[Snyk] Security upgrade zipp from 3.15.0 to 3.19.1

[Sackstools]

User description

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

• docs/_klipper3d/mkdocs-requirements.txt

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

---

PR Type

Bug fix, Dependencies

---

Description

• Added zipp>=3.19.1 to docs/_klipper3d/mkdocs-requirements.txt to address a security vulnerability (SNYK-PYTHON-ZIPP-7430899).
• This update was automatically created by Snyk to fix vulnerabilities in the pip dependencies.

---

Changes walkthrough 📝

	Relevant files
Dependencies	mkdocs-requirements.txt Pin `zipp` dependency to version 3.19.1                                    docs/_klipper3d/mkdocs-requirements.txt Added zipp>=3.19.1 to address a security vulnerability. +1/-0

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ No key issues to review

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

PR Code Suggestions ✨

Category	Suggestion	Score
Best practice	Pin the 'zipp' package to a specific version to ensure build reproducibility and stability It's recommended to pin dependencies to specific versions rather than using a version range. This ensures that the builds are reproducible and stable, and avoids unexpected issues if a new version of the dependency introduces breaking changes or new bugs. docs/_klipper3d/mkdocs-requirements.txt [11] -zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability +zipp==3.19.1 # pinned to a specific version to avoid a vulnerability Apply this suggestion Suggestion importance[1-10]: 9 Why: Pinning dependencies to specific versions is a best practice for ensuring reproducible and stable builds. This suggestion correctly identifies and addresses this issue.	9

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

CI Failure Feedback 🧐

Action: build

Failed stage: Test [❌]

Failure summary: The action failed because the make command could not find the pru-gcc compiler. This resulted in a failure to compile the file src/sched.c, causing the build process to terminate with an error.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 2781: ln -sf /home/runner/work/klipper_chronos/klipper_chronos/src/generic out/board-generic/board 2782: make[1]: Leaving directory '/home/runner/work/klipper_chronos/klipper_chronos' 2783: Building out/autoconf.h 2784: mkdir -p out/ 2785: KCONFIG_AUTOHEADER=out/autoconf.h python3 lib/kconfiglib/genconfig.py src/Kconfig 2786: Compiling out/src/sched.o 2787: pru-gcc -Iout/ -Isrc -Iout/board-generic/ -std=gnu11 -O2 -MD -Wall -Wold-style-definition -Wtype-limits -ffunction-sections -fdata-sections -fno-delete-null-pointer-checks -flto -fwhole-program -fno-use-linker-plugin -ggdb3 -Os -minrt -mmcu=am335x.pru1 -Ilib/pru_rpmsg/include -Ilib/pru_rpmsg/include/am335x -c src/sched.c -o out/src/sched.o 2788: make: pru-gcc: Command not found 2789: make: *** [Makefile:64: out/src/sched.o] Error 127 2790: ##[error]Process completed with exit code 2.

---

✨ CI feedback usage guide:

---

The CI feedback tool (/checks) automatically triggers when a PR has a failed check.
The tool analyzes the failed checks and provides several feedbacks:

• Failed stage
• Failed test name
• Failure summary
• Relevant error logs

In addition to being automatically triggered, the tool can also be invoked manually by commenting on a PR:

/checks "https://github.com/{repo_name}/actions/runs/{run_number}/job/{job_number}"

where {repo_name} is the name of the repository, {run_number} is the run number of the failed check, and {job_number} is the job number of the failed check.

Configuration options

• enable_auto_checks_feedback - if set to true, the tool will automatically provide feedback when a check is failed. Default is true.
• excluded_checks_list - a list of checks to exclude from the feedback, for example: ["check1", "check2"]. Default is an empty list.
• enable_help_text - if set to true, the tool will provide a help message with the feedback. Default is true.
• persistent_comment - if set to true, the tool will overwrite a previous checks comment with the new feedback. Default is true.
• final_update_message - if persistent_comment is true and updating a previous checks message, the tool will also create a new message: "Persistent checks updated to latest commit". Default is true.

See more information about the checks tool in the docs.

