Skip to content

resolve dependant security issues (Fiona et al) #100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
chrisbc merged 11 commits into from
Oct 6, 2025
Merged

resolve dependant security issues (Fiona et al) #100

chrisbc merged 11 commits into from
Oct 6, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 2, 2025
edited by chrisbc
Loading

  • closes Chore: Security Advisory Fiona library #101
  • removes state requirements file (Fiona is no longer a dependency)
  • update libraries with advisories
  • fix typing test/ warnings
  • drop support for python3.9 due to upstream library support (geopandas, mypy, Pandora)

@dependabot
Bump fiona from 1.8.20 to 1.10b2
bb97bd9 
Bumps [fiona](https://github.com/Toblerity/Fiona) from 1.8.20 to 1.10b2.
- [Release notes](https://github.com/Toblerity/Fiona/releases)
- [Changelog](https://github.com/Toblerity/Fiona/blob/main/CHANGES.txt)
- [Commits](https://github.com/Toblerity/Fiona/commits)

---
updated-dependencies:
- dependency-name: fiona
  dependency-version: 1.10b2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Oct 2, 2025
@chrisbc chrisbc self-assigned this Oct 2, 2025
@chrisbc chrisbc self-requested a review October 2, 2025 01:33
@chrisbc chrisbc mentioned this pull request Oct 5, 2025
Closed
@chrisbc chrisbc changed the title Bump fiona from 1.8.20 to 1.10b2 resolve dependant security issues (Fiona et al) Oct 6, 2025
@codecov
Copy link

codecov bot commented Oct 6, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.31%. Comparing base (b9345d1) to head (fe4d72c).
⚠️ Report is 12 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #100   +/-   ##
=======================================
  Coverage   99.31%   99.31%           
=======================================
  Files          24       24           
  Lines        1313     1317    +4     
  Branches       77       77           
=======================================
+ Hits         1304     1308    +4     
  Misses          8        8           
  Partials        1        1
Flag Coverage Δ
unittests 99.31% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@chrisbc chrisbc requested review from chrisdicaprio and voj October 6, 2025 01:04
voj
voj approved these changes Oct 6, 2025
View reviewed changes
Copy link
Collaborator

@voj voj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, one question

@chrisbc chrisbc removed their request for review October 6, 2025 03:59
@chrisbc chrisbc merged commit 02afbd4 into main Oct 6, 2025
11 checks passed
@dependabot dependabot bot deleted the dependabot/pip/fiona-1.10b2 branch October 6, 2025 20:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@voj voj voj approved these changes

@chrisbc chrisbc chrisbc approved these changes

@chrisdicaprio chrisdicaprio chrisdicaprio approved these changes

Assignees

@chrisbc chrisbc

Labels

dependencies Pull requests that update a dependency file LIB python Pull requests that update python code solvis

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Chore: Security Advisory Fiona library

4 participants

@voj @chrisbc @chrisdicaprio