Skip to content

chore: sincronizar dev com main#95

Merged
lucasbrentano merged 3 commits into
devfrom
main
Jun 1, 2026
Merged

chore: sincronizar dev com main#95
lucasbrentano merged 3 commits into
devfrom
main

Conversation

@github-actions
Copy link
Copy Markdown

@github-actions github-actions Bot commented Apr 8, 2026

Sincronização automática após merge em main. Apenas merge commits — sem mudanças de código.

lucasbrentano and others added 3 commits April 8, 2026 19:38
@lucasbrentano
Merge pull request #94 from DAVINTLAB/dev
db946c7 
Merge dev → main
@lucasbrentano @claude
fix(security): corrigir vulnerabilidades do pip-audit (starlette, pyt…
380931b 
…est)

Duas dependências falhavam no gate do pip-audit:

- starlette 0.49.1 -> 1.2.1: corrige PYSEC-2026-161 / CVE-2026-48710
  (BadHost — falta de validação do header Host envenena request.url.path).
  O fix só existe na linha 1.x; como o FastAPI 0.123 travava starlette<0.51,
  o FastAPI subiu para 0.136.3 (aceita starlette>=0.46).
- pytest 8.3.3 -> 9.0.3: corrige CVE-2025-71176 (diretório temporário
  previsível em UNIX). pytest-cov 5.0.0->7.1.0 e pytest-mock 3.14.0->3.15.1
  para compatibilidade com pytest 9.

Validado: pip-audit sem vulnerabilidades, 340/340 testes passando.

Também alinha backend/.coveragerc (fail_under 90 -> 80) com o CI
(--cov-fail-under=80) e o CLAUDE.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@lucasbrentano
Merge pull request #96 from DAVINTLAB/hotfix/pip-audit-starlette-pytest
be2dea2 
fix(security): corrigir vulnerabilidades do pip-audit (starlette, pytest)
@lucasbrentano lucasbrentano merged commit d70be59 into dev Jun 1, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lucasbrentano