whoogle-search

open.source/whoogle-search

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ben Busby	2a0ad8796c	Switch to defusedxml for xml parsing xml.etree.ElementTree.fromstring is considered insecure, see: https://docs.python.org/3/library/xml.etree.elementtree.html The defusedxml package contains several Python-only workarounds and fixes for denial of service and other vulnerabilities in Python's XML libraries: https://github.com/tiran/defusedxml Fixes #670	2022-03-01 12:54:32 -07:00
jan Anja	5069838e69	Configure setup() using setup.cfg (#667 ) Dependencies are not read from requirements.txt intentionally, so only direct dependencies without version pinning are included. Setuptools documentation: https://setuptools.pypa.io/en/latest/userguide/declarative_config.html	2022-02-25 15:29:54 -07:00

Author

SHA1

Message

Date

Ben Busby

2a0ad8796c

Switch to defusedxml for xml parsing

xml.etree.ElementTree.fromstring is considered insecure, see:
https://docs.python.org/3/library/xml.etree.elementtree.html

The defusedxml package contains several Python-only workarounds and
fixes for denial of service and other vulnerabilities in Python's XML
libraries: https://github.com/tiran/defusedxml

Fixes #670

2022-03-01 12:54:32 -07:00

jan Anja

5069838e69

Configure setup() using setup.cfg (#667 )

Dependencies are not read from requirements.txt intentionally, so only
direct dependencies without version pinning are included.

Setuptools documentation:
https://setuptools.pypa.io/en/latest/userguide/declarative_config.html

2022-02-25 15:29:54 -07:00

2 Commits