#961) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: olli <[email protected]> * chore(deps): update `renovate` config Group minor, patches together. * chore(deps): update mikefarah/yq action to v4.32.2 (#978) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): lock file maintenance (#945) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update weekly patch updates (#944) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): group `mypy` * feat(frontend): cache course descriptions (#1004) * cache `GET /courses/*` requests * put types in `src/types` * rename the cache ref variables * chore(deps): update mypy to v1 (major) (#1029) * chore(deps): update mypy to v1 * update tuple[int, int] -> tuple[int, optional[int]] for mypy --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: imagine-hussain <[email protected]> * chore(deps): update dependency @testing-library/dom to v9 (#1020) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency @testing-library/react to v14 (#1021) * chore(deps): update dependency @testing-library/react to v14 * chore(fe-test): use act, fix degree search test --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Leonardo Fan <[email protected]> * chore(deps): update dependency eslint-plugin-simple-import-sort to v10 (#1022) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency jsdom to v21 (#1023) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency typescript to v5 (#1028) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency @ant-design/colors to v7 (#1030) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency @ant-design/icons to v5 (#1031) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency framer-motion to v10 (#1040) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat: CF-400: dark mode improvements (#1003) * feat: dark mode functionality added for editMarkModal's input and button elements * feat: dark mode improvement for editMarkModal's cancel button * feat: dark mode improvements for OptionHeader icons underneath the 'Term Planner' tab * feat: dark mode added for the select menu in the settingsMenu tooltip under the TermPlanner tab * feat: dark mode added to SettingMenu's DatePicker element * feat: dark mode for export button done + editModalMark bug fixed * fix: making sure the css for the select element in settingsMenu does not affect other select elements * feat: dark mode improvement for popconfirm for unplan wanring, import tooltip, also moved the button for import and export tooltip to common styles * feat: dark mode scrollbar added * feat: dark mode scrollbar on courseSelector menu had ugly white padding, fixed it to be #333 color instead * fix: href in courseSelector not very readable in dark mode, made the text a bit brighter and made a styled component for it * feat: dark mode added for search bar * feat: dark mode added for remove planner button * fix: forgot to add the new styles.ts file * feat: progressBar's text color and trailing color fixed * feat: dividing line in courseDescription changed from white to a dark grey * feat: bug icon turned into dark mode * feat: dark mode added for quick add and remove buttons in course menu * feat: courseProgression progress bar trailing color changed to dark grey * feat: progress on dark mode for graph, need to save this commit before I merge in the latest changes since the graph was changed * feat: dark mode for graph complete (nodes, arrows, hover states) + label now changes on hover (non-dark mode feature) * feat: buttons on graphical selector are dark mode * feat: saving progress on converting courseDescription panel to dark mode * feat: dark mode added to the sidebar * feat: sidebardrawer color changed, box shadow added to tabs so it looks more visible in dark mode * feat: new images added in help menu in course selector, dark mode versions added too * feat: TermPlanner's help menu tooltips now have dark mode pics and gifs --------- Co-authored-by: Daysure <[email protected]> * feat: CF-423: additional styling on course node hover (#1034) * feat: dark mode functionality added for editMarkModal's input and button elements * feat: dark mode improvement for editMarkModal's cancel button * feat: dark mode improvements for OptionHeader icons underneath the 'Term Planner' tab * feat: dark mode added for the select menu in the settingsMenu tooltip under the TermPlanner tab * feat: dark mode added to SettingMenu's DatePicker element * feat: dark mode for export button done + editModalMark bug fixed * fix: making sure the css for the select element in settingsMenu does not affect other select elements * feat: dark mode improvement for popconfirm for unplan wanring, import tooltip, also moved the button for import and export tooltip to common styles * feat: dark mode scrollbar added * feat: dark mode scrollbar on courseSelector menu had ugly white padding, fixed it to be #333 color instead * fix: href