[Snyk] Security upgrade urllib3 from 1.23 to 1.24.3#1
Open
Hackman238 wants to merge 543 commits into
Open
Conversation
Changed links to govanguard.com, added Keybase team link.
- Addresses github issue #18
…c-bug-#18 Fix complex predicate bug
Update README typos and line wrapping
Merge latest dev into master
- Ran ui/eventfilter.py through CodeClimate CLI and is no longer showing any cognitive complexity issues in the logic
- The file was not loaded correctly by Legion on startup due to an error with a trailing single quote
- This commit is the 2nd iteration on reducing complexity of `logic.py` - Introduces the concept of a repository. A repository is an abstraction on a data store. In the case of Legion, the underlying data store is based on SQLite, and so the repository implementations should contain all SQL code within the app. - There is a repository for each concept within the app, such as a Process, a Service, a Host, a Port, etc. (e.g. ProcessRepository, HostRepository, etc.) - This commit does not complete the full refactoring of all SQL related code to a repository. Further commits will be added to complete the work. - All new code added was driven by an underlying unit test. In order to gain confidence in proper refactoring of existing logic, a backporting of unit tests was needed.
…c-bug-#18 Fix complexity bug in eventfilter
Fix unbalanced tickmark issue in legion.conf
…sue-19 Reduce cognitive complexity on logic.py
…sue-19-2nd-iter Refactoring logic.py into smaller components
…e-cert-errors Added Cutycapt --insecure flag to ignore SSL/TLS certificate errors
…ate-progress-crash-1 Fix updateProgress to always use an integer
fix bad interpreter: /bin/bash^M: no such file or directory
Removed old dead links.
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174323
Closed
ThereAreSomeWhoCallMeTimAtViasat
added a commit
to ThereAreSomeWhoCallMeTimAtViasat/legion
that referenced
this pull request
Mar 24, 2026
Wire app/validation.py functions into Flask routes: - validateNmapInput in /api/nmap/scan: rejects XSS, semicolons, special chars in target strings → 400 - Port number validation in add-port action: rejects non-numeric, 0, and >65535 → 400 - validateNmapPorts in _validate_legion_conf for [StagedNmapSettings] keys: rejects invalid chars in stage port expressions Add 10 new API tests (P8.1–P8.10) to test_api_gaps.py. Total: 45 passing. Update FULL_PYTHON_FILE_AUDIT.md gaps Hackman238#1, Hackman238#2, Hackman238#7 as fixed. Bump version to v9.6-flask. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
16 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.
Snyk changed the following file(s):
requirements.txtImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 CRLF injection