Upgrade to python 3.12, flask 3.1.2, requests 2.32.5, and waitress 3.0.2 #761
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Update macOS ARM installer workflow to Python 3.12 - Update macOS Intel installer workflow to Python 3.12 - Update Windows installer workflow to Python 3.12 - Update distribution script requirement check to Python 3.12 - Update documentation to reference Python 3.12
PyYAML 6.0 does not have pre-built wheels for Python 3.12 and fails to build from source. Version 6.0.2 includes Python 3.12 support.
Fixes multiple security vulnerabilities: - CVE-2024-47081: Malicious URLs could retrieve wrong credentials from netrc - CVE-2024-35195: verify=False persisting across requests to same origin - CVE-2023-32681: Proxy-Authorization header leakage on HTTPS redirects
Fixes multiple security vulnerabilities: - GHSA-3f84-rpwh-47g6: Race condition causing busy loop on half-open sockets - GHSA-9298-4cf8-g4wj: HTTP request smuggling vulnerability - Issue plexguide#451/452: Improved untrusted proxy header validation
Admin9705
added a commit
that referenced
this pull request
Jan 22, 2026
- Update Python version from 3.9/3.10 to 3.12 across all platforms - Upgrade Flask from 3.0.0 to 3.1.2 - Upgrade requests from 2.31.0 to 2.32.5 - Upgrade waitress from 2.1.2 to 3.0.2 - Upgrade pyyaml from 6.0 to 6.0.2 - Update documentation to reflect Python 3.12+ requirement - Update GitHub Actions workflows for macOS (ARM/Intel) and Windows - Update Dockerfile base image to python:3.12-slim - Update Windows setup script to require Python 3.12+ This addresses CVE's in requests and waitress, and ensures compatibility with Python 3.12 which provides improved performance and security.
Contributor
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
While working on my other PR I noticed that the Dockerfile was running python 3.9 which just went into EOL status in October. So this PR, upgrades the project to 3.12 along with the latest version of flask. I've included the upgrade to requests and waitress too as they had some open CVE's.
I've built and run the image locally from this setup of changes and all seems well so far.