github-starred/awesome-llm-apps
2
0
Fork 0
mirror of https://github.com/Shubhamsaboo/awesome-llm-apps.git synced 2026-03-18 13:03:07 -05:00
Code Issues 14 Packages Projects Releases Wiki Activity

[PR #267] [CLOSED] fix: pin critical package versions for security #277

New Issue
Closed
opened 2025-11-06 15:00:12 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-06 15:00:12 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/Shubhamsaboo/awesome-llm-apps/pull/267
Author: @krljakob
Created: 7/2/2025
Status: Closed

Base: mainHead: fix/critical-security-dependencies

📝 Commits (1)

  • c070ed9 fix: pin critical package versions for security

📊 Changes

92 files changed (+430 additions, -251 deletions)

View changed files

📝 advanced_ai_agents/autonomous_game_playing_agent_apps/ai_3dpygame_r1/requirements.txt (+2 -2)
📝 advanced_ai_agents/autonomous_game_playing_agent_apps/ai_chess_agent/requirements.txt (+2 -2)
📝 advanced_ai_agents/autonomous_game_playing_agent_apps/ai_tic_tac_toe_agent/requirements.txt (+8 -8)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_competitor_intelligence_agent_team/requirements.txt (+2 -2)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_finance_agent_team/requirements.txt (+4 -4)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_legal_agent_team/local_ai_legal_agent_team/requirements.txt (+2 -2)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_legal_agent_team/requirements.txt (+3 -3)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_recruitment_agent_team/requirements.txt (+2 -2)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_services_agency/requirements.txt (+1 -1)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/ai_teaching_agent_team/requirements.txt (+1 -1)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/multimodal_coding_agent_team/requirements.txt (+3 -3)
📝 advanced_ai_agents/multi_agent_apps/agent_teams/multimodal_design_agent_team/requirements.txt (+2 -2)
📝 advanced_ai_agents/multi_agent_apps/ai_Self-Evolving_agent/requirements.txt (+7 -7)
📝 advanced_ai_agents/multi_agent_apps/ai_aqi_analysis_agent/requirements.txt (+3 -3)
📝 advanced_ai_agents/multi_agent_apps/ai_domain_deep_research_agent/requirements.txt (+2 -2)
📝 advanced_ai_agents/multi_agent_apps/ai_financial_coach_agent/requirements.txt (+3 -3)
📝 advanced_ai_agents/multi_agent_apps/ai_mental_wellbeing_agent/requirements.txt (+1 -1)
📝 advanced_ai_agents/multi_agent_apps/ai_news_and_podcast_agents/beifong/requirements.txt (+11 -11)
📝 advanced_ai_agents/multi_agent_apps/ai_speech_trainer_agent/requirements.txt (+7 -7)
📝 advanced_ai_agents/multi_agent_apps/multi_agent_researcher/requirements.txt (+3 -3)

...and 72 more files

📄 Description

  • Pin versions for 18 security-critical packages across 90 projects
  • Focus on high-impact packages: streamlit, openai, anthropic, requests, etc.
  • Addresses supply chain security vulnerabilities from unpinned dependencies
  • Maintains compatibility with existing functionality

Security packages pinned:

  • streamlit==1.41.1 (CVE prevention)
  • openai==1.58.1 (API security)
  • anthropic==0.39.0 (API security)
  • requests==2.32.3 (HTTP security)
  • urllib3==2.2.3 (URL parsing security)
  • pydantic==2.10.5 (data validation)
  • sqlalchemy==2.0.36 (SQL injection prevention)
  • pillow==11.0.0 (image processing security)

This is the first step in securing the repository's dependency chain.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/Shubhamsaboo/awesome-llm-apps/pull/267 **Author:** [@krljakob](https://github.com/krljakob) **Created:** 7/2/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `fix/critical-security-dependencies` --- ### 📝 Commits (1) - [`c070ed9`](https://github.com/Shubhamsaboo/awesome-llm-apps/commit/c070ed908d2413c5b7a512468d71133f9742db09) fix: pin critical package versions for security ### 📊 Changes **92 files changed** (+430 additions, -251 deletions) <details> <summary>View changed files</summary> 📝 `advanced_ai_agents/autonomous_game_playing_agent_apps/ai_3dpygame_r1/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/autonomous_game_playing_agent_apps/ai_chess_agent/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/autonomous_game_playing_agent_apps/ai_tic_tac_toe_agent/requirements.txt` (+8 -8) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_competitor_intelligence_agent_team/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_finance_agent_team/requirements.txt` (+4 -4) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_legal_agent_team/local_ai_legal_agent_team/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_legal_agent_team/requirements.txt` (+3 -3) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_recruitment_agent_team/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_services_agency/requirements.txt` (+1 -1) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/ai_teaching_agent_team/requirements.txt` (+1 -1) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/multimodal_coding_agent_team/requirements.txt` (+3 -3) 📝 `advanced_ai_agents/multi_agent_apps/agent_teams/multimodal_design_agent_team/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/multi_agent_apps/ai_Self-Evolving_agent/requirements.txt` (+7 -7) 📝 `advanced_ai_agents/multi_agent_apps/ai_aqi_analysis_agent/requirements.txt` (+3 -3) 📝 `advanced_ai_agents/multi_agent_apps/ai_domain_deep_research_agent/requirements.txt` (+2 -2) 📝 `advanced_ai_agents/multi_agent_apps/ai_financial_coach_agent/requirements.txt` (+3 -3) 📝 `advanced_ai_agents/multi_agent_apps/ai_mental_wellbeing_agent/requirements.txt` (+1 -1) 📝 `advanced_ai_agents/multi_agent_apps/ai_news_and_podcast_agents/beifong/requirements.txt` (+11 -11) 📝 `advanced_ai_agents/multi_agent_apps/ai_speech_trainer_agent/requirements.txt` (+7 -7) 📝 `advanced_ai_agents/multi_agent_apps/multi_agent_researcher/requirements.txt` (+3 -3) _...and 72 more files_ </details> ### 📄 Description - Pin versions for 18 security-critical packages across 90 projects - Focus on high-impact packages: streamlit, openai, anthropic, requests, etc. - Addresses supply chain security vulnerabilities from unpinned dependencies - Maintains compatibility with existing functionality Security packages pinned: - streamlit==1.41.1 (CVE prevention) - openai==1.58.1 (API security) - anthropic==0.39.0 (API security) - requests==2.32.3 (HTTP security) - urllib3==2.2.3 (URL parsing security) - pydantic==2.10.5 (data validation) - sqlalchemy==2.0.36 (SQL injection prevention) - pillow==11.0.0 (image processing security) This is the first step in securing the repository's dependency chain. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-06 15:00:12 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
pull-request
Mirrored from GitHub Pull Request
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/awesome-llm-apps#277
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?