Title: Bump ujson from 1.35 to 5.4.0 in /examples/server/sanic by dependabot[bot] · Pull Request #2 · testfailed/python-socketio · GitHub
Open Graph Title: Bump ujson from 1.35 to 5.4.0 in /examples/server/sanic by dependabot[bot] · Pull Request #2 · testfailed/python-socketio
X Title: Bump ujson from 1.35 to 5.4.0 in /examples/server/sanic by dependabot[bot] · Pull Request #2 · testfailed/python-socketio
Description: Bumps ujson from 1.35 to 5.4.0. Release notes Sourced from ujson's releases. 5.4.0 Added Add support for arbitrary size integers (#548) @JustAnotherArchivist Fixed CVE-2022-31116: Replace wchar_t string decoding implementation with a uint32_t-based one (#555) @JustAnotherArchivist Fix handling of surrogates on decoding (#550) @JustAnotherArchivist CVE-2022-31117: Potential double free of buffer during string decoding @JustAnotherArchivist Fix memory leak on encoding errors when the buffer was resized (#549) @JustAnotherArchivist Integer parsing: always detect overflows (#544) @NaN-git Fix handling of surrogates on encoding (#530) @JustAnotherArchivist 5.3.0 Added Test Python 3.11 beta (#539) @hugovk Changed Benchmark refactor - argparse CLI (#533) @Erotemic Fixed Fix segmentation faults when errors occur while handling unserialisable objects (#531) @JustAnotherArchivist Fix segmentation fault when an exception is raised while converting a dict key to a string (#526) @JustAnotherArchivist Fix memory leak dumping on non-string dict keys (#521) @JustAnotherArchivist Fix ref counting on repeated default function calls (#524) @JustAnotherArchivist Remove redundant wheel dependency from pyproject.toml (#535) @hugovk 5.2.0 Added Support parsing NaN, Infinity and -Infinity (#514) @Erotemic Support dynamically linking against system double-conversion library (#508) @musicinmybrain Add env var to control stripping debug info (#507) @musicinmybrain Add JSONDecodeError (#498) @JustAnotherArchivist Fixed Fix buffer overflows (CVE-2021-45958) (#519) @JustAnotherArchivist Upgrade Black to fix Click (#515) @hugovk simplify exception handling on integer overflow (#510) @RouquinBlanc Remove dead code that used to handle the separate int type in Python 2 (#509) @JustAnotherArchivist Fix exceptions on encoding list or dict elements and non-overflow errors on int handling getting silenced (#505) @JustAnotherArchivist 5.1.0 Changed ... (truncated) Commits 9c20de0 Merge pull request from GHSA-fm67-cv37-96ff b21da40 Fix double free on string decoding if realloc fails 67ec071 Merge pull request #555 from JustAnotherArchivist/fix-decode-surrogates-2 bc7bdff Replace wchar_t string decoding implementation with a uint32_t-based one cc70119 Merge pull request #548 from JustAnotherArchivist/arbitrary-ints 4b5cccc Merge pull request #553 from bwoodsend/pypy-ci abe26fc Merge pull request #551 from bwoodsend/bye-bye-travis 3efb5cc Delete old TravisCI workflow and references. 404de1a xfail test_decode_surrogate_characters() on Windows PyPy. f7e66dc Switch to musl docker base images. Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) @dependabot use these labels will set the current labels as the default for future PRs for this repo and language @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.
Open Graph Description: Bumps ujson from 1.35 to 5.4.0. Release notes Sourced from ujson's releases. 5.4.0 Added Add support for arbitrary size integers (#548) @JustAnotherArchivist Fixed CVE-2022-31116: Replac...
X Description: Bumps ujson from 1.35 to 5.4.0. Release notes Sourced from ujson's releases. 5.4.0 Added Add support for arbitrary size integers (#548) @JustAnotherArchivist Fixed CVE-2022-31116: Re...
Opengraph URL: https://github.com/testfailed/python-socketio/pull/2
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:1db0b87f-d66f-4402-5d16-fc8765547d7a |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | 9EDE:3B4C02:323391D:338060D:6A592314 |
| html-safe-nonce | 7270ba1b04cf777d1dd213afef049f79feb9237a2bc9f6263e56f5b2287a454e |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI5RURFOjNCNEMwMjozMjMzOTFEOjMzODA2MEQ6NkE1OTIzMTQiLCJ2aXNpdG9yX2lkIjoiMTUwMDEwODQ4NTE3NjI4NjkyIiwicmVnaW9uX2VkZ2UiOiJzZWEiLCJyZWdpb25fcmVuZGVyIjoic2VhIn0= |
| visitor-hmac | 19f4240c9dc52f4c9b4e94b505472e5aad076d217996e02510ef48e2a129d599 |
| hovercard-subject-tag | pull_request:987920575 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/testfailed/python-socketio/pull/2/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps ujson from 1.35 to 5.4.0. Release notes Sourced from ujson's releases. 5.4.0 Added Add support for arbitrary size integers (#548) @JustAnotherArchivist Fixed CVE-2022-31116: Replac... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 30abb2b48d3b1b476bbaf01f49ead8ef91062bfd762d3fa28a956f4c99653343 |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/testfailed/python-socketio git https://github.com/testfailed/python-socketio.git |
| octolytics-dimension-user_id | 12092516 |
| octolytics-dimension-user_login | testfailed |
| octolytics-dimension-repository_id | 435144711 |
| octolytics-dimension-repository_nwo | testfailed/python-socketio |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | true |
| octolytics-dimension-repository_parent_id | 39119843 |
| octolytics-dimension-repository_parent_nwo | miguelgrinberg/python-socketio |
| octolytics-dimension-repository_network_root_id | 39119843 |
| octolytics-dimension-repository_network_root_nwo | miguelgrinberg/python-socketio |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | f2e5b4fd472ea10ac216e358bbd0821a90dae8bb |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width