crickets-and-comb/shared

Pin `nltk>=3.9.3` when released, drop ignore

Open

#152 建立於 2026年2月24日

在 GitHub 查看
 (0 留言) (0 反應) (1 負責人)Makefile (0 fork)auto 404
buggood first issuehelp wanted

倉庫指標

Star
 (2 star)
PR 合併指標
 (PR 指標待抓取)

描述

There's a vulnerability, CVE-2025-14009, in nltk<=3.9.2. It's been fixed in nltk's develop branch, but not yet released.

We've pinned our packages to the nltk's develop branch for now, but we don't want to release anything until we can pin to nltk>=3.9.3. We're also ignoring CVE-2025-14009 in the shared/Makefile security target until then.

Once nltk 3.9.3 is released, add the pin and drop the ignore.

貢獻者指南