chore(deps): update dependency pytest to v8 #152

renovate · 2024-01-28T00:02:27Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pytest (changelog)	`==7.4.4` -> `==8.3.4`

Release Notes

pytest-dev/pytest (pytest)

`v8.3.4`

Compare Source

pytest 8.3.4 (2024-12-01)

Bug fixes

#12592: Fixed KeyError{.interpreted-text role="class"} crash when using --import-mode=importlib in a directory layout where a directory contains a child directory with the same name.
#12818: Assertion rewriting now preserves the source ranges of the original instructions, making it play well with tools that deal with the AST, like executing.
#12849: ANSI escape codes for colored output now handled correctly in pytest.fail{.interpreted-text role="func"} with [pytrace=False]{.title-ref}.
#9353: pytest.approx{.interpreted-text role="func"} now uses strict equality when given booleans.

Improved documentation

#10558: Fix ambiguous docstring of pytest.Config.getoption{.interpreted-text role="func"}.
#10829: Improve documentation on the current handling of the --basetemp option and its lack of retention functionality (temporary directory location and retention{.interpreted-text role="ref"}).
#12866: Improved cross-references concerning the recwarn{.interpreted-text role="fixture"} fixture.
#12966: Clarify filterwarnings{.interpreted-text role="ref"} docs on filter precedence/order when using multiple @pytest.mark.filterwarnings <pytest.mark.filterwarnings ref>{.interpreted-text role="ref"} marks.

Contributor-facing changes

#12497: Fixed two failing pdb-related tests on Python 3.13.

`v8.3.3`

Compare Source

pytest 8.3.3 (2024-09-09)

Bug fixes

#12446: Avoid calling @property (and other instance descriptors) during fixture discovery -- by asottile{.interpreted-text role="user"}
#12659: Fixed the issue of not displaying assertion failure differences when using the parameter --import-mode=importlib in pytest>=8.1.
#12667: Fixed a regression where type change in [ExceptionInfo.errisinstance]{.title-ref} caused [mypy]{.title-ref} to fail.
#12744: Fixed typing compatibility with Python 3.9 or less -- replaced [typing.Self]{.title-ref} with [typing_extensions.Self]{.title-ref} -- by Avasam{.interpreted-text role="user"}
#12745: Fixed an issue with backslashes being incorrectly converted in nodeid paths on Windows, ensuring consistent path handling across environments.
#6682: Fixed bug where the verbosity levels where not being respected when printing the "msg" part of failed assertion (as in assert condition, msg).
#9422: Fix bug where disabling the terminal plugin via -p no:terminal would cause crashes related to missing the verbose option.

-- by GTowers1{.interpreted-text role="user"}

Improved documentation

#12663: Clarify that the [pytest_deselected]{.title-ref} hook should be called from [pytest_collection_modifyitems]{.title-ref} hook implementations when items are deselected.
#12678: Remove erroneous quotes from [tmp_path_retention_policy]{.title-ref} example in docs.

Miscellaneous internal changes

#12769: Fix typos discovered by codespell and add codespell to pre-commit hooks.

`v8.3.2`

Compare Source

pytest 8.3.2 (2024-07-24)

Bug fixes

#12652: Resolve regression [conda]{.title-ref} environments where no longer being automatically detected.

-- by RonnyPfannschmidt{.interpreted-text role="user"}

`v8.3.1`

Compare Source

pytest 8.3.1 (2024-07-20)

The 8.3.0 release failed to include the change notes and docs for the release. This patch release remedies this. There are no other changes.

`v8.3.0`

Compare Source

pytest 8.3.0 (2024-07-20)

New features

#12231: Added [--xfail-tb]{.title-ref} flag, which turns on traceback output for XFAIL results.
- If the [--xfail-tb]{.title-ref} flag is not given, tracebacks for XFAIL results are NOT shown.
- The style of traceback for XFAIL is set with [--tb]{.title-ref}, and can be [auto|long|short|line|native|no]{.title-ref}.
- Note: Even if you have [--xfail-tb]{.title-ref} set, you won't see them if [--tb=no]{.title-ref}.
Some history:

With pytest 8.0, [-rx]{.title-ref} or [-ra]{.title-ref} would not only turn on summary reports for xfail, but also report the tracebacks for xfail results. This caused issues with some projects that utilize xfail, but don't want to see all of the xfail tracebacks.

This change detaches xfail tracebacks from [-rx]{.title-ref}, and now we turn on xfail tracebacks with [--xfail-tb]{.title-ref}. With this, the default [-rx]{.title-ref}/ [-ra]{.title-ref} behavior is identical to pre-8.0 with respect to xfail tracebacks. While this is a behavior change, it brings default behavior back to pre-8.0.0 behavior, which ultimately was considered the better course of action.
#12281: Added support for keyword matching in marker expressions.

Now tests can be selected by marker keyword arguments.
Supported values are int{.interpreted-text role="class"}, (unescaped) str{.interpreted-text role="class"}, bool{.interpreted-text role="class"} & None{.interpreted-text role="data"}.

See marker examples <marker_keyword_expression_example>{.interpreted-text role="ref"} for more information.

-- by lovetheguitar{.interpreted-text role="user"}
#12567: Added --no-fold-skipped command line option.

If this option is set, then skipped tests in short summary are no longer grouped
by reason but all tests are printed individually with their nodeid in the same
way as other statuses.

-- by pbrezina{.interpreted-text role="user"}

Improvements in existing functionality

#12469: The console output now uses the "third-party plugins" terminology,
replacing the previously established but confusing and outdated
reference to setuptools <setuptools:index>{.interpreted-text role="std:doc"}
-- by webknjaz{.interpreted-text role="user"}.
#12544, #12545: Python virtual environment detection was improved by
checking for a pyvenv.cfg{.interpreted-text role="file"} file, ensuring reliable detection on
various platforms -- by zachsnickers{.interpreted-text role="user"}.
#2871: Do not truncate arguments to functions in output when running with [-vvv]{.title-ref}.

#389: The readability of assertion introspection of bound methods has been enhanced
-- by farbodahm{.interpreted-text role="user"}, webknjaz{.interpreted-text role="user"}, obestwalter{.interpreted-text role="user"}, flub{.interpreted-text role="user"}
and glyphack{.interpreted-text role="user"}.

Earlier, it was like:

=================================== FAILURES ===================================
_____________________________________ test _____________________________________

    def test():
>       assert Help().fun() == 2
E       assert 1 == 2
E        +  where 1 = <bound method Help.fun of <example.Help instance at 0x256a830>>()
E        +    where <bound method Help.fun of <example.Help instance at 0x256a830>> = <example.Help instance at 0x256a830>.fun
E        +      where <example.Help instance at 0x256a830> = Help()

example.py:7: AssertionError
=========================== 1 failed in 0.03 seconds ===========================

And now it's like:

=================================== FAILURES ===================================
_____________________________________ test _____________________________________

    def test():
>       assert Help().fun() == 2
E       assert 1 == 2
E        +  where 1 = fun()
E        +    where fun = <test_local.Help object at 0x1074be230>.fun
E        +      where <test_local.Help object at 0x1074be230> = Help()

test_local.py:13: AssertionError
=========================== 1 failed in 0.03 seconds ===========================

#7662: Added timezone information to the testsuite timestamp in the JUnit XML report.

Bug fixes

#11706: Fixed reporting of teardown errors in higher-scoped fixtures when using [--maxfail]{.title-ref} or [--stepwise]{.title-ref}.

Originally added in pytest 8.0.0, but reverted in 8.0.2 due to a regression in pytest-xdist.
This regression was fixed in pytest-xdist 3.6.1.
#11797: pytest.approx{.interpreted-text role="func"} now correctly handles Sequence <collections.abc.Sequence>{.interpreted-text role="class"}-like objects.
#12204, #12264: Fixed a regression in pytest 8.0 where tracebacks get longer and longer when multiple
tests fail due to a shared higher-scope fixture which raised -- by bluetech{.interpreted-text role="user"}.

Also fixed a similar regression in pytest 5.4 for collectors which raise during setup.

The fix necessitated internal changes which may affect some plugins:
- FixtureDef.cached_result[2] is now a tuple (exc, tb)
  instead of exc.
- SetupState.stack failures are now a tuple (exc, tb)
  instead of exc.
#12275: Fixed collection error upon encountering an abstract <abc>{.interpreted-text role="mod"} class, including abstract [unittest.TestCase]{.title-ref} subclasses.
#12328: Fixed a regression in pytest 8.0.0 where package-scoped parameterized items were not correctly reordered to minimize setups/teardowns in some cases.
#12424: Fixed crash with [assert testcase is not None]{.title-ref} assertion failure when re-running unittest tests using plugins like pytest-rerunfailures. Regressed in 8.2.2.
#12472: Fixed a crash when returning category "error" or "failed" with a custom test status from pytest_report_teststatus{.interpreted-text role="hook"} hook -- pbrezina{.interpreted-text role="user"}.
#12505: Improved handling of invalid regex patterns in pytest.raises(match=r'...') <pytest.raises>{.interpreted-text role="func"} by providing a clear error message.
#12580: Fixed a crash when using the cache class on Windows and the cache directory was created concurrently.
#6962: Parametrization parameters are now compared using [==]{.title-ref} instead of [is]{.title-ref} ([is]{.title-ref} is still used as a fallback if the parameter does not support [==]{.title-ref}).
This fixes use of parameters such as lists, which have a different [id]{.title-ref} but compare equal, causing fixtures to be re-computed instead of being cached.
#7166: Fixed progress percentages (the [ 87%] at the edge of the screen) sometimes not aligning correctly when running with pytest-xdist -n.

Improved documentation

#12153: Documented using PYTEST_VERSION{.interpreted-text role="envvar"} to detect if code is running from within a pytest run.
#12469: The external plugin mentions in the documentation now avoid mentioning
setuptools entry-points <setuptools:index>{.interpreted-text role="std:doc"} as the concept is
much more generic nowadays. Instead, the terminology of "external",
"installed", or "third-party" plugins (or packages) replaces that.

-- by webknjaz{.interpreted-text role="user"}
#12577: [CI]{.title-ref} and [BUILD_NUMBER]{.title-ref} environment variables role is discribed in
the reference doc. They now also appear when doing [pytest -h]{.title-ref}
-- by MarcBresson{.interpreted-text role="user"}.

Contributor-facing changes

#12467: Migrated all internal type-annotations to the python3.10+ style by using the [annotations]{.title-ref} future import.

-- by RonnyPfannschmidt{.interpreted-text role="user"}
#11771, #12557: The PyPy runtime version has been updated to 3.9 from 3.8 that introduced
a flaky bug at the garbage collector which was not expected to fix there
as the 3.8 is EoL.

-- by x612skm{.interpreted-text role="user"}
#12493: The change log draft preview integration has been refactored to use a
third party extension sphinxcontib-towncrier. The previous in-repo
script was putting the change log preview file at
doc/en/_changelog_towncrier_draft.rst{.interpreted-text role="file"}. Said file is no longer
ignored in Git and might show up among untracked files in the
development environments of the contributors. To address that, the
contributors can run the following command that will clean it up:
```
$ git clean -x -i -- doc/en/_changelog_towncrier_draft.rst
```
-- by webknjaz{.interpreted-text role="user"}
#12498: All the undocumented tox environments now have descriptions.
They can be listed in one's development environment by invoking
tox -av in a terminal.

-- by webknjaz{.interpreted-text role="user"}
#12501: The changelog configuration has been updated to introduce more accurate
audience-tailored categories. Previously, there was a trivial
change log fragment type with an unclear and broad meaning. It was
removed and we now have contrib, misc and packaging in
place of it.

The new change note types target the readers who are downstream
packagers and project contributors. Additionally, the miscellaneous
section is kept for unspecified updates that do not fit anywhere else.

-- by webknjaz{.interpreted-text role="user"}
#12502: The UX of the GitHub automation making pull requests to update the
plugin list has been updated. Previously, the maintainers had to close
the automatically created pull requests and re-open them to trigger the
CI runs. From now on, they only need to click the [Ready for review]{.title-ref}
button instead.

-- by webknjaz{.interpreted-text role="user"}
#12522: The :pull: RST role has been replaced with a shorter
:pr: due to starting to use the implementation from
the third-party sphinx-issues{.interpreted-text role="pypi"} Sphinx extension
-- by webknjaz{.interpreted-text role="user"}.
#12531: The coverage reporting configuration has been updated to exclude
pytest's own tests marked as expected to fail from the coverage
report. This has an effect of reducing the influence of flaky
tests on the resulting number.

-- by webknjaz{.interpreted-text role="user"}
#12533: The extlinks Sphinx extension is no longer enabled. The :bpo:
role it used to declare has been removed with that. BPO itself has
migrated to GitHub some years ago and it is possible to link the
respective issues by using their GitHub issue numbers and the
:issue: role that the sphinx-issues extension implements.

-- by webknjaz{.interpreted-text role="user"}
#12562: Possible typos in using the :user: RST role is now being linted
through the pre-commit tool integration -- by webknjaz{.interpreted-text role="user"}.

`v8.2.2`

Compare Source

pytest 8.2.2 (2024-06-04)

Bug Fixes

#12355: Fix possible catastrophic performance slowdown on a certain parametrization pattern involving many higher-scoped parameters.
#12367: Fix a regression in pytest 8.2.0 where unittest class instances (a fresh one is created for each test) were not released promptly on test teardown but only on session teardown.
#12381: Fix possible "Directory not empty" crashes arising from concurent cache dir (.pytest_cache) creation. Regressed in pytest 8.2.0.

Improved Documentation

#12290: Updated Sphinx theme to use Furo instead of Flask, enabling Dark mode theme.
#12356: Added a subsection to the documentation for debugging flaky tests to mention
lack of thread safety in pytest as a possible source of flakyness.
#12363: The documentation webpages now links to a canonical version to reduce outdated documentation in search engine results.