in courseSelector not very readable in dark mode, made the text a bit brighter and made a styled component for it * feat: dark mode added for search bar * feat: dark mode added for remove planner button * fix: forgot to add the new styles.ts file * feat: progressBar's text color and trailing color fixed * feat: dividing line in courseDescription changed from white to a dark grey * feat: bug icon turned into dark mode * feat: dark mode added for quick add and remove buttons in course menu * feat: courseProgression progress bar trailing color changed to dark grey * feat: progress on dark mode for graph, need to save this commit before I merge in the latest changes since the graph was changed * feat: dark mode for graph complete (nodes, arrows, hover states) + label now changes on hover (non-dark mode feature) * feat: buttons on graphical selector are dark mode * feat: saving progress on converting courseDescription panel to dark mode * feat: dark mode added to the sidebar * feat: sidebardrawer color changed, box shadow added to tabs so it looks more visible in dark mode * feat: new images added in help menu in course selector, dark mode versions added too * feat: TermPlanner's help menu tooltips now have dark mode pics and gifs * feat: highlight adjacent nodes and edges on hover * feat: highlight adjacent nodes opacity updated * refactor: graph.ts, changing function names and object names to be more readable: * feat: implemented a function that checks if a course is a prereq based on GraphData without calling the backend * fix: two graphs get rendered if you switch tabs fast enough * feat: created a function to store a hashmap of prereqs for later use for node styling * fix: updated the function that checks for coursePrerequisite Other options are: 1. Rely on GraphData, however it gets laggy when you hover over too many nodes 2. API call - would get slow with multiple requests 3. CourseEdge info gets stored into a hashmap at initialisation, so checking for prereqs is fast afterwards * refactor: graph.ts function and object names made more readable * refactor: rewriting the returns and using spread operator to reduce repetition in graph.ts * feat: highlight prerequisite nodes on hover * refactor: splitting functions up as they were getting too long * fix: if the dark mode button is toggled on and off, it repaints the canvas more than one time * feat: highlighted incoming edge if it's a prerequisite as well * feat: forgot to add pics into the HelpMenu for the new graphical selector hover node feature --------- Co-authored-by: Daysure <[email protected]> Co-authored-by: Leonardo Fan <[email protected]> * chore(deps): update dependency mypy to v1.2.0 (#1049) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): remove react-svg as not used (#1044) * chore(deps): group `vite` * chore(deps): update dependency requests to v2.31.0 [security] (#1055) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Make course menu bar resizeable (#1042) * hotfix: fix the type err in the run script * feat: CF-356: unlocked course nodes added to graphical selector (#1035) Different course node stylings added for the following states: - course node is added to the planner - course node is unlocked (i.e. meets the prereqs for that course) - course node that is locked https://csesoc.atlassian.net/browse/CF-356 --------- Co-authored-by: Daysure <[email protected]> Co-authored-by: Leonardo Fan <[email protected]> * fix(deps): update weekly minor updates (#1050) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): bump tough-cookie from 4.1.2 to 4.1.3 in /frontend (#1065) Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.1.2 to 4.1.3. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.2...v4.1.3) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: CF-421: adding or removing courses now reflect in the graphical selector (#1037) * feat: dark mode functionality added for editMarkModal's input and button elements * feat: dark mode improvement for editMarkModal's cancel button * feat: dark mode improvements for OptionHeader icons underneath the 'Term Planner' tab * feat: dark mode added for the select menu in the settingsMenu tooltip under the TermPlanner tab * feat: dark mode added to SettingMenu's DatePicker element * feat: dark mode for export button done + editModalMark bug fixed * fix: making sure the css for the select element in settingsMenu does not affect other select elements * feat: dark mode improvement for popconfirm for unplan wanring, import tooltip, also moved the button for import and export tooltip to common styles * feat: dark mode scrollbar added * feat: dark mode scrollbar on courseSelector menu had ugly white padding, fixed it to be #333 color instead * fix: href in courseSelector not very readable in dark mode, made the text a bit brighter and made a styled component for it * feat: dark mode added for search bar * feat: dark mode added for remove planner button * fix: forgot to add the new styles.ts file * feat: progressBar's text color and trailing color fixed * feat: dividing line in courseDescription changed from white to a dark grey * feat: bug icon turned into dark mode * feat: dark mode added for quick add and remove buttons in course menu * feat: courseProgression progress bar trailing color changed to dark grey * feat: progress on dark mode for graph, need to save this commit before I merge in the latest changes since the graph was changed * feat: dark mode for graph complete (nodes, arrows, hover states) + label now changes on hover (non-dark mode feature) * feat: buttons on graphical selector are dark mode * feat: saving progress on converting courseDescription panel to dark mode * feat: dark mode added to the sidebar * feat: sidebardrawer color changed, box shadow added to tabs so it looks more visible in dark mode * feat: new images added in help menu in course selector, dark mode versions added too * feat: TermPlanner's help menu tooltips now have dark mode pics and gifs * feat: highlight adjacent nodes and edges on hover * feat: highlight adjacent nodes opacity updated * refactor: graph.ts, changing function names and object names to be more readable: * feat: implemented a function that checks if a course is a prereq based on GraphData without calling the backend * fix: two graphs get rendered if you switch tabs fast enough * feat: created a function to store a hashmap of prereqs for later use for node styling * fix: updated the function that checks for coursePrerequisite Other options are: 1. Rely on GraphData, however it gets laggy when you hover over too many nodes 2. API call - would get slow with multiple requests 3. CourseEdge info gets stored into a hashmap at initialisation, so checking for prereqs is fast afterwards * refactor: graph.ts function and object names made more readable * refactor: rewriting the returns and using spread operator to reduce repetition in graph.ts * feat: highlight prerequisite nodes on hover * refactor: splitting functions up as they were getting too long * fix: if the dark mode button is toggled on and off, it repaints the canvas more than one time * feat: highlighted incoming edge if it's a prerequisite as well * feat: forgot to add pics into the HelpMenu for the new graphical selector hover node feature * feat: unlocked course nodes are now distinct from planned and locked courses feat: HelpMenu pictures were also updated * fix: adding and removing courses in graphical selector, updates the node in the graph without re-render refactor: graph.ts duplicate function removed * fix: endArrow opacity of graph was not changing on hover * fix: instead of using courseSlicer, used axios request to update unlocked nodes after adding to planner --------- Co-authored-by: Daysure <[email protected]> * fix: CF-425: cleaning graph loading screen (#1039) * feat: dark mode functionality added for editMarkModal's input and button elements * feat: dark mode improvement for editMarkModal's cancel button * feat: dark mode improvements for OptionHeader icons underneath the 'Term Planner' tab * feat: dark mode added for the select menu in the settingsMenu tooltip under the TermPlanner tab * feat: dark mode added to SettingMenu's DatePicker element * feat: dark mode for export button done + editModalMark bug fixed * fix: making sure the css for the select element in settingsMenu does not affect other select elements * feat: dark mode improvement for popconfirm for unplan wanring, import tooltip, also moved the button for import and export tooltip to common styles * feat: dark mode scrollbar added * feat: dark mode scrollbar on courseSelector menu had ugly white padding, fixed it to be #333 color instead * fix: href in courseSelector not very readable in dark mode, made the text a bit brighter and made a styled component for it * feat: dark mode added for search bar * feat: dark mode added for remove planner button * fix: forgot to add the new styles.ts file * feat: progressBar's text color and trailing color fixed * feat: dividing line in courseDescription changed from white to a dark grey * feat: bug icon turned into dark mode * feat: dark mode added for quick add and remove buttons in course menu * feat: courseProgression progress bar trailing color changed to dark grey * feat: progress on dark mode for graph, need to save this commit before I merge in the latest changes since the graph was changed * feat: dark mode for graph complete (nodes, arrows, hover states) + label now changes on hover (non-dark mode feature) * feat: buttons on graphical selector are dark mode * feat: saving progress on converting courseDescription panel to dark mode * feat: dark mode added to the sidebar * feat: sidebardrawer color changed, box shadow added to tabs so it looks more visible in dark mode * feat: new images