st2 icon indicating copy to clipboard operation
st2 copied to clipboard
verified publisher icon StackStorm

Delete python-keyczar==0.716

Open philipphomberger opened this issue 2 years ago • 1 comments

Keyczar is deprecated. See: https://github.com/google/keyczar

Critical Vunability: https://www.cve.org/CVERecord?id=CVE-2013-7459

I checkout the codebase and not find this libary is still in use. In the requirements-pants.txt i find that information:

was in fixed-requirements.txt, but not in requirements-pants.txt

keyczar is used by a python2-only test.

#python-keyczar

So because Python 2 is not in use I think this can be remove. Please let me know if I am wrong. I am happy to learn.

philipphomberger avatar Dec 01 '23 07:12 philipphomberger

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
0 out of 2 committers have signed the CLA.

:x: Philipp Homberger
:x: snyk-bot

Philipp Homberger seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Dec 08 '23 16:12 CLAassistant