`v8.2.1`

Compare Source

pytest 8.2.1 (2024-05-19)

Improvements

#12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

#12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
#12191: Keyboard interrupts and system exits are now properly handled during the test collection.
#12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
#12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

#12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

`v8.2.0`

Compare Source

pytest 8.2.0 (2024-04-27)

Deprecations

#12069: A deprecation warning is now raised when implementations of one of the following hooks request a deprecated py.path.local parameter instead of the pathlib.Path parameter which replaced it:
- pytest_ignore_collect{.interpreted-text role="hook"} - the path parameter - use collection_path instead.
- pytest_collect_file{.interpreted-text role="hook"} - the path parameter - use file_path instead.
- pytest_pycollect_makemodule{.interpreted-text role="hook"} - the path parameter - use module_path instead.
- pytest_report_header{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.
- pytest_report_collectionfinish{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.
The replacement parameters are available since pytest 7.0.0.
The old parameters will be removed in pytest 9.0.0.

See legacy-path-hooks-deprecated{.interpreted-text role="ref"} for more details.

Features

#11871: Added support for reading command line arguments from a file using the prefix character @, like e.g.: pytest @tests.txt. The file must have one argument per line.

See Read arguments from file <args-from-file>{.interpreted-text role="ref"} for details.

Improvements

#11523: pytest.importorskip{.interpreted-text role="func"} will now issue a warning if the module could be found, but raised ImportError{.interpreted-text role="class"} instead of ModuleNotFoundError{.interpreted-text role="class"}.

The warning can be suppressed by passing exc_type=ImportError to pytest.importorskip{.interpreted-text role="func"}.

See import-or-skip-import-error{.interpreted-text role="ref"} for details.
#11728: For unittest-based tests, exceptions during class cleanup (as raised by functions registered with TestCase.addClassCleanup <unittest.TestCase.addClassCleanup>{.interpreted-text role="meth"}) are now reported instead of silently failing.
#11777: Text is no longer truncated in the short test summary info section when -vv is given.
#12112: Improved namespace packages detection when consider_namespace_packages{.interpreted-text role="confval"} is enabled, covering more situations (like editable installs).
#9502: Added PYTEST_VERSION{.interpreted-text role="envvar"} environment variable which is defined at the start of the pytest session and undefined afterwards. It contains the value of pytest.__version__, and among other things can be used to easily check if code is running from within a pytest run.

Bug Fixes

#12065: Fixed a regression in pytest 8.0.0 where test classes containing setup_method and tests using @staticmethod or @classmethod would crash with AttributeError: 'NoneType' object has no attribute 'setup_method'.

Now the request.instance <pytest.FixtureRequest.instance>{.interpreted-text role="attr"} attribute of tests using @staticmethod and @classmethod is no longer None, but a fresh instance of the class, like in non-static methods.
Previously it was None, and all fixtures of such tests would share a single self.
#12135: Fixed issue where fixtures adding their finalizer multiple times to fixtures they request would cause unreliable and non-intuitive teardown ordering in some instances.
#12194: Fixed a bug with --importmode=importlib and --doctest-modules where child modules did not appear as attributes in parent modules.
#1489: Fixed some instances where teardown of higher-scoped fixtures was not happening in the reverse order they were initialized in.

Trivial/Internal Changes

#12069: pluggy>=1.5.0 is now required.
#12167: cache <cache>{.interpreted-text role="ref"}: create supporting files (CACHEDIR.TAG, .gitignore, etc.) in a temporary directory to provide atomic semantics.

`v8.1.2`

Compare Source

pytest 8.1.2 (2024-04-26)

Bug Fixes

#12114: Fixed error in pytest.approx{.interpreted-text role="func"} when used with [numpy]{.title-ref} arrays and comparing with other types.

`v8.1.1`

Compare Source

pytest 8.1.1 (2024-03-08)

::: {.note}
::: {.title}
Note
:::

This release is not a usual bug fix release -- it contains features and improvements, being a follow up
to 8.1.0, which has been yanked from PyPI.
:::

Features

#11475: Added the new consider_namespace_packages{.interpreted-text role="confval"} configuration option, defaulting to False.

If set to True, pytest will attempt to identify modules that are part of namespace packages when importing modules.
#11653: Added the new verbosity_test_cases{.interpreted-text role="confval"} configuration option for fine-grained control of test execution verbosity.
See Fine-grained verbosity <pytest.fine_grained_verbosity>{.interpreted-text role="ref"} for more details.

Improvements

#10865: pytest.warns{.interpreted-text role="func"} now validates that warnings.warn{.interpreted-text role="func"} was called with a [str]{.title-ref} or a [Warning]{.title-ref}.
Currently in Python it is possible to use other types, however this causes an exception when warnings.filterwarnings{.interpreted-text role="func"} is used to filter those warnings (see CPython #103577 for a discussion).
While this can be considered a bug in CPython, we decided to put guards in pytest as the error message produced without this check in place is confusing.
#11311: When using --override-ini for paths in invocations without a configuration file defined, the current working directory is used
as the relative directory.

Previoulsy this would raise an AssertionError{.interpreted-text role="class"}.
#11475: --import-mode=importlib <import-mode-importlib>{.interpreted-text role="ref"} now tries to import modules using the standard import mechanism (but still without changing :pysys.path{.interpreted-text role="data"}), falling back to importing modules directly only if that fails.

This means that installed packages will be imported under their canonical name if possible first, for example app.core.models, instead of having the module name always be derived from their path (for example .env310.lib.site_packages.app.core.models).
#11801: Added the iter_parents() <_pytest.nodes.Node.iter_parents>{.interpreted-text role="func"} helper method on nodes.
It is similar to listchain <_pytest.nodes.Node.listchain>{.interpreted-text role="func"}, but goes from bottom to top, and returns an iterator, not a list.
#11850: Added support for sys.last_exc{.interpreted-text role="data"} for post-mortem debugging on Python>=3.12.
#11962: In case no other suitable candidates for configuration file are found, a pyproject.toml (even without a [tool.pytest.ini_options] table) will be considered as the configuration file and define the rootdir.
#11978: Add --log-file-mode option to the logging plugin, enabling appending to log-files. This option accepts either "w" or "a" and defaults to "w".

Previously, the mode was hard-coded to be "w" which truncates the file before logging.
#12047: When multiple finalizers of a fixture raise an exception, now all exceptions are reported as an exception group.
Previously, only the first exception was reported.

Bug Fixes

#11475: Fixed regression where --importmode=importlib would import non-test modules more than once.
#11904: Fixed a regression in pytest 8.0.0 that would cause test collection to fail due to permission errors when using --pyargs.

This change improves the collection tree for tests specified using --pyargs, see 12043{.interpreted-text role="pull"} for a comparison with pytest 8.0 and <8.
#12011: Fixed a regression in 8.0.1 whereby setup_module xunit-style fixtures are not executed when --doctest-modules is passed.
#12014: Fix the stacklevel used when warning about marks used on fixtures.
#12039: Fixed a regression in 8.0.2 where tests created using tmp_path{.interpreted-text role="fixture"} have been collected multiple times in CI under Windows.

Improved Documentation

#11790: Documented the retention of temporary directories created using the tmp_path fixture in more detail.

Trivial/Internal Changes

#11785: Some changes were made to private functions which may affect plugins which access them:
- FixtureManager._getautousenames() now takes a Node itself instead of the nodeid.
- FixtureManager.getfixturedefs() now takes the Node itself instead of the nodeid.
- The _pytest.nodes.iterparentnodeids() function is removed without replacement.
  Prefer to traverse the node hierarchy itself instead.
  If you really need to, copy the function from the previous pytest release.
#12069: Delayed the deprecation of the following features to 9.0.0:
- node-ctor-fspath-deprecation{.interpreted-text role="ref"}.
- legacy-path-hooks-deprecated{.interpreted-text role="ref"}.
It was discovered after 8.1.0 was released that the warnings about the impeding removal were not being displayed, so the team decided to revert the removal.

This is the reason for 8.1.0 being yanked.

pytest 8.1.0 (YANKED)

::: {.note}
::: {.title}
Note
:::

This release has been yanked: it broke some plugins without the proper warning period, due to
some warnings not showing up as expected.

See #12069.
:::

`v8.1.0`

Compare Source

pytest 8.1.0 (YANKED)

[!IMPORTANT]
This release has been yanked: it broke some plugins without the proper warning period, due to some warnings not showing up as expected. See #12069.

Features

#11475: Added the new consider_namespace_packages{.interpreted-text role="confval"} configuration option, defaulting to False.

If set to True, pytest will attempt to identify modules that are part of namespace packages when importing modules.
#11653: Added the new verbosity_test_cases{.interpreted-text role="confval"} configuration option for fine-grained control of test execution verbosity.
See Fine-grained verbosity <pytest.fine_grained_verbosity>{.interpreted-text role="ref"} for more details.

Improvements

#10865: pytest.warns{.interpreted-text role="func"} now validates that warnings.warn{.interpreted-text role="func"} was called with a [str]{.title-ref} or a [Warning]{.title-ref}.
Currently in Python it is possible to use other types, however this causes an exception when warnings.filterwarnings{.interpreted-text role="func"} is used to filter those warnings (see CPython #103577 for a discussion).
While this can be considered a bug in CPython, we decided to put guards in pytest as the error message produced without this check in place is confusing.
#11311: When using --override-ini for paths in invocations without a configuration file defined, the current working directory is used
as the relative directory.

Previoulsy this would raise an AssertionError{.interpreted-text role="class"}.
#11475: --import-mode=importlib <import-mode-importlib>{.interpreted-text role="ref"} now tries to import modules using the standard import mechanism (but still without changing :pysys.path{.interpreted-text role="data"}), falling back to importing modules directly only if that fails.

This means that installed packages will be imported under their canonical name if possible first, for example app.core.models, instead of having the module name always be derived from their path (for example .env310.lib.site_packages.app.core.models).
#11801: Added the iter_parents() <_pytest.nodes.Node.iter_parents>{.interpreted-text role="func"} helper method on nodes.
It is similar to listchain <_pytest.nodes.Node.listchain>{.interpreted-text role="func"}, but goes from bottom to top, and returns an iterator, not a list.
#11850: Added support for sys.last_exc{.interpreted-text role="data"} for post-mortem debugging on Python>=3.12.
#11962: In case no other suitable candidates for configuration file are found, a pyproject.toml (even without a [tool.pytest.ini_options] table) will be considered as the configuration file and define the rootdir.
#11978: Add --log-file-mode option to the logging plugin, enabling appending to log-files. This option accepts either "w" or "a" and defaults to "w".

Previously, the mode was hard-coded to be "w" which truncates the file before logging.
#12047: When multiple finalizers of a fixture raise an exception, now all exceptions are reported as an exception group.
Previously, only the first exception was reported.

Bug Fixes

#11904: Fixed a regression in pytest 8.0.0 that would cause test collection to fail due to permission errors when using --pyargs.

This change improves the collection tree for tests specified using --pyargs, see 12043{.interpreted-text role="pull"} for a comparison with pytest 8.0 and <8.
#12011: Fixed a regression in 8.0.1 whereby setup_module xunit-style fixtures are not executed when --doctest-modules is passed.
#12014: Fix the stacklevel used when warning about marks used on fixtures.
#12039: Fixed a regression in 8.0.2 where tests created using tmp_path{.interpreted-text role="fixture"} have been collected multiple times in CI under Windows.

Improved Documentation

#11790: Documented the retention of temporary directories created using the tmp_path fixture in more detail.

Trivial/Internal Changes

#11785: Some changes were made to private functions which may affect plugins which access them:
- FixtureManager._getautousenames() now takes a Node itself instead of the nodeid.
- FixtureManager.getfixturedefs() now takes the Node itself instead of the nodeid.
- The _pytest.nodes.iterparentnodeids() function is removed without replacement.
  Prefer to traverse the node hierarchy itself instead.
  If you really need to, copy the function from the previous pytest release.

`v8.0.2`

Compare Source

pytest 8.0.2 (2024-02-24)

Bug Fixes

#11895: Fix collection on Windows where initial paths contain the short version of a path (for example c:\PROGRA~1\tests).
#11953: Fix an IndexError crash raising from getstatementrange_ast.
#12021: Reverted a fix to [--maxfail]{.title-ref} handling in pytest 8.0.0 because it caused a regression in pytest-xdist whereby session fixture teardowns may get executed multiple times when the max-fails is reached.

`v8.0.1`

Compare Source

pytest 8.0.1 (2024-02-16)

Bug Fixes

#11875: Correctly handle errors from getpass.getuser{.interpreted-text role="func"} in Python 3.13.
#11879: Fix an edge case where ExceptionInfo._stringify_exception could crash pytest.raises{.interpreted-text role="func"}.
#11906: Fix regression with pytest.warns{.interpreted-text role="func"} using custom warning subclasses which have more than one parameter in their [__init__]{.title-ref}.
#11907: Fix a regression in pytest 8.0.0 whereby calling pytest.skip{.interpreted-text role="func"} and similar control-flow exceptions within a pytest.warns(){.interpreted-text role="func"} block would get suppressed instead of propagating.
#11929: Fix a regression in pytest 8.0.0 whereby autouse fixtures defined in a module get ignored by the doctests in the module.
#11937: Fix a regression in pytest 8.0.0 whereby items would be collected in reverse order in some circumstances.

`v8.0.0`: pytest 8.0.0 (2024-01-27)

Compare Source

See 8.0.0rc1 and 8.0.0rc2 for the full changes since pytest 7.4!

Bug Fixes

#11842: Properly escape the reason of a skip <pytest.mark.skip ref>{.interpreted-text role="ref"} mark when writing JUnit XML files.
#11861: Avoid microsecond exceeds 1_000_000 when using log-date-format with %f specifier, which might cause the test suite to crash.

Configuration

📅 Schedule: Branch creation - "* 0-3 1 * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-01-28T00:06:27Z

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	6	0	0.12s
✅ BASH	bash-exec	2	0	0.02s
✅ BASH	shellcheck	2	0	0.13s
✅ BASH	shfmt	2	0	0.01s
✅ DOCKERFILE	hadolint	2	0	0.29s
✅ EDITORCONFIG	editorconfig-checker	89	0	0.61s
✅ ENV	dotenv-linter	1	0	0.01s
✅ JSON	jsonlint	3	0	0.31s
✅ JSON	prettier	3	0	0.63s
✅ JSON	v8r	3	0	3.54s
⚠️ MARKDOWN	markdownlint	8	89	1.39s
⚠️ MARKDOWN	markdown-table-formatter	8	1	0.36s
✅ PYTHON	bandit	7	0	2.68s
✅ PYTHON	black	7	0	2.55s
✅ PYTHON	flake8	7	0	0.77s
✅ PYTHON	isort	7	0	0.55s
✅ PYTHON	mypy	7	0	3.23s
✅ PYTHON	pyright	7	0	6.81s
✅ PYTHON	ruff	7	0	0.04s
✅ REPOSITORY	checkov	yes	no	26.13s
✅ REPOSITORY	dustilock	yes	no	0.71s
✅ REPOSITORY	gitleaks	yes	no	2.88s
✅ REPOSITORY	git_diff	yes	no	0.02s
✅ REPOSITORY	grype	yes	no	16.06s
✅ REPOSITORY	kics	yes	no	43.28s
✅ REPOSITORY	secretlint	yes	no	1.1s
✅ REPOSITORY	syft	yes	no	2.63s
❌ REPOSITORY	trivy	yes	1	8.89s
✅ REPOSITORY	trivy-sbom	yes	no	0.19s
✅ REPOSITORY	trufflehog	yes	no	4.51s
✅ XML	xmllint	3	0	0.02s
✅ YAML	prettier	28	0	1.45s
✅ YAML	v8r	28	0	41.98s
✅ YAML	yamllint	28	0	0.82s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

Click here to request the new flavor

MegaLinter is graciously provided by

github-actions · 2024-12-01T13:16:31Z

Trivy image scan report

`ghcr.io/bzkf/onco-analytics-on-fhir/decompose-xmls:pr-152 (debian 12.7)`

8 known vulnerabilities found (LOW: 2 CRITICAL: 2 HIGH: 2 MEDIUM: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`libexpat1`	CVE-2024-45491	CRITICAL	2.5.0-1	2.5.0-1+deb12u1
`libexpat1`	CVE-2024-45492	CRITICAL	2.5.0-1	2.5.0-1+deb12u1
`libexpat1`	CVE-2024-45490	HIGH	2.5.0-1	2.5.0-1+deb12u1
`libsqlite3-0`	CVE-2023-7104	HIGH	3.40.1-2	3.40.1-2+deb12u1
`libssl3`	CVE-2024-5535	MEDIUM	3.0.14-1~deb12u2	3.0.15-1~deb12u1
`libssl3`	CVE-2024-9143	LOW	3.0.14-1~deb12u2	3.0.15-1~deb12u1
`openssl`	CVE-2024-5535	MEDIUM	3.0.14-1~deb12u2	3.0.15-1~deb12u1
`openssl`	CVE-2024-9143	LOW	3.0.14-1~deb12u2	3.0.15-1~deb12u1

No Misconfigurations found

`Python`

No Vulnerabilities found

No Misconfigurations found

github-actions · 2024-12-01T13:19:12Z

Trivy image scan report

`ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-152 (debian 12.5)`

53 known vulnerabilities found (MEDIUM: 24 LOW: 4 CRITICAL: 4 HIGH: 21)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`bsdutils`	CVE-2024-28085	HIGH	1:2.38.1-5+b1	2.38.1-5+deb12u1
`libblkid1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`libc-bin`	CVE-2024-2961	HIGH	2.36-9+deb12u4	2.36-9+deb12u6
`libc-bin`	CVE-2024-33599	HIGH	2.36-9+deb12u4	2.36-9+deb12u7
`libc-bin`	CVE-2024-33600	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc-bin`	CVE-2024-33601	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc-bin`	CVE-2024-33602	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-2961	HIGH	2.36-9+deb12u4	2.36-9+deb12u6
`libc6`	CVE-2024-33599	HIGH	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-33600	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-33601	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-33602	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libgnutls30`	CVE-2024-28834	MEDIUM	3.7.9-2+deb12u2	3.7.9-2+deb12u3
`libgnutls30`	CVE-2024-28835	MEDIUM	3.7.9-2+deb12u2	3.7.9-2+deb12u3
`libgssapi-krb5-2`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libgssapi-krb5-2`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libk5crypto3`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libk5crypto3`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5-3`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5-3`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5support0`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5support0`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libmount1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`libsmartcols1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`libsqlite3-0`	CVE-2023-7104	HIGH	3.40.1-2	3.40.1-2+deb12u1
`libssl3`	CVE-2023-5678	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2023-6129	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2023-6237	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2024-0727	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2024-4603	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`libssl3`	CVE-2024-4741	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`libssl3`	CVE-2024-5535	MEDIUM	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`libssl3`	CVE-2024-6119	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u2
`libssl3`	CVE-2024-2511	LOW	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`libssl3`	CVE-2024-9143	LOW	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`libsystemd0`	CVE-2023-50387	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libsystemd0`	CVE-2023-50868	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libudev1`	CVE-2023-50387	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libudev1`	CVE-2023-50868	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libuuid1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`mount`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`openssl`	CVE-2023-5678	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2023-6129	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2023-6237	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2024-0727	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2024-4603	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`openssl`	CVE-2024-4741	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`openssl`	CVE-2024-5535	MEDIUM	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`openssl`	CVE-2024-6119	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u2
`openssl`	CVE-2024-2511	LOW	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`openssl`	CVE-2024-9143	LOW	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`util-linux`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`util-linux-extra`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1

