Skip to content

Fix: Upgrade h11 and httpx, and bump Python requirement #116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 3, 2025
Merged

Fix: Upgrade h11 and httpx, and bump Python requirement #116

merged 3 commits into from
Jun 3, 2025

Conversation

xiangfu0
Copy link
Contributor

@xiangfu0 xiangfu0 commented Jun 3, 2025

Fix: #108

Summary:

Upgrades h11 to 0.16.0 (addresses CVE-2025-43859).
Upgrades httpx to 0.28.1 (required by h11 0.16.0).
Bumps minimum Python version to >=3.8,<4 (required by httpx 0.28.1).

Details:

The previous version of h11 (0.14.0) is affected by a security vulnerability (CVE-2025-43859).
httpx 0.28.1 is required for compatibility with h11 0.16.0, but it requires Python 3.8+.
The pyproject.toml has been updated accordingly.

Impact:

Users must use Python 3.8 or newer.
This resolves a critical security issue and ensures compatibility with the latest dependencies.

@xiangfu0 xiangfu0 requested a review from Copilot June 3, 2025 17:44
Copilot
Copilot AI reviewed Jun 3, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR upgrades critical dependencies to address a security vulnerability and align with new requirements.

  • Bumps Python requirement from >=3.7 to >=3.8
  • Pins httpx to 0.28.1 for compatibility
  • Adds an explicit h11 dependency at version 0.16.0

xiangfu0 and others added 2 commits June 3, 2025 10:47
@xiangfu0 xiangfu0 merged commit 0250092 into master Jun 3, 2025
10 checks passed
@xiangfu0 xiangfu0 deleted the fix/upgrade-h11-httpx-python branch June 3, 2025 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

httpx version vulnerability
1 participant
@xiangfu0