chore: sync development → main (security audits + CVE patches)#112
Open
tmcneil-mdb wants to merge 11 commits into
Open
chore: sync development → main (security audits + CVE patches)#112tmcneil-mdb wants to merge 11 commits into
tmcneil-mdb wants to merge 11 commits into
Conversation
Bump pymongo to v4.17.0
* Set up TanStack Start sample app with tests, CI/CD, and Bluehawk snippet extraction (#101) * Adding TanStack Start + Unit & Integration Tests * Adding GH Actions * Add Bluehawk snippet extraction and improve test documentation - Set up Bluehawk for snippet extraction from source code - Add generic snip.js script for framework examples - Add processFiles.js for handling unannotated files - Extract 8 code snippets to testedSnippets/ - Add test:all npm script to run both unit and integration tests - Update all READMEs to clarify test commands (test vs test:all) - Document component testing status (not implemented due to TanStack Start beta) - Add Bluehawk annotations to source files (Header, RestaurantList, db, routes) * addressing pr feedback * Adding in copier flow (#104)
…ories - pillow 12.2.0 (CVE-2026-42308 through CVE-2026-42311, GHSA-5xmw-vc9v-4wf2, etc.) - python-dotenv 1.2.2 (CVE-2026-28684, GHSA-mf9w-mj56-hr94) Addresses Dependabot alerts #47-51 on mongodb/docs-sample-apps. Co-authored-by: Cursor <cursoragent@cursor.com>
…2026-dev fix(python-fastapi): bump pillow and python-dotenv for security advisories
* fix: dependabot issues and creating audit script * chore:remove cached audit files * chore: updating readme and gitignore
Batch Patch for Python Audit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
What's in this sync
Security audit workflows (new)
audit-python-fastapi.yml— runspip-auditon Python FastAPI dependenciesaudit-tanstack.yml— runsnpm auditon TanStack app + Bluehawk dependenciesgenerate-audit-summary-pip.sh/generate-audit-summary-npm.sh— Markdown summary scripts for GitHub ActionsPython FastAPI CVE patches
TanStack Dependabot batch fixes
Other
requirements.inwith CVE references.gitignoreupdated foraudit-results*.jsonTesting
pip-audit -r requirements.txt— 0 vulnerabilitiespytest tests/ -m unit— 65 passed, 0 failures (verified pytest 8→9 major bump)npm audit— clean on TanStack app + BluehawkNote on merge conflicts