Skip to content

Release 2026-05-28#891

Merged
mayankmendix merged 13 commits into
masterfrom
develop
May 28, 2026
Merged

Release 2026-05-28#891
mayankmendix merged 13 commits into
masterfrom
develop

Conversation

@mayankmendix
Copy link
Copy Markdown
Contributor

@mayankmendix mayankmendix commented May 14, 2026

Merge develop into master for release.

bhavinshah-mendix and others added 13 commits April 8, 2026 00:18
@bhavinshah-mendix
added the metering code
2d9b71d
@bhavinshah-mendix
added logging
1f6eaf5
@bhavinshah-mendix
added the sap metering sidecar
4f74252
@bhavinshah-mendix
updated the auth token usage
b578089
@bhavinshah-mendix
updated the comments
0452f16
@bhavinshah-mendix
updated the env vars
241305f
@mayankmendix
Merge pull request #888 from bhavinshah-mendix/feature/sap-metering-s…
8fc3a83 
…idecar-download

Feature/Sap Metering Sidecar Enablement
fix: update cryptography to 46.0.7 to address CVE-2026-39892
145110c 
- Updated cryptography from 46.0.5 to 46.0.7
- Fixes buffer overflow vulnerability in non-contiguous buffer handling
- Regenerated requirements.txt with Python 3.10
- All unit tests passing (184 passed)
- All linting checks passing
Bumped the cryptography module version to latest 47.0.0
4e0365b
@mayankmendix
Merge pull request #889 from Pri1235/fix/update-cryptography-46.0.7
244e12f 
fix: update cryptography to 47.0.0 to address CVE-2026-39892
@claude
Fix CVE-2026-25645 and CVE-2026-34073 by upgrading requests and crypt…
446fe36 
…ography

Updated requests from 2.32.5 to 2.33.1 to address CVE-2026-25645.
Updated cryptography from 46.0.5 to 47.0.0 to address CVE-2026-34073.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
@mayankmendix
Merge pull request #890 from PiyushTiwari-LowCode/fix-CVE-Cryptograph…
813d91d 
…y_requests

Fix CVE-2026-25645 and CVE-2026-34073 by upgrading requests
@bhavinshah-mendix @claude
Security/upgrade requests urllib3 CVE fix (#894)
ef8bec4 
* Security: Upgrade requests to 2.34.2 and urllib3 to 2.7.0

Fixes high-severity CVEs:
- CVE-2026-25645 (requests): Fixed in 2.33.0+
- GHSA-mf9v-mfxr-j63j (urllib3): Streaming API decompression issue
- GHSA-qccp-gfcp-xxvc (urllib3): Cross-origin redirect header leakage

Changes:
- requests: 2.32.5 → 2.34.2
- urllib3: 2.6.3 → 2.7.0
- charset-normalizer: 2.0.3 → 3.4.7 (transitive)
- idna: 3.10 → 3.15 (transitive)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* Fixes high-severity CVEs:
   - CVE-2026-25645 (requests): Fixed in 2.33.0+
   - GHSA-mf9v-mfxr-j63j (urllib3): Streaming API decompression issue
   - GHSA-qccp-gfcp-xxvc (urllib3): Cross-origin redirect header leakage

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
@mayankmendix mayankmendix changed the title Release 2026-05-19 Release 2026-05-28 May 28, 2026
bhavinshah-mendix
bhavinshah-mendix approved these changes May 28, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@bhavinshah-mendix bhavinshah-mendix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed ok!

@mayankmendix mayankmendix reopened this May 28, 2026
@mayankmendix mayankmendix merged commit bb5aa2d into master May 28, 2026
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vaibhav1805 vaibhav1805 vaibhav1805 approved these changes

@bhavinshah-mendix bhavinshah-mendix bhavinshah-mendix approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mayankmendix @vaibhav1805 @bhavinshah-mendix