crickets-and-comb/shared
Voir sur GitHubPin `nltk>=3.9.3` when released, drop ignore
Open
#152 ouverte le 24 févr. 2026
buggood first issuehelp wanted
Métriques du dépôt
- Stars
- (2 stars)
- Métriques de merge PR
- (Métriques PR en attente)
Description
There's a vulnerability, CVE-2025-14009, in nltk<=3.9.2. It's been fixed in nltk's develop branch, but not yet released.
We've pinned our packages to the nltk's develop branch for now, but we don't want to release anything until we can pin to nltk>=3.9.3. We're also ignoring CVE-2025-14009 in the shared/Makefile security target until then.
Once nltk 3.9.3 is released, add the pin and drop the ignore.