Workflow

PyPi: Sqlmesh

CVE-2024-38526

Transitive

Safety vulnerability ID: 75214

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jun 26, 2024 Updated at Feb 05, 2025
Scan your Python projects for vulnerabilities →

Advisory

Sqlmesh bump pdoc to 14.5.1 to address CVE-2024-38526.

Affected package

sqlmesh

Latest version: 0.154.0

None

Affected versions

Fixed versions

Vulnerability changelog

:sparkles: Features
* Automatically detect dbt Python deps and include them in project requirements (3707) izeigerman
* Add plan option to show rendered model diff (3691) VaggelisD

:beetle: Bug fixes
* Use dev intervals to determine whether the dbt is_incremental flag is true (3726) izeigerman
* V0064 migration script dropping non-model snapshots (3728) izeigerman

:broom: Chore
* Add uv info for tcloud getting started (3712) eakmanrq
* Reduce sdist size (3715) tobymao
* Silence a few warnings related to string escaping (3717) georgesittas
* Bump sqlglot to v26.3.8 (3716) erindru
* Bump pdoc to 14.5.1 to address gh security alert (3722) georgesittas
* Fix example project indentation (3725) georgesittas
* Bump sqlglot to v26.3.9 (3727) erindru
* Lift pydantic <2.6.0 dev version pin (3730) georgesittas

:alien: Other
* Better onboarding instructions (3719) sungchun12

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application