chore(deps): bump idna from 3.11 to 3.15 (#357)

* chore(deps): bump idna from 3.11 to 3.15 Bumps [idna](https://github.com/kjd/idna) from 3.11 to 3.15. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](https://github.com/kjd/idna/compare/v3.11...v3.15) --- updated-dependencies: - dependency-name: idna dependency-version: '3.15' dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * release: 0.55.4 — idna 3.11 → 3.15 (CVE-2026-45409 fix) --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: ZdenekSrotyr <zdenek.srotyr@keboola.com>
2026-05-19 17:43:09 +02:00 · 2026-05-19 17:43:09 +02:00 · a8fe4e8b21
commit a8fe4e8b21
parent 62336bfd32
3 changed files with 26 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -10,6 +10,11 @@ CalVer image tags (`stable-YYYY.MM.N`, `dev-YYYY.MM.N`) are produced for every C

 ## [Unreleased]

+## [0.55.4] — 2026-05-19
+
+### Security
+- Bumped `idna` from 3.11 to 3.15 (Dependabot, #357). 3.14 closed a bypass of the CVE-2024-3651 mitigation by rejecting oversize inputs up-front (**CVE-2026-45409**); 3.15 hardens further by enforcing the DNS-length cap on individual labels early in `check_label`. Transitive dependency of `requests` / `httpx` — bumped via `uv.lock` only, no surface-area change.
+
 ## [0.55.3] — 2026-05-19

 ### Changed
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [project]
 name = "agnes-the-ai-analyst"
-version = "0.55.3"
+version = "0.55.4"
 description = "Agnes — AI Data Analyst platform for AI analytical systems"
 requires-python = ">=3.11,<3.14"
 license = "MIT"
--- a/uv.lock
+++ b/uv.lock
@ -24,7 +24,7 @@ wheels = [

 [[package]]
 name = "agnes-the-ai-analyst"
-version = "0.54.7"
+version = "0.55.3"
 source = { editable = "." }
 dependencies = [
    { name = "a2wsgi" },
@ -72,6 +72,7 @@ dev = [
    { name = "fastapi-debug-toolbar" },
    { name = "jsonschema" },
    { name = "pytest" },
+    { name = "pytest-split" },
    { name = "pytest-timeout" },
    { name = "pytest-xdist" },
 ]
@ -89,6 +90,7 @@ dev = [
    { name = "fastapi-debug-toolbar" },
    { name = "openai" },
    { name = "pytest" },
+    { name = "pytest-split" },
    { name = "pytest-timeout" },
    { name = "pytest-xdist" },
 ]
@ -126,6 +128,7 @@ requires-dist = [
    { name = "pyarrow", specifier = ">=12.0.0" },
    { name = "pyjwt", specifier = ">=2.8.0" },
    { name = "pytest", marker = "extra == 'dev'", specifier = ">=9.0.0" },
+    { name = "pytest-split", marker = "extra == 'dev'", specifier = ">=0.9.0" },
    { name = "pytest-timeout", marker = "extra == 'dev'", specifier = ">=2.0.0" },
    { name = "pytest-xdist", marker = "extra == 'dev'", specifier = ">=3.0.0" },
    { name = "python-dotenv", specifier = ">=1.0.0" },
@ -150,6 +153,7 @@ dev = [
    { name = "fastapi-debug-toolbar", specifier = ">=0.6.3" },
    { name = "openai", specifier = ">=1.30.0" },
    { name = "pytest", specifier = ">=9.0.0" },
+    { name = "pytest-split", specifier = ">=0.9.0" },
    { name = "pytest-timeout", specifier = ">=2.0.0" },
    { name = "pytest-xdist", specifier = ">=3.0.0" },
 ]
@ -1109,11 +1113,11 @@ wheels = [

 [[package]]
 name = "idna"
-version = "3.11"
+version = "3.15"
 source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/6f/6d/0703ccc57f3a7233505399edb88de3cbd678da106337b9fcde432b65ed60/idna-3.11.tar.gz", hash = "sha256:795dafcc9c04ed0c1fb032c2aa73654d8e8c5023a7df64a53f39190ada629902", size = 194582, upload-time = "2025-10-12T14:55:20.501Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/82/77/7b3966d0b9d1d31a36ddf1746926a11dface89a83409bf1483f0237aa758/idna-3.15.tar.gz", hash = "sha256:ca962446ea538f7092a95e057da437618e886f4d349216d2b1e294abfdb65fdc", size = 199245, upload-time = "2026-05-12T22:45:57.011Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/0e/61/66938bbb5fc52dbdf84594873d5b51fb1f7c7794e9c0f5bd885f30bc507b/idna-3.11-py3-none-any.whl", hash = "sha256:771a87f49d9defaf64091e6e6fe9c18d4833f140bd19464795bc32d966ca37ea", size = 71008, upload-time = "2025-10-12T14:55:18.883Z" },
+    { url = "https://files.pythonhosted.org/packages/d2/23/408243171aa9aaba178d3e2559159c24c1171a641aa83b67bdd3394ead8e/idna-3.15-py3-none-any.whl", hash = "sha256:048adeaf8c2d788c40fee287673ccaa74c24ffd8dcf09ffa555a2fbb59f10ac8", size = 72340, upload-time = "2026-05-12T22:45:55.733Z" },
 ]

 [[package]]
@ -2002,6 +2006,18 @@ wheels = [
    { url = "https://files.pythonhosted.org/packages/d4/24/a372aaf5c9b7208e7112038812994107bc65a84cd00e0354a88c2c77a617/pytest-9.0.3-py3-none-any.whl", hash = "sha256:2c5efc453d45394fdd706ade797c0a81091eccd1d6e4bccfcd476e2b8e0ab5d9", size = 375249, upload-time = "2026-04-07T17:16:16.13Z" },
 ]

+[[package]]
+name = "pytest-split"
+version = "0.11.0"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "pytest" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/2f/16/8af4c5f2ceb3640bb1f78dfdf5c184556b10dfe9369feaaad7ff1c13f329/pytest_split-0.11.0.tar.gz", hash = "sha256:8ebdb29cc72cc962e8eb1ec07db1eeb98ab25e215ed8e3216f6b9fc7ce0ec2b5", size = 13421, upload-time = "2026-02-03T09:14:31.469Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/ae/a1/d4423657caaa8be9b31e491592b49cebdcfd434d3e74512ce71f6ec39905/pytest_split-0.11.0-py3-none-any.whl", hash = "sha256:899d7c0f5730da91e2daf283860eb73b503259cb416851a65599368849c7f382", size = 11911, upload-time = "2026-02-03T09:14:33.708Z" },
+]
+
 [[package]]
 name = "pytest-timeout"
 version = "2.4.0"