fix(ci): update audited dependencies#270
Conversation
Qodo reviews are paused for this user.Troubleshooting steps vary by plan Learn more → On a Teams plan? Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center? |
|
Important Review skippedReview was skipped due to path filters ⛔ Files ignored due to path filters (1)
CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
What
Update the locked Click and Pillow versions used by development and CI.
Why
The dependency audit reported
PYSEC-2026-2132for Click 8.3.1 and eightPYSEC-2026-*advisories for Pillow 12.2.0.How
Regenerate only the affected entries with:
This updates Click to 8.4.2 and Pillow to 12.3.0 without changing project dependency
constraints or any other locked package.
Test plan
pip-audit: no known vulnerabilities found, one existing Pygments advisory ignoredpixi run check: 3104 passed, 6 skipped, 93.25% coverage