Bump pywin32 version in setup.py, update in requirements.txt #2943
Conversation
Signed-off-by: John Doe <john@doe.null>
setup.py Outdated
| extras_require = { | ||
| # win32 APIs if on Windows (required for npipe support) | ||
| ':sys_platform == "win32"': 'pywin32==227', | ||
| ':sys_platform == "win32"': 'pywin32>=227', |
There was a problem hiding this comment.
| ':sys_platform == "win32"': 'pywin32>=227', | |
| ':sys_platform == "win32"': 'pywin32>=301', |
maybe? to avoid GHSA-hwfp-hg2m-9vr2
There was a problem hiding this comment.
Sure. I just updated that.
Signed-off-by: John Doe <john@doe.null>
| Could this please be merged? 🙏🏻 |
| Awesome! Impatiently waiting for the merge 😄 |
| Related PRs (potential duplicates/overlaps): |
| @StefanScherer would it be possible for you to review this or a related MR? This dependency issue is a potential security vulnerability for some, and a false positive for others. We could really use a Docker 5.0.2 release with these changes. |
| @ulyssessouza @aiordache @StefanScherer could you please review this PR? 🙏 This dependency issue is causing a lot of trouble for Windows users. It's a potential security vulnerability, but also prevents installing |
| @ulyssessouza @aiordache @StefanScherer any news here? |
| Unfortunately, it sounds like Docker won't be addressing this and we may be forced to fork. |
| I understand docker has different priorities, but this is completely blocking the use of docker-py on Windows with Python 3.10, which FWIW, LocalStack is relying on. |
| Hi! Thanks so much for your PR and apologies for the delay in review. A fix for this has been merged and we're planning to issue a new release containing it soon. For context, changes similar to yours were done in #3004 to address some CI changes in the repo, which blocked merging of your PR as-is, and given the delay on this, we wanted to be respectful of our contributor's time and not require you to rebase + re-review. |
| Thank you! |
| thank you @milas!! 🙏 |
9 participants
Fixes: #2902