Bump requests (pip) from 2.32.0 in llvm/utils/git/requirements.txt

Bumps requests (pip) from 2.32.0 to resolve identified security vulnerability in 3rd party dependency. When making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same origin will continue to ignore cert verification regardless of changes to the value of verify. This behavior will continue for the lifecycle of the connection in the connection pool. Upgrading will resolve this issue. Refer to psf/requests#6655
lucyli-ca · Jun 3, 2024 · 778eb42 · 778eb42
1 parent 631064e
commit 778eb42
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/llvm/utils/git/requirements.txt b/llvm/utils/git/requirements.txt
@@ -232,7 +232,7 @@ pynacl==1.5.0 \
     --hash=sha256:a422368fc821589c228f4c49438a368831cb5bbc0eab5ebe1d7fac9dded6567b \
     --hash=sha256:e46dae94e34b085175f8abb3b0aaa7da40767865ac82c928eeb9e57e1ea8a543
     # via pygithub
-requests==2.31.0 \
+requests==2.32.0 \
     --hash=sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f \
     --hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1
     # via pygithub