`safety` says `py <=1.11.0` is affected by a ReDoS issue but no new release is available

Question

`safety` says `py <=1.11.0` is affected by a ReDoS issue but no new release is available

saher-alhusayan opened this issue 2 years ago · comments

Safety version: 1.10.3
Python version: 3.10.2
Operating System: MacOS 12.6

Description

Hey 👋

When running safety check --full-report --file=requirements.txt, safety is failing to pass a check for py saying all versions of py under or equal to 1.11.0 are affected (see screenshot below). The problem is we can't upgrade to a higher version as none is available.

The error cites this issue but I can't see any discussion on it or a resolution.

Any idea if someone is aware or a fix is being worked on? 🙏

Ronny Pfannschmidt · Answer 1 · Tue Nov 01 2022 23:46:46 GMT+0800 (China Standard Time)

Duplicate of #287