Skip to content

Resolving pagination bug and dependabot securities
Compare
Choose a tag to compare
@s7clarke10 s7clarke10 released this 04 Aug 21:10
· 17 commits to main since this release
1.3.2
b73fe3e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release resolves a bug affecting offset pagination. It also addresses one recent Dependabot security vulnerabilities, and a partial fix for the other.

Bug Fix:

  • Removing the defaulting of pagination_page_size to 0. This is an optional parameter.

Security Fixes:

  • pyca/cryptography's wheels include vulnerable OpenSSL
  • ReDoS in py library when used with subversion

The second security issue has been resolved by a pytest version upgrade, however it also needs an upgrade of tox to be fully resolved. Currently a Meltano SDK dependency prevents the tox being bumped to a higher version. When the SDK is updated, a bump of tox will fully resolve the - ReDoS in py library when used with subversion issue.

Assets 2
Loading