build(deps): bump scrapy from 1.8.0 to 2.6.2 #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

dependabot wants to merge 1 commit into master from dependabot/pip/scrapy-2.6.2

Open

build(deps): bump scrapy from 1.8.0 to 2.6.2 #49

build(deps): bump scrapy from 1.8.0 to 2.6.2

Codacy Production / Codacy Static Code Analysis required action Oct 2, 2025 in 0s

3 new security issues (0 max.).

Here is an overview of what got changed by this pull request:

Issues
======
- Added 3

See the complete overview on Codacy

Annotations

Check warning on line 757 in Pipfile.lock

codacy-production / Codacy Static Code Analysis

Pipfile.lock#L757

Insecure dependency pypi/setuptools@59.6.0 (CVE-2022-40897: pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py) (update to 65.5.1)

Check warning on line 757 in Pipfile.lock

codacy-production / Codacy Static Code Analysis

Pipfile.lock#L757

Insecure dependency pypi/setuptools@59.6.0 (CVE-2024-6345: pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools) (update to 70.0.0)

Check warning on line 757 in Pipfile.lock

codacy-production / Codacy Static Code Analysis

Pipfile.lock#L757

Insecure dependency pypi/setuptools@59.6.0 (CVE-2025-47273: setuptools: Path Traversal Vulnerability in setuptools PackageIndex) (update to 78.1.1)

View more details on Codacy Production