added in help menu in course selector, dark mode versions added too * feat: TermPlanner's help menu tooltips now have dark mode pics and gifs * feat: highlight adjacent nodes and edges on hover * feat: highlight adjacent nodes opacity updated * refactor: graph.ts, changing function names and object names to be more readable: * feat: implemented a function that checks if a course is a prereq based on GraphData without calling the backend * fix: two graphs get rendered if you switch tabs fast enough * feat: created a function to store a hashmap of prereqs for later use for node styling * fix: updated the function that checks for coursePrerequisite Other options are: 1. Rely on GraphData, however it gets laggy when you hover over too many nodes 2. API call - would get slow with multiple requests 3. CourseEdge info gets stored into a hashmap at initialisation, so checking for prereqs is fast afterwards * refactor: graph.ts function and object names made more readable * refactor: rewriting the returns and using spread operator to reduce repetition in graph.ts * feat: highlight prerequisite nodes on hover * refactor: splitting functions up as they were getting too long * fix: if the dark mode button is toggled on and off, it repaints the canvas more than one time * feat: highlighted incoming edge if it's a prerequisite as well * feat: forgot to add pics into the HelpMenu for the new graphical selector hover node feature * feat: unlocked course nodes are now distinct from planned and locked courses feat: HelpMenu pictures were also updated * fix: adding and removing courses in graphical selector, updates the node in the graph without re-render refactor: graph.ts duplicate function removed * fix: endArrow opacity of graph was not changing on hover * fix: instead of using courseSlicer, used axios request to update unlocked nodes after adding to planner * fix: searchbar hidden while graph loads fix: random course node that pops up is hidden now feat: show all courses toggle has a loading screen now too * docs: forgot to update comment which I copy pasted in * fix: no-non-null-assertion warning fixed in graph.ts --------- Co-authored-by: Daysure <[email protected]> * feat(frontend): add option to ignore course in progression checks (#1059) * Add option to ignore course in progression checks * Fix progression check page * Remove eslint-disable * Address PR comments * feat: CTF Challenge for 2023 Projects Fair (#1081) Added CTF challenge for the 2023 Projects Fair. More information on https://levelup-ctf.csesoc.app/ --------- Co-authored-by: Bahnschrift <[email protected]> Co-authored-by: Leonardo Fan <[email protected]> * chore: fix CD manfiest branch * chore: fix CD manfiest pull branch * in the arena trying stuff (#1082) * hotfix(ctf): fixing even terms (#1083) * hotfix(ctf): ensure that even check term starts evens * hotfix(ctf): ensure that even check term starts evens * mypy * minor comment * chore(deps): update dependency python-dotenv to v1 (#1026) * chore(deps): update ci-actions (#1070) * chore(deps): update dependency types-paramiko to v3 (#1027) * chore(deps): update dependency eslint-config-prettier to v9 (#1085) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * data/2024_handbook_migration (#1091) * change LIVE_YEAR to 2024 * add 2023 to archive data * update 2024 programs * update 2024 specialisations - NEED TO FIX any_level * update courses * update conditions to 2024 and manual fixes * finalise data-fix * some autotests fix * rerun datafix with new handbook in DB * fix indirect unlock test * more validation test fixes * CI but shorter ignore times * mypy * skip test_validation * fix get_followups * fix: commented out ctf code (#1096) * feat: Add devsoc logo and replace most csesoc references (#1097) * feat: Add devsoc logo and replace most csesoc references * fix: changed all csesoc styled component names * feat: add UNSW branding --------- Co-authored-by: ollibowers <[email protected]> * fix: moved UNSW to front of label (#1098) * feat: the devsocening (#1100) * chore: update CODEOWNERS for 2024 devsoc (#1102) * chore: update CODEOWNERS for 2024 devsoc * feat: a notification for our ongoing subcommittee recruitment (#1103) * feat: recruitment notification on page load * fix: made the notification only appear every 23 hours * add sponsors to landing page (#1104) * add sponsors to landing page * fix: add more gap between the sponsors --------- Co-authored-by: ollibowers <[email protected]> * feat/contribution notif+branding (#1107) * fix: Update Devsoc branding in footer * feat: open source contribution notification * fix: update branding and features * changed notification icon from smile to megaphone * fix compilation errors * fix small issue * fix: some frontend bugs - no longer refetches on focus loss - primary colour is now brighter - term planner loads when zero courses * small fixes * add tokeignore to