Skip to content

⬆️ Update dependency pip to v26 [SECURITY]#754

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/pypi-pip-vulnerability
Open

⬆️ Update dependency pip to v26 [SECURITY]#754
renovate[bot] wants to merge 1 commit intomainfrom
renovate/pypi-pip-vulnerability

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 3, 2026
edited by felinae98
Loading

This PR contains the following updates:

Package Change Age Confidence
pip (changelog) 24.3.126.0 age confidence

GitHub Vulnerability Alerts

CVE-2026-1703

When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations.

Release Notes

pypa/pip (pip)

v26.0

Compare Source

v25.3

Compare Source

v25.2

Compare Source

v25.1.1

Compare Source

v25.1

Compare Source

v25.0.1

Compare Source

v25.0

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

This change is Reviewable

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Feb 3, 2026
@netlify
Copy link

netlify bot commented Feb 3, 2026
edited
Loading

Deploy Preview for nonebot-bison ready!

Name Link
🔨 Latest commit c48dc34
🔍 Latest deploy log https://app.netlify.com/projects/nonebot-bison/deploys/698dde24a7a36c0008d6cf33
😎 Deploy Preview https://deploy-preview-754--nonebot-bison.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@codecov
Copy link

codecov bot commented Feb 3, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.09%. Comparing base (83022c0) to head (c48dc34).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #754   +/-   ##
=======================================
  Coverage   85.09%   85.09%           
=======================================
  Files          99       99           
  Lines        5634     5634           
=======================================
  Hits         4794     4794           
  Misses        840      840
Flag Coverage Δ
smoke-test 85.09% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate renovate bot force-pushed the renovate/pypi-pip-vulnerability branch from adfa4d3 to c48dc34 Compare February 12, 2026 14:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants