[securedrop-proxy] Bump requests to 2.31.0

Question

[securedrop-proxy] Bump requests to 2.31.0

zenmonkeykstop opened this issue 2 years ago · 1 comments

A requests bug was found: GHSA-j8r2-6x86-q33q

We're not directly affected AFAICT but bumping the version is no harm.

Diff review done in freedomofpress/securedrop#6820

Answer 1 · 2023-06-21T23:29:05.000Z

(Note that freedomofpress/securedrop-builder#454 will need review as well before #119 will pass CI; commenting here for visibility since we're tracking issues not PRs in the dev board)