Skip to content

[Snyk] Security upgrade python-dotenv from 1.0.0 to 1.2.2#149

Merged
sunil-lakshman merged 1 commit intomainfrom
snyk-fix-e6c7f9d976f131291a9afab2ca31e93c
Apr 22, 2026
Merged

[Snyk] Security upgrade python-dotenv from 1.0.0 to 1.2.2#149
sunil-lakshman merged 1 commit intomainfrom
snyk-fix-e6c7f9d976f131291a9afab2ca31e93c

Conversation

@sunil-lakshman
Copy link
Copy Markdown
Contributor

@sunil-lakshman sunil-lakshman commented Apr 22, 2026

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

  • requirements.txt

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@snyk-bot
fix: requirements.txt to reduce vulnerabilities
369dc64 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYTHONDOTENV-16115271
@sunil-lakshman sunil-lakshman requested a review from a team as a code owner April 22, 2026 09:03
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 22, 2026

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type Count (with fixes) Without fixes Threshold Result
🔴 Critical Severity 0 0 10 ✅ Passed
🟠 High Severity 0 1 25 ✅ Passed
🟡 Medium Severity 0 3 500 ✅ Passed
🔵 Low Severity 0 0 1000 ✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity Breaches (with fixes) Breaches (no fixes) SLA Threshold (with/no fixes) Status
🔴 Critical 0 0 15 / 30 days ✅ Passed
🟠 High 0 0 30 / 120 days ✅ Passed
🟡 Medium 0 0 90 / 365 days ✅ Passed
🔵 Low 0 0 180 / 365 days ✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

  • Critical without fixes: 0
  • High without fixes: 1
  • Medium without fixes: 3
  • Low without fixes: 0

✅ BUILD PASSED - All security checks passed

@sunil-lakshman sunil-lakshman merged commit c29fca3 into main Apr 22, 2026
7 checks passed
@sunil-lakshman sunil-lakshman deleted the snyk-fix-e6c7f9d976f131291a9afab2ca31e93c branch April 22, 2026 09:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@netrajpatel netrajpatel netrajpatel approved these changes

@harshitha-cstk harshitha-cstk harshitha-cstk approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sunil-lakshman @netrajpatel @harshitha-cstk @snyk-bot