No Misconfigurations found

`Java`

292 known vulnerabilities found (CRITICAL: 22 HIGH: 154 MEDIUM: 95 LOW: 21)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ch.qos.logback:logback-classic`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`ch.qos.logback:logback-classic`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`ch.qos.logback:logback-core`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`ch.qos.logback:logback-core`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`com.amazonaws:aws-java-sdk-s3`	CVE-2022-31159	HIGH	1.11.1026	1.12.261
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.11.4	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.11.4	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.11.4	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.11.4	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.13.0	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.13.0	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.13.0	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.13.0	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.13.0	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.13.0	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.0	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.0	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.0	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.13.0	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.13.0	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.13.0	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.4	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2017-17485	CRITICAL	2.6.7.4	2.9.4, 2.8.11, 2.7.9.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-11307	CRITICAL	2.6.7.4	2.7.9.4, 2.8.11.2, 2.9.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-14719	CRITICAL	2.6.7.4	2.9.7, 2.8.11.3, 2.7.9.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-7489	CRITICAL	2.6.7.4	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2019-14379	CRITICAL	2.6.7.4	2.9.9.2, 2.8.11.4, 2.7.9.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2019-17267	CRITICAL	2.6.7.4	2.9.10, 2.8.11.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-9547	CRITICAL	2.6.7.4	2.9.10.4, 2.8.11.6, 2.7.9.7
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-9548	CRITICAL	2.6.7.4	2.9.10.4, 2.8.11.6, 2.7.9.7
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-12022	HIGH	2.6.7.4	2.7.9.4, 2.8.11.2, 2.9.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-5968	HIGH	2.6.7.4	2.8.11.1, 2.9.4, 2.7.9.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-10650	HIGH	2.6.7.4	2.9.10.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-24616	HIGH	2.6.7.4	2.9.10.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-24750	HIGH	2.6.7.4	2.6.7.5, 2.9.10.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-35490	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-35491	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-35728	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36179	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36180	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36181	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36182	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36183	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36184	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36185	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36186	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36187	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36188	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36189	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.6.7.4	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-20190	HIGH	2.6.7.4	2.9.10.7, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.6.7.4	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.6.7.4	2.12.7.1, 2.13.4
`com.fasterxml.woodstox:woodstox-core`	CVE-2022-40152	MEDIUM	5.3.0	6.4.0, 5.4.0
`com.fasterxml.woodstox:woodstox-core`	CVE-2022-40152	MEDIUM	5.3.0	6.4.0, 5.4.0
`com.fasterxml.woodstox:woodstox-core`	CVE-2022-40152	MEDIUM	5.3.0	6.4.0, 5.4.0
`com.google.code.gson:gson`	CVE-2022-25647	HIGH	2.2.4	2.8.9
`com.google.code.gson:gson`	CVE-2022-25647	HIGH	2.8.6	2.8.9
`com.google.guava:guava`	CVE-2018-10237	MEDIUM	14.0.1	24.1.1-android
`com.google.guava:guava`	CVE-2018-10237	MEDIUM	14.0.1	24.1.1-android
`com.google.guava:guava`	CVE-2018-10237	MEDIUM	14.0.1	24.1.1-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	31.0.1-jre	32.0.0-android
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	2.5.0	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	2.5.0	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	2.5.0	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	2.5.0	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.3.0	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.3.0	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.7.1	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.7.1	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.7.1	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.nimbusds:nimbus-jose-jwt`	CVE-2023-52428	HIGH	9.8.1	9.37.2
`com.nimbusds:nimbus-jose-jwt`	CVE-2023-52428	HIGH	9.8.1	9.37.2
`com.nimbusds:nimbus-jose-jwt`	CVE-2023-52428	HIGH	9.8.1	9.37.2
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.14.0	3.4.0, 1.17.6
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.6.0	3.4.0, 1.17.6
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.6.0	3.4.0, 1.17.6
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.6.0	3.4.0, 1.17.6
`com.squareup.okio:okio-jvm`	CVE-2023-3635	MEDIUM	3.2.0	3.4.0
`com.squareup.okio:okio-jvm`	CVE-2023-3635	MEDIUM	3.2.0	3.4.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.8.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.8.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.8.0	2.14.0
`commons-net:commons-net`	CVE-2021-37533	MEDIUM	3.6	3.9.0
`commons-net:commons-net`	CVE-2021-37533	MEDIUM	3.6	3.9.0
`commons-net:commons-net`	CVE-2021-37533	MEDIUM	3.6	3.9.0
`dnsjava:dnsjava`	CVE-2024-25638	HIGH	2.1.7	3.6.0
`dnsjava:dnsjava`	CVE-2024-25638	HIGH	2.1.7	3.6.0
`dnsjava:dnsjava`	CVE-2024-25638	HIGH	2.1.7	3.6.0
`io.airlift:aircompressor`	CVE-2024-36114	HIGH	0.21	0.27
`io.netty:netty`	CVE-2019-20444	CRITICAL	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2019-20444	CRITICAL	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2015-2156	HIGH	3.7.0.Final	3.10.3.Final, 3.9.8.Final
`io.netty:netty`	CVE-2015-2156	HIGH	3.7.0.Final	3.10.3.Final, 3.9.8.Final
`io.netty:netty`	CVE-2021-37136	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-37136	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-37137	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-37137	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2014-0193	MEDIUM	3.7.0.Final	3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
`io.netty:netty`	CVE-2014-0193	MEDIUM	3.7.0.Final	3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
`io.netty:netty`	CVE-2019-20445	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2019-20445	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21290	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21290	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21295	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21295	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21409	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21409	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-43797	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-43797	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty-codec`	CVE-2021-37136	HIGH	4.1.61.Final	4.1.68.Final
`io.netty:netty-codec`	CVE-2021-37137	HIGH	4.1.61.Final	4.1.68.Final
`io.netty:netty-codec-http`	CVE-2021-43797	MEDIUM	4.1.61.Final	4.1.71.Final
`io.netty:netty-codec-http`	CVE-2022-24823	MEDIUM	4.1.61.Final	4.1.77.Final
`io.netty:netty-codec-http`	CVE-2024-29025	MEDIUM	4.1.61.Final	4.1.108.Final
`io.netty:netty-common`	CVE-2024-47535	HIGH	4.1.61.Final	4.1.115
`io.netty:netty-common`	CVE-2024-47535	HIGH	4.1.74.Final	4.1.115
`io.netty:netty-common`	CVE-2024-47535	HIGH	4.1.74.Final	4.1.115
`io.netty:netty-handler`	CVE-2023-34462	MEDIUM	4.1.61.Final	4.1.94.Final
`io.netty:netty-handler`	CVE-2023-34462	MEDIUM	4.1.74.Final	4.1.94.Final
`io.netty:netty-handler`	CVE-2023-34462	MEDIUM	4.1.74.Final	4.1.94.Final
`net.minidev:json-smart`	CVE-2021-31684	HIGH	1.3.2	1.3.3, 2.4.4
`net.minidev:json-smart`	CVE-2021-31684	HIGH	1.3.2	1.3.3, 2.4.4
`net.minidev:json-smart`	CVE-2021-31684	HIGH	1.3.2	1.3.3, 2.4.4
`net.minidev:json-smart`	CVE-2023-1370	HIGH	1.3.2	2.4.9
`net.minidev:json-smart`	CVE-2023-1370	HIGH	1.3.2	2.4.9
`net.minidev:json-smart`	CVE-2023-1370	HIGH	1.3.2	2.4.9
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.11.0	1.11.4
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.11.0	1.11.3
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.7.7	1.11.4
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.7.7	1.11.4
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.7.7	1.11.4
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.7.7	1.11.3
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.7.7	1.11.3
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.7.7	1.11.3
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-configuration2`	CVE-2024-29131	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29131	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29131	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29133	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29133	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29133	MEDIUM	2.1.1	2.10.1
`org.apache.derby:derby`	CVE-2022-46337	CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
`org.apache.hadoop:hadoop-common`	CVE-2022-25168	CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
`org.apache.hadoop:hadoop-common`	CVE-2022-25168	CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
`org.apache.hadoop:hadoop-common`	CVE-2022-25168	CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
`org.apache.hadoop:hadoop-common`	CVE-2024-23454	LOW	3.3.2	3.4.0
`org.apache.hadoop:hadoop-common`	CVE-2024-23454	LOW	3.3.2	3.4.0
`org.apache.hadoop:hadoop-common`	CVE-2024-23454	LOW	3.3.2	3.4.0
`org.apache.ivy:ivy`	CVE-2022-46751	HIGH	2.5.1	2.5.2
`org.apache.kafka:kafka-clients`	CVE-2024-31141	MEDIUM	2.8.1	3.7.1
`org.apache.kafka:kafka-clients`	CVE-2024-31141	MEDIUM	2.8.1	3.7.1
`org.apache.mesos:mesos`	CVE-2018-1330	HIGH	1.4.3	1.6.0
`org.apache.thrift:libthrift`	CVE-2019-0205	HIGH	0.12.0	0.13.0
`org.apache.thrift:libthrift`	CVE-2020-13949	HIGH	0.12.0	0.14.0
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.4.8	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.4.8	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2017-5637	HIGH	3.4.8	3.4.10, 3.5.3
`org.apache.zookeeper:zookeeper`	CVE-2017-5637	HIGH	3.4.8	3.4.10, 3.5.3
`org.apache.zookeeper:zookeeper`	CVE-2018-8012	HIGH	3.4.8	3.4.10, 3.5.4-beta
`org.apache.zookeeper:zookeeper`	CVE-2018-8012	HIGH	3.4.8	3.4.10, 3.5.4-beta
`org.apache.zookeeper:zookeeper`	CVE-2019-0201	MEDIUM	3.4.8	3.4.14, 3.5.5
`org.apache.zookeeper:zookeeper`	CVE-2019-0201	MEDIUM	3.4.8	3.4.14, 3.5.5
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.6.2	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.6.2	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2024-23944	MEDIUM	3.6.2	3.8.4, 3.9.2
`org.apache.zookeeper:zookeeper`	CVE-2024-23944	MEDIUM	3.6.2	3.8.4, 3.9.2
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.43.v20210629	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.43.v20210629	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.43.v20210629	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.43.v20210629	12.0.12
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.43.v20210629	12.0.12
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.43.v20210629	12.0.12
`org.eclipse.jetty:jetty-http`	CVE-2022-2047	LOW	9.4.43.v20210629	9.4.47, 10.0.10, 11.0.10
`org.eclipse.jetty:jetty-http`	CVE-2022-2047	LOW	9.4.43.v20210629	9.4.47, 10.0.10, 11.0.10
`org.eclipse.jetty:jetty-http`	CVE-2022-2047	LOW	9.4.43.v20210629	9.4.47, 10.0.10, 11.0.10
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.48.v20220622	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.48.v20220622	12.0.12
`org.eclipse.jetty:jetty-server`	CVE-2023-26048	MEDIUM	9.4.48.v20220622	9.4.51.v20230217, 10.0.14, 11.0.14
`org.eclipse.jetty:jetty-server`	CVE-2024-8184	MEDIUM	9.4.48.v20220622	12.0.9, 10.0.24, 11.0.24, 9.4.56
`org.eclipse.jetty:jetty-server`	CVE-2023-26049	LOW	9.4.48.v20220622	9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
`org.eclipse.jetty:jetty-servlets`	CVE-2024-9823	MEDIUM	9.4.48.v20220622	9.4.54, 10.0.18, 11.0.18
`org.eclipse.jetty:jetty-servlets`	CVE-2023-36479	LOW	9.4.48.v20220622	9.4.52, 10.0.16, 11.0.16
`org.eclipse.jetty:jetty-xml`	GHSA-58qw-p7qm-5rvh	LOW	9.4.43.v20210629	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
`org.eclipse.jetty:jetty-xml`	GHSA-58qw-p7qm-5rvh	LOW	9.4.43.v20210629	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
`org.eclipse.jetty:jetty-xml`	GHSA-58qw-p7qm-5rvh	LOW	9.4.43.v20210629	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
`org.hibernate.validator:hibernate-validator`	CVE-2020-10693	MEDIUM	6.0.13.Final	6.1.5.Final, 6.0.20.Final
`org.hibernate.validator:hibernate-validator`	CVE-2020-10693	MEDIUM	6.0.13.Final	6.1.5.Final, 6.0.20.Final
`org.hibernate.validator:hibernate-validator`	CVE-2020-10693	MEDIUM	6.0.13.Final	6.1.5.Final, 6.0.20.Final
`org.hibernate.validator:hibernate-validator`	CVE-2023-1932	MEDIUM	6.0.13.Final	6.2.0.Final
`org.hibernate.validator:hibernate-validator`	CVE-2023-1932	MEDIUM	6.0.13.Final	6.2.0.Final
`org.hibernate.validator:hibernate-validator`	CVE-2023-1932	MEDIUM	6.0.13.Final	6.2.0.Final
`org.infinispan.protostream:protostream`	CVE-2023-5236	HIGH	4.6.0.Final	4.6.2.Final
`org.infinispan.protostream:protostream`	CVE-2023-5236	HIGH	4.6.0.Final	4.6.2.Final
`org.infinispan.protostream:protostream`	CVE-2023-5236	HIGH	4.6.0.Final	4.6.2.Final
`org.infinispan:infinispan-commons`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-commons`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-commons`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-core`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-core`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-core`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.json:json`	CVE-2022-45688	HIGH	20220924	20230227
`org.json:json`	CVE-2022-45688	HIGH	20220924	20230227
`org.json:json`	CVE-2022-45688	HIGH	20220924	20230227
`org.json:json`	CVE-2023-5072	HIGH	20220924	20231013
`org.json:json`	CVE-2023-5072	HIGH	20220924	20231013
`org.json:json`	CVE-2023-5072	HIGH	20220924	20231013
`org.xerial.snappy:snappy-java`	CVE-2023-34455	HIGH	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34455	HIGH	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34455	HIGH	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-43642	HIGH	1.1.8.4	1.1.10.4
`org.xerial.snappy:snappy-java`	CVE-2023-43642	HIGH	1.1.8.4	1.1.10.4
`org.xerial.snappy:snappy-java`	CVE-2023-43642	HIGH	1.1.8.4	1.1.10.4
`org.xerial.snappy:snappy-java`	CVE-2023-34453	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34453	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34453	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34454	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34454	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34454	MEDIUM	1.1.8.4	1.1.10.1
`org.yaml:snakeyaml`	CVE-2022-1471	HIGH	1.31	2.0
`org.yaml:snakeyaml`	CVE-2022-38752	MEDIUM	1.31	1.32
`org.yaml:snakeyaml`	CVE-2022-41854	MEDIUM	1.31	1.32
`software.amazon.ion:ion-java`	CVE-2024-21634	HIGH	1.0.2	1.10.5