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

CI Failure Feedback 🧐

Action: build

Failed stage: Test [❌]

Failure summary: The action failed because the make command could not find the pru-gcc compiler. This resulted in an error when trying to compile the file src/sched.c. The specific error was make: pru-gcc: Command not found. This caused the make process to exit with error code 127.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 2772: ln -sf /home/runner/work/klipper_chronos/klipper_chronos/src/generic out/board-generic/board 2773: make[1]: Leaving directory '/home/runner/work/klipper_chronos/klipper_chronos' 2774: Building out/autoconf.h 2775: mkdir -p out/ 2776: KCONFIG_AUTOHEADER=out/autoconf.h python3 lib/kconfiglib/genconfig.py src/Kconfig 2777: Compiling out/src/sched.o 2778: pru-gcc -Iout/ -Isrc -Iout/board-generic/ -std=gnu11 -O2 -MD -Wall -Wold-style-definition -Wtype-limits -ffunction-sections -fdata-sections -fno-delete-null-pointer-checks -flto -fwhole-program -fno-use-linker-plugin -ggdb3 -Os -minrt -mmcu=am335x.pru1 -Ilib/pru_rpmsg/include -Ilib/pru_rpmsg/include/am335x -c src/sched.c -o out/src/sched.o 2779: make: pru-gcc: Command not found 2780: make: *** [Makefile:64: out/src/sched.o] Error 127 2781: ##[error]Process completed with exit code 2.

---

✨ CI feedback usage guide:

---

The CI feedback tool (/checks) automatically triggers when a PR has a failed check.
The tool analyzes the failed checks and provides several feedbacks:

• Failed stage
• Failed test name
• Failure summary
• Relevant error logs

In addition to being automatically triggered, the tool can also be invoked manually by commenting on a PR:

/checks "https://github.com/{repo_name}/actions/runs/{run_number}/job/{job_number}"

where {repo_name} is the name of the repository, {run_number} is the run number of the failed check, and {job_number} is the job number of the failed check.

Configuration options

• enable_auto_checks_feedback - if set to true, the tool will automatically provide feedback when a check is failed. Default is true.
• excluded_checks_list - a list of checks to exclude from the feedback, for example: ["check1", "check2"]. Default is an empty list.
• enable_help_text - if set to true, the tool will provide a help message with the feedback. Default is true.
• persistent_comment - if set to true, the tool will overwrite a previous checks comment with the new feedback. Default is true.
• final_update_message - if persistent_comment is true and updating a previous checks message, the tool will also create a new message: "Persistent checks updated to latest commit". Default is true.

See more information about the checks tool in the docs.

[qodo-merge-pro]

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

CI Failure Feedback 🧐

Action: build

Failed stage: Test [❌]

Failure summary: The action failed because the build process could not find the pru-gcc command. The error occurred during the compilation of src/sched.c into out/src/sched.o. The specific error message was make: pru-gcc: Command not found. This indicates that the pru-gcc compiler is either not installed or not available in the system's PATH.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 2772: ln -sf /home/runner/work/klipper_chronos/klipper_chronos/src/generic out/board-generic/board 2773: make[1]: Leaving directory '/home/runner/work/klipper_chronos/klipper_chronos' 2774: Building out/autoconf.h 2775: mkdir -p out/ 2776: KCONFIG_AUTOHEADER=out/autoconf.h python3 lib/kconfiglib/genconfig.py src/Kconfig 2777: Compiling out/src/sched.o 2778: pru-gcc -Iout/ -Isrc -Iout/board-generic/ -std=gnu11 -O2 -MD -Wall -Wold-style-definition -Wtype-limits -ffunction-sections -fdata-sections -fno-delete-null-pointer-checks -flto -fwhole-program -fno-use-linker-plugin -ggdb3 -Os -minrt -mmcu=am335x.pru1 -Ilib/pru_rpmsg/include -Ilib/pru_rpmsg/include/am335x -c src/sched.c -o out/src/sched.o 2779: make: pru-gcc: Command not found 2780: make: *** [Makefile:64: out/src/sched.o] Error 127 2781: ##[error]Process completed with exit code 2.

---

✨ CI feedback usage guide:

---

The CI feedback tool (/checks) automatically triggers when a PR has a failed check.
The tool analyzes the failed checks and provides several feedbacks:

• Failed stage
• Failed test name
• Failure summary
• Relevant error logs

In addition to being automatically triggered, the tool can also be invoked manually by commenting on a PR:

/checks "https://github.com/{repo_name}/actions/runs/{run_number}/job/{job_number}"

where {repo_name} is the name of the repository, {run_number} is the run number of the failed check, and {job_number} is the job number of the failed check.

Configuration options

• enable_auto_checks_feedback - if set to true, the tool will automatically provide feedback when a check is failed. Default is true.
• excluded_checks_list - a list of checks to exclude from the feedback, for example: ["check1", "check2"]. Default is an empty list.
• enable_help_text - if set to true, the tool will provide a help message with the feedback. Default is true.
• persistent_comment - if set to true, the tool will overwrite a previous checks comment with the new feedback. Default is true.
• final_update_message - if persistent_comment is true and updating a previous checks message, the tool will also create a new message: "Persistent checks updated to latest commit". Default is true.

See more information about the checks tool in the docs.