Skip to content

Upgrade openpyxl #248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kaapstorm merged 1 commit into from
Jun 6, 2025
Merged

Upgrade openpyxl #248

kaapstorm merged 1 commit into from
Jun 6, 2025

Conversation

@kaapstorm
Copy link
Contributor

@kaapstorm kaapstorm commented Jun 6, 2025

Addresses security vulnerabilities and bug fixes in openpyxl: Changelog

@kaapstorm kaapstorm requested review from ajeety4 and mkangia June 6, 2025 11:57
@kaapstorm kaapstorm added the dependencies Pull requests that update a dependency file label Jun 6, 2025
mkangia
mkangia approved these changes Jun 6, 2025
View reviewed changes
Copy link
Contributor

@mkangia mkangia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume the tests are good enough to validate the change.

@kaapstorm kaapstorm merged commit 5adc47c into master Jun 6, 2025
5 checks passed
@kaapstorm kaapstorm deleted the nh/openpyxl branch June 6, 2025 14:46
ajeety4
ajeety4 reviewed Jun 6, 2025
View reviewed changes
Copy link

@ajeety4 ajeety4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👍
Just curious, how the need to upgrade was identified ? Also wondering if this repo is a good candidate for adding the Dependabot ?

@kaapstorm
Copy link
Contributor Author

kaapstorm commented Jun 6, 2025

Just curious, how the need to upgrade was identified ?

Using the Claude CLI, I asked what changes it recommended, and to prioritize those changes. It gave this change the highest priority because of the age of the version (more than 6 years) and the bugs that have been fixed since then.

Also wondering if this repo is a good candidate for adding the Dependabot ?

Yeah, I think so.

@kaapstorm
Copy link
Contributor Author

kaapstorm commented Jun 6, 2025

🤔 looks like we were using Dependabot #244

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ajeety4 ajeety4 ajeety4 left review comments

@mkangia mkangia mkangia approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kaapstorm @mkangia @ajeety4