No Misconfigurations found

`Python`

1 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`setuptools`	CVE-2024-6345	HIGH	68.2.2	70.0.0

No Misconfigurations found

`opt/bitnami/java`

No Vulnerabilities found

No Misconfigurations found

`opt/bitnami/python`

13 known vulnerabilities found (CRITICAL: 1 HIGH: 7 MEDIUM: 5 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`python`	CVE-2023-36632	HIGH	3.10.13-20	3.11.4
`python`	CVE-2023-6597	HIGH	3.10.13-20	3.12.3, 3.11.9, 3.10.14, 3.9.19, 3.8.19
`python`	CVE-2024-0397	HIGH	3.10.13-20	3.12.3, 3.11.9, 3.10.14, 3.9.20, 3.8.20
`python`	CVE-2024-4032	HIGH	3.10.13-20	3.12.4, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2024-6232	HIGH	3.10.13-20	3.12.6, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2024-7592	HIGH	3.10.13-20	3.12.6, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2023-27043	MEDIUM	3.10.13-20	3.8.20, 3.12.6, 3.11.10, 3.10.15, 3.9.20
`python`	CVE-2024-0450	MEDIUM	3.10.13-20	3.12.3, 3.11.9, 3.10.14, 3.9.19, 3.8.19
`python`	CVE-2024-6923	MEDIUM	3.10.13-20	3.12.5, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2024-8088	MEDIUM	3.10.13-20	3.12.6, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2024-9287	MEDIUM	3.10.13-20	3.13.0
`setuptools`	CVE-2024-6345	HIGH	68.2.2	70.0.0
`virtualenv`	CVE-2024-53899	CRITICAL	20.25.1	20.26.6

