Security Scanning

deps(python): bump pillow from 11.1.0 to 12.1.1 #82

Sign in to view logs

Triggered via pull request February 16, 2026 06:24

dependabot[bot]

opened #34

dependabot/pip/pillow-12.1.1

Status Success

Total duration 59s

Artifacts –

security.yml

on: pull_request

Secret Detection (Gitleaks)

Dependency Scan

Static Analysis (Semgrep)

Container Scan (Trivy)

Annotations

5 warnings

Secret Detection (Gitleaks)

CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/

Dependency Scan

pip-audit found vulnerabilities (see output above)

Dependency Scan

Fiona/GDAL excluded (require native GDAL/libgdal-dev build dependencies)

Dependency Scan

git+https://github.com/OCA/openupgradelib.git@master

Dependency Scan

Skipping VCS/URL dependencies (cannot be audited):