Merge pull request #210 from es3n1n/patch-1

bump pydantic version to 1.8.2
collerek · May 30, 2021 · 6aa9ec9 · 6aa9ec9
2 parents 40f1076 + 45838ce
commit 6aa9ec9
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 2 deletions.
diff --git a/docs/releases.md b/docs/releases.md
@@ -1,3 +1,16 @@
+# 0.10.9
+
+## Important security fix
+
+*  Update pin for pydantic to fix security vulnerability [CVE-2021-29510](https://github.com/samuelcolvin/pydantic/security/advisories/GHSA-5jqp-qgf6-3pvh)
+
+You are advised to update to version of pydantic that was patched. 
+In 0.10.9 ormar excludes versions with vulnerability in pinned dependencies. 
+
+## 🐛 Fixes
+
+* Fix OpenAPi schema for LargeBinary [#204](https://github.com/collerek/ormar/issues/204)
+
 # 0.10.8
 
 ## 🐛 Fixes

diff --git a/requirements.txt b/requirements.txt
@@ -1,7 +1,7 @@
 databases[sqlite]>=0.3.2,<=0.4.1
 databases[postgresql]>=0.3.2,<=0.4.1
 databases[mysql]>=0.3.2,<=0.4.1
-pydantic>=1.6.1,<=1.8
+pydantic >=1.6.1,!=1.7,!=1.7.1,!=1.7.2,!=1.7.3,!=1.8,!=1.8.1,<=1.8.2
 sqlalchemy>=1.3.18,<=1.3.23
 typing_extensions>=3.7,<=3.7.4.3
 orjson

diff --git a/setup.py b/setup.py
@@ -55,7 +55,7 @@ def get_packages(package):
     zip_safe=False,
     python_requires=">=3.6",
     data_files=[("", ["LICENSE.md"])],
-    install_requires=["databases>=0.3.2,<=0.4.1", "pydantic>=1.6.1,<=1.8",
+    install_requires=["databases>=0.3.2,<=0.4.1", "pydantic>=1.6.1,!=1.7,!=1.7.1,!=1.7.2,!=1.7.3,!=1.8,!=1.8.1,<=1.8.2",
                       "sqlalchemy>=1.3.18,<=1.3.23",
                       "typing_extensions>=3.7,<=3.7.4.3"],
     extras_require={