No Misconfigurations found

`opt/bitnami/spark`

No Vulnerabilities found

No Misconfigurations found

renovate bot force-pushed the renovate/pytest-8.x branch 3 times, most recently from df2699e to e97db48 Compare January 29, 2024 18:37

renovate bot force-pushed the renovate/pytest-8.x branch 4 times, most recently from fa49dc2 to 56340cb Compare February 22, 2024 14:18

renovate bot force-pushed the renovate/pytest-8.x branch 2 times, most recently from 8358c0e to 73ebd20 Compare February 26, 2024 16:31

renovate bot force-pushed the renovate/pytest-8.x branch 3 times, most recently from 6e20c6a to ba040bd Compare March 9, 2024 12:45

renovate bot force-pushed the renovate/pytest-8.x branch 4 times, most recently from a317d4b to c385663 Compare March 27, 2024 15:34

renovate bot force-pushed the renovate/pytest-8.x branch 3 times, most recently from 56f0d61 to d6d7396 Compare April 10, 2024 12:56

renovate bot force-pushed the renovate/pytest-8.x branch 3 times, most recently from 6a27365 to 276db30 Compare May 2, 2024 13:18

renovate bot force-pushed the renovate/pytest-8.x branch 4 times, most recently from 7595971 to 2a4f384 Compare May 7, 2024 12:36

renovate bot force-pushed the renovate/pytest-8.x branch from 2a4f384 to aaf4842 Compare May 20, 2024 01:29

renovate bot force-pushed the renovate/pytest-8.x branch from aaf4842 to bdb8016 Compare May 28, 2024 17:35

renovate bot force-pushed the renovate/pytest-8.x branch from bdb8016 to 5446a97 Compare June 5, 2024 23:51

renovate bot force-pushed the renovate/pytest-8.x branch from 5446a97 to 2f9ed5f Compare June 24, 2024 15:19

renovate bot force-pushed the renovate/pytest-8.x branch 2 times, most recently from 22021ef to 6ee667d Compare July 10, 2024 09:48

renovate bot force-pushed the renovate/pytest-8.x branch 4 times, most recently from a701ef2 to e2f0a54 Compare July 25, 2024 17:21

renovate bot force-pushed the renovate/pytest-8.x branch 2 times, most recently from 0b984ad to b55ba12 Compare July 31, 2024 08:39

renovate bot force-pushed the renovate/pytest-8.x branch from b55ba12 to 8d050a8 Compare August 8, 2024 11:08

renovate bot force-pushed the renovate/pytest-8.x branch 2 times, most recently from 7f743cd to d8fc5f6 Compare August 20, 2024 12:07

renovate bot force-pushed the renovate/pytest-8.x branch 2 times, most recently from 8c2146d to 6954fca Compare September 10, 2024 14:41

renovate bot force-pushed the renovate/pytest-8.x branch from 6954fca to 3e5697f Compare September 27, 2024 19:07

renovate bot force-pushed the renovate/pytest-8.x branch 3 times, most recently from b4a8cbe to abfc322 Compare October 8, 2024 09:50

renovate bot force-pushed the renovate/pytest-8.x branch 4 times, most recently from 7aa5a46 to 48549d8 Compare November 19, 2024 20:48

chore(deps): update dependency pytest to v8

18b00cd

renovate bot force-pushed the renovate/pytest-8.x branch from 48549d8 to 18b00cd Compare December 1, 2024 13:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency pytest to v8 #152

chore(deps): update dependency pytest to v8 #152

renovate bot commented Jan 28, 2024 •

edited

Loading

github-actions bot commented Jan 28, 2024 •

edited

Loading

github-actions bot commented Dec 1, 2024

github-actions bot commented Dec 1, 2024

chore(deps): update dependency pytest to v8 #152

Are you sure you want to change the base?

chore(deps): update dependency pytest to v8 #152

Conversation

renovate bot commented Jan 28, 2024 • edited Loading

Release Notes

pytest 8.3.4 (2024-12-01)

Bug fixes

Improved documentation

Contributor-facing changes

pytest 8.3.3 (2024-09-09)

Bug fixes

Improved documentation

Miscellaneous internal changes

pytest 8.3.2 (2024-07-24)

Bug fixes

pytest 8.3.1 (2024-07-20)

pytest 8.3.0 (2024-07-20)

New features

Improvements in existing functionality

Bug fixes

Improved documentation

Contributor-facing changes

pytest 8.2.2 (2024-06-04)

Bug Fixes

Improved Documentation

pytest 8.2.1 (2024-05-19)

Improvements

Bug Fixes

Trivial/Internal Changes

pytest 8.2.0 (2024-04-27)

Deprecations

Features

Improvements

Bug Fixes

Trivial/Internal Changes

pytest 8.1.2 (2024-04-26)

Bug Fixes

pytest 8.1.1 (2024-03-08)

Features

Improvements

Bug Fixes

Improved Documentation

Trivial/Internal Changes

pytest 8.1.0 (YANKED)

pytest 8.1.0 (YANKED)

Features

Improvements

Bug Fixes

Improved Documentation

Trivial/Internal Changes

pytest 8.0.2 (2024-02-24)

Bug Fixes

pytest 8.0.1 (2024-02-16)

Bug Fixes

v8.0.0: pytest 8.0.0 (2024-01-27)

Bug Fixes

Configuration

github-actions bot commented Jan 28, 2024 • edited Loading

🦙 MegaLinter status: ❌ ERROR

github-actions bot commented Dec 1, 2024

Trivy image scan report

ghcr.io/bzkf/onco-analytics-on-fhir/decompose-xmls:pr-152 (debian 12.7)

8 known vulnerabilities found (LOW: 2 CRITICAL: 2 HIGH: 2 MEDIUM: 2)

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

github-actions bot commented Dec 1, 2024

Trivy image scan report

ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-152 (debian 12.5)

53 known vulnerabilities found (MEDIUM: 24 LOW: 4 CRITICAL: 4 HIGH: 21)

No Misconfigurations found

Java

292 known vulnerabilities found (CRITICAL: 22 HIGH: 154 MEDIUM: 95 LOW: 21)

No Misconfigurations found

Python

1 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 0)

No Misconfigurations found

opt/bitnami/java

renovate bot commented Jan 28, 2024 •

edited

Loading

`v8.0.0`: pytest 8.0.0 (2024-01-27)

github-actions bot commented Jan 28, 2024 •

edited

Loading

`ghcr.io/bzkf/onco-analytics-on-fhir/decompose-xmls:pr-152 (debian 12.7)`

`Python`

`ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-152 (debian 12.5)`

`Java`

`Python`

`opt/bitnami/java`

`opt/bitnami/python`

`opt/bitnami/spark`