Skip to content

Add server IP address via ipify #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add server IP address via ipify #34

wants to merge 1 commit into from

Conversation

@stacklokdemo
Copy link
Contributor

@stacklokdemo stacklokdemo commented Jul 16, 2024

No description provided.

ghost
ghost suggested changes Jul 16, 2024
View reviewed changes
requirements.txt
@@ -1 +1,2 @@
requests==2.19.0
Copy link

@ghost ghost Jul 16, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
requests==2.19.0
requests==2.32.3

@ghost
Copy link

ghost commented Jul 16, 2024

Minder Vulnerability Report ⚠️

Minder found vulnerable dependencies in this PR. Either push an updated version or accept the proposed changes. Note that accepting the changes will include Minder as a co-author of this PR.

Vulnerability scan of ad94d3b0:

  • 🐞 vulnerable packages: 1
  • 🛠 fixes available for: 1
Package Version #Vulnerabilities #Fixes Patch
requests 2.19.0 5 5 2.32.3

Summary of vulnerabilities found

Minder found the following vulnerabilities in this PR:
Ecosystem Name Version Vulnerability ID Summary Introduced Fixed
PyPI requests 2.19.0 GHSA-9wx4-h78v-vm56 Requests `Session` object does not verify requests after making first request with verify=False 0 2.32.0
PyPI requests 2.19.0 GHSA-j8r2-6x86-q33q Unintended leak of Proxy-Authorization header in requests 2.3.0 2.31.0
PyPI requests 2.19.0 GHSA-x84v-xcm2-53pg Insufficiently Protected Credentials in Requests 0 2.20.0
PyPI requests 2.19.0 PYSEC-2018-28 0 2.20.0
PyPI requests 2.19.0 PYSEC-2023-74 2.3.0 2.31.0

@ghost
Copy link

ghost commented Nov 22, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Scoring details
Component Score
From provenance
User activity 9.4
Repository activity 9.4
Package activity 9.4
Provenance_type historical_provenance_match
Provenance 0
Trust-summary 8.6
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 152
Number of git tags or releases 103
Versions matched to tags or releases 95

@ghost
Copy link

ghost commented Nov 22, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Scoring details
Component Score
User activity 9.4
Repository activity 9.4
Package activity 9.4
Provenance_type historical_provenance_match
Provenance 0
Trust-summary 8.6
From provenance
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 152
Number of git tags or releases 103
Versions matched to tags or releases 95

1 similar comment
@ghost
Copy link

ghost commented Nov 22, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Scoring details
Component Score
User activity 9.4
Repository activity 9.4
Package activity 9.4
Provenance_type historical_provenance_match
Provenance 0
Trust-summary 8.6
From provenance
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 152
Number of git tags or releases 103
Versions matched to tags or releases 95

@ghost
Copy link

ghost commented Nov 25, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Scoring details
Component Score
Repository activity 9.4
Package activity 9.4
Provenance_type historical_provenance_match
Provenance 0
Trust-summary 8.6
From provenance
User activity 9.4
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 152
Number of git tags or releases 103
Versions matched to tags or releases 95

@ghost
Copy link

ghost commented Nov 25, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Scoring details
Component Score
Provenance_type historical_provenance_match
Provenance 0
Trust-summary 8.6
From provenance
User activity 9.4
Repository activity 9.4
Package activity 9.4
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 152
Number of git tags or releases 103
Versions matched to tags or releases 95

@ghost
Copy link

ghost commented Dec 2, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Alternatives
Package Score Description
httpx 0
urllib3 0

2 similar comments
@ghost
Copy link

ghost commented Dec 2, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Alternatives
Package Score Description
httpx 0
urllib3 0

@ghost
Copy link

ghost commented Dec 2, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: requests

Trusty Score: 0

Alternatives
Package Score Description
httpx 0
urllib3 0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stacklokdemo @evankanderson