zebra.lucky
/
joinmarket-clientserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge JoinMarket-Org/joinmarket-clientserver#1140: Pin python-qrcode to a specific version 

f05492110b Pin python-qrcode to a specific version (Kristaps Kaupe)

Pull request description:

  There have been some [takeover of qr.js NPM account recently](https://github.com/zpao/qrcode.react/issues/168). Let's remove potential attack vector here by pinning `qrcode` to a specific (latest) version.

  It seems that PyPI does not allow overwrite of already uploaded files, so, unless PyPI itself is hacked, this is safe, it can't be replaced with something else so easy (although using package hashes would be better, of course).

Top commit has no ACKs.

Tree-SHA512: 34aebae3a875dc780417303649b253c2d4ab40dbbe358fc47dc13913beb1f64e40e670e36fa2eb183f622cf3541cd75ba948f009370a8ffcb93c21d21bfa1262
master
Kristaps Kaupe 4 years ago
parent
d98cb36fb4 f05492110b
commit
9ad0ca993f
No known key found for this signature in database
GPG Key ID: 33E472FE870C7E5D
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      requirements/gui.txt

2
requirements/gui.txt
Unescape View File

@ -3,7 +3,7 @@ pywin32; platform_system == "Windows"
# https://bugreports.qt.io/browse/QTBUG-88688
PySide2!=5.15.0,!=5.15.1,!=5.15.2,!=6.0
PyQt5!=5.15.0,!=5.15.1,!=5.15.2,!=6.0
qrcode[pil]
qrcode[pil]==7.3.1
https://github.com/sunu/qt5reactor/archive/58410aaead2185e9917ae9cac9c50fe7b70e4a60.zip#egg=qt5reactor
-e ./jmqtui
Write Preview
Loading…
Cancel
Save