From 745b9593960ed8b0905bf94b86f0bc5985fd70e3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 27 May 2026 19:06:58 +0000 Subject: [PATCH] deps(deps): bump the data-doc group across 1 directory with 8 updates Bumps the data-doc group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [pyyaml](https://github.com/yaml/pyyaml) | `6.0.1` | `6.0.3` | | [openpyxl](https://openpyxl.readthedocs.io) | `3.1.2` | `3.1.5` | | [python-docx](https://github.com/python-openxml/python-docx) | `1.1.0` | `1.2.0` | | [pdfplumber](https://github.com/jsvine/pdfplumber) | `0.10.3` | `0.11.9` | | [pypdf](https://github.com/py-pdf/pypdf) | `6.10.2` | `6.12.2` | | [beautifulsoup4](https://www.crummy.com/software/BeautifulSoup/bs4/) | `4.12.2` | `4.14.3` | | [reportlab](https://www.reportlab.com/) | `4.0.7` | `4.5.1` | | [python-pptx](https://github.com/scanny/python-pptx) | `0.6.23` | `1.0.2` | Updates `pyyaml` from 6.0.1 to 6.0.3 - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](https://github.com/yaml/pyyaml/compare/6.0.1...6.0.3) Updates `openpyxl` from 3.1.2 to 3.1.5 Updates `python-docx` from 1.1.0 to 1.2.0 - [Changelog](https://github.com/python-openxml/python-docx/blob/master/HISTORY.rst) - [Commits](https://github.com/python-openxml/python-docx/compare/v1.1.0...v1.2.0) Updates `pdfplumber` from 0.10.3 to 0.11.9 - [Release notes](https://github.com/jsvine/pdfplumber/releases) - [Changelog](https://github.com/jsvine/pdfplumber/blob/stable/CHANGELOG.md) - [Commits](https://github.com/jsvine/pdfplumber/compare/v0.10.3...v0.11.9) Updates `pypdf` from 6.10.2 to 6.12.2 - [Release notes](https://github.com/py-pdf/pypdf/releases) - [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md) - [Commits](https://github.com/py-pdf/pypdf/compare/6.10.2...6.12.2) Updates `beautifulsoup4` from 4.12.2 to 4.14.3 Updates `reportlab` from 4.0.7 to 4.5.1 Updates `python-pptx` from 0.6.23 to 1.0.2 - [Changelog](https://github.com/scanny/python-pptx/blob/master/HISTORY.rst) - [Commits](https://github.com/scanny/python-pptx/compare/v0.6.23...v1.0.2) --- updated-dependencies: - dependency-name: beautifulsoup4 dependency-version: 4.14.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: data-doc - dependency-name: openpyxl dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: data-doc - dependency-name: pdfplumber dependency-version: 0.11.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: data-doc - dependency-name: pypdf dependency-version: 6.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: data-doc - dependency-name: python-docx dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: data-doc - dependency-name: python-pptx dependency-version: 1.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: data-doc - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: data-doc - dependency-name: reportlab dependency-version: 4.5.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: data-doc ... Signed-off-by: dependabot[bot] --- config/requirements.txt | 16 ++++++++-------- requirements/base.txt | 16 ++++++++-------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/config/requirements.txt b/config/requirements.txt index 2e5bbe8..97c6227 100644 --- a/config/requirements.txt +++ b/config/requirements.txt @@ -37,14 +37,14 @@ pymysql==1.1.3 # [稳定层] MySQL(修 GHSA SQL 注入) SQLAlchemy==2.0.49 # [稳定层] ORM # ===== [稳定层] 配置 ===== -PyYAML==6.0.1 # [稳定层] regression_modules.yaml 解析 +PyYAML==6.0.3 # [稳定层] regression_modules.yaml 解析 # ===== [稳定层] Excel/文档(PRD 多格式加载也用)===== -openpyxl==3.1.2 # [稳定层] Excel -python-docx==1.1.0 # [稳定层] Word -pdfplumber==0.10.3 # [稳定层] PDF 解析(主) -pypdf==6.10.2 # [稳定层] PDF 解析(备)—— 替代停维护的 PyPDF2,5.1→6.10 修 ~22 个 RAM/infinite-loop CVE -beautifulsoup4==4.12.2 # [稳定层] HTML/URL PRD 解析 +openpyxl==3.1.5 # [稳定层] Excel +python-docx==1.2.0 # [稳定层] Word +pdfplumber==0.11.9 # [稳定层] PDF 解析(主) +pypdf==6.12.2 # [稳定层] PDF 解析(备)—— 替代停维护的 PyPDF2,5.1→6.10 修 ~22 个 RAM/infinite-loop CVE +beautifulsoup4==4.14.3 # [稳定层] HTML/URL PRD 解析 # ===== [稳定层] 工具 ===== python-dotenv==1.2.2 # [稳定层] .env 加载(修 CVE-2026-28684 symlink rename,1.0.1 仍含洞) @@ -58,8 +58,8 @@ pytest-bdd==7.0.0 # [稳定层] BDD 框架 jsonschema==4.21.0 # [稳定层] JSON Schema 验证 # ===== [稳定层] 报告 ===== -reportlab==4.0.7 # [稳定层] PDF 报告 -python-pptx==0.6.23 # [稳定层] PPTX 报告 + PRD pptx 输入 +reportlab==4.5.1 # [稳定层] PDF 报告 +python-pptx==1.0.2 # [稳定层] PPTX 报告 + PRD pptx 输入 # ===== [稳定层] 通知(webhook 直连,无需 SDK 包,requests 已含)===== diff --git a/requirements/base.txt b/requirements/base.txt index 8992cef..2d31172 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -28,14 +28,14 @@ pymysql==1.1.3 SQLAlchemy==2.0.49 # 配置 -PyYAML==6.0.1 +PyYAML==6.0.3 # Excel/文档 -openpyxl==3.1.2 -python-docx==1.1.0 -pdfplumber==0.10.3 -pypdf==6.10.2 -beautifulsoup4==4.12.2 +openpyxl==3.1.5 +python-docx==1.2.0 +pdfplumber==0.11.9 +pypdf==6.12.2 +beautifulsoup4==4.14.3 # 工具 python-dotenv==1.2.2 @@ -46,8 +46,8 @@ loguru==0.7.2 jsonschema==4.21.0 # 报告 -reportlab==4.0.7 -python-pptx==0.6.23 +reportlab==4.5.1 +python-pptx==1.0.2 # 安全扫描 bandit==1.7.6