stop the lines of code thingo from crashing so much * fix: graph styles not resetting properly * fix: bad effect dependency in CourseMenu causing infinite recalls and added a memo * fix: added key props to tabs and course attributes * fix: tried to get progression checker as best as i could * fix: progression checker button styles * fix: term boxes shrinking and refresh bug on term planner page * fix: brought back the export/import planner menus but commented out --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: olli <[email protected]> Co-authored-by: Jared L <[email protected]> Co-authored-by: Martin <[email protected]> Co-authored-by: imagine-hussain <[email protected]> Co-authored-by: Leonardo Fan <[email protected]> Co-authored-by: Sandeep Das <[email protected]> Co-authored-by: Daysure <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas <[email protected]> Co-authored-by: imagine-hussain <[email protected]> Co-authored-by: Bahnschrift <[email protected]> Co-authored-by: sachk <[email protected]> Co-authored-by: Bob Chen <[email protected]> Co-authored-by: sacha <[email protected]> Co-authored-by: Jeremy Le <[email protected]> Co-authored-by: Peter Derias <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==2.28.2->==2.31.0GitHub Vulnerability Alerts
CVE-2023-32681
Impact
Since Requests v2.3.0, Requests has been vulnerable to potentially leaking
Proxy-Authorizationheaders to destination servers, specifically during redirects to an HTTPS origin. This is a product of howrebuild_proxiesis used to recompute and reattach theProxy-Authorizationheader to requests when redirected. Note this behavior has only been observed to affect proxied requests when credentials are supplied in the URL user information component (e.g.https://username:password@proxy:8080).Current vulnerable behavior(s):
For HTTP connections sent through the proxy, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the
Proxy-Authorizationheader must be sent in the CONNECT request as the proxy has no visibility into further tunneled requests. This results in Requests forwarding the header to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate those credentials.The reason this currently works for HTTPS connections in Requests is the
Proxy-Authorizationheader is also handled by urllib3 with our usage of the ProxyManager in adapters.py withproxy_manager_for. This will compute the required proxy headers inproxy_headersand pass them to the Proxy Manager, avoiding attaching them directly to the Request object. This will be our preferred option going forward for default usage.Patches
Starting in Requests v2.31.0, Requests will no longer attach this header to redirects with an HTTPS destination. This should have no negative impacts on the default behavior of the library as the proxy credentials are already properly being handled by urllib3's ProxyManager.
For users with custom adapters, this may be potentially breaking if you were already working around this behavior. The previous functionality of
rebuild_proxiesdoesn't make sense in any case, so we would encourage any users impacted to migrate any handling of Proxy-Authorization directly into their custom adapter.Workarounds
For users who are not able to update Requests immediately, there is one potential workaround.
You may disable redirects by setting
allow_redirectstoFalseon all calls through Requests top-level APIs. Note that if you're currently relying on redirect behaviors, you will need to capture the 3xx response codes and ensure a new request is made to the redirect destination.Credits
This vulnerability was discovered and disclosed by the following individuals.
Dennis Brinkrolf, Haxolot (https://haxolot.com/)
Tobias Funke, (tobiasfunke93@gmail.com)
Release Notes
psf/requests
v2.31.0Compare Source
Security
Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of
Proxy-Authorizationheaders to destination servers whenfollowing HTTPS redirects.
When proxies are defined with user info (https://user:pass@proxy:8080), Requests
will construct a
Proxy-Authorizationheader that is attached to the request toauthenticate with the proxy.
In cases where Requests receives a redirect response, it previously reattached
the
Proxy-Authorizationheader incorrectly, resulting in the value beingsent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are strongly encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.
Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.
Full details can be read in our Github Security Advisory
and CVE-2023-32681.
v2.30.0Compare Source
Dependencies
This may contain minor breaking changes so we advise careful testing and
reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html
prior to upgrading.
Users who wish to stay on urllib3 1.x can pin to
urllib3<2.v2.29.0Compare Source
Improvements
standardization. (#6226)
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.