Skip to content

Update dependency certifi to v2024 [SECURITY]#63

Closed
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/pypi-certifi-vulnerability
Closed

Update dependency certifi to v2024 [SECURITY]#63
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/pypi-certifi-vulnerability

Conversation

@renovate

@renovate renovate Bot commented Jul 6, 2024

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
certifi ==2023.7.22 -> ==2024.7.4 age confidence

GitHub Vulnerability Alerts

CVE-2024-39689

Certifi 2024.07.04 removes root certificates from "GLOBALTRUST" from the root store. These are in the process of being removed from Mozilla's trust store.

GLOBALTRUST's root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues". Conclusions of Mozilla's investigation can be found here.


Release Notes

certifi/python-certifi (certifi)

v2024.7.4

Compare Source

v2024.6.2

Compare Source

v2024.2.2

Compare Source

v2023.11.17

Compare Source


Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot changed the title Update dependency certifi to v2024 [SECURITY] Update dependency certifi to v2024 [SECURITY] - autoclosed Feb 11, 2025
@renovate renovate Bot closed this Feb 11, 2025
@renovate renovate Bot deleted the renovate/pypi-certifi-vulnerability branch February 11, 2025 23:34
@renovate renovate Bot changed the title Update dependency certifi to v2024 [SECURITY] - autoclosed Update dependency certifi to v2024 [SECURITY] Feb 12, 2025
@renovate renovate Bot reopened this Feb 12, 2025
@renovate renovate Bot force-pushed the renovate/pypi-certifi-vulnerability branch from 41ad4ac to fee8ee5 Compare February 12, 2025 06:48
@renovate renovate Bot force-pushed the renovate/pypi-certifi-vulnerability branch from fee8ee5 to d4514b8 Compare August 10, 2025 12:48
@wfordh

wfordh commented Oct 31, 2025

Copy link
Copy Markdown
Collaborator

Closing. See PR #70

@wfordh wfordh closed this Oct 31, 2025
@renovate

renovate Bot commented Oct 31, 2025

Copy link
Copy Markdown
Contributor Author

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 2024.x releases. But if you manually upgrade to 2024.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant