Skip to content

[pull] master from kevoreilly:master#499

Merged
pull[bot] merged 19 commits into
threatcode:masterfrom
kevoreilly:master
Jul 7, 2026
Merged

[pull] master from kevoreilly:master#499
pull[bot] merged 19 commits into
threatcode:masterfrom
kevoreilly:master

Conversation

@pull

@pull pull Bot commented Jul 7, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

dependabot Bot and others added 19 commits May 26, 2026 05:42
Bumps [h11](https://github.com/python-hyper/h11) from 0.14.0 to 0.16.0.
- [Commits](python-hyper/h11@v0.14.0...v0.16.0)

---
updated-dependencies:
- dependency-name: h11
  dependency-version: 0.16.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pynacl](https://github.com/pyca/pynacl) from 1.5.0 to 1.6.2.
- [Changelog](https://github.com/pyca/pynacl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pynacl@1.5.0...1.6.2)

---
updated-dependencies:
- dependency-name: pynacl
  dependency-version: 1.6.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
updated-dependencies:
- dependency-name: aiohttp
  dependency-version: 3.14.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.10.1 to 2.13.0.
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](jpadilla/pyjwt@2.10.1...2.13.0)

---
updated-dependencies:
- dependency-name: pyjwt
  dependency-version: 2.13.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.27 to 0.0.31.
- [Release notes](https://github.com/Kludex/python-multipart/releases)
- [Changelog](https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md)
- [Commits](Kludex/python-multipart@0.0.27...0.0.31)

---
updated-dependencies:
- dependency-name: python-multipart
  dependency-version: 0.0.31
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [cryptography](https://github.com/pyca/cryptography) from 44.0.1 to 48.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@44.0.1...48.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 48.0.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ujson](https://github.com/ultrajson/ultrajson) from 5.12.1 to 5.13.0.
- [Release notes](https://github.com/ultrajson/ultrajson/releases)
- [Commits](ultrajson/ultrajson@5.12.1...5.13.0)

---
updated-dependencies:
- dependency-name: ujson
  dependency-version: 5.13.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings) from 2.13.1 to 2.14.2.
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.13.1...v2.14.2)

---
updated-dependencies:
- dependency-name: pydantic-settings
  dependency-version: 2.14.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
In multiworker ResultServer mode ([resultserver] multiworker = yes), each
per-VM worker is launched via multiprocessing.Process, which defaults to the
fork start method on Linux.

CAPE monkey-patches threading with gevent at startup, and gevent's Thread does
not implement CPython's Thread._reset_internal_locks. When a process that has
live gevent-patched threads (e.g. the Mitmdump and QEMUScreenshots auxiliary
threads) forks, CPython's threading._after_fork runs in the child and calls
_reset_internal_locks on every enumerated Thread, raising AttributeError on
each gevent Thread. The affected locks are left unreset in the child, which
intermittently deadlocks -- e.g. a later sniffer subprocess fork wedges the
analysis and the task never completes.

Create the per-VM worker processes (and their shared Value/Event) from a
multiprocessing.get_context("spawn") context. spawn starts a fresh interpreter
with no inherited threads, so threading._after_fork never runs against the
gevent Threads and the locks-unreset deadlock cannot occur. The Value/Event
come from the same spawn context so they are shared correctly across the spawn
boundary.
…ngs-2.14.2

Bump pydantic-settings from 2.13.1 to 2.14.2
…8.0.1

Bump cryptography from 44.0.1 to 48.0.1
…rt-0.0.31

Bump python-multipart from 0.0.27 to 0.0.31
build(deps): bump h11 from 0.14.0 to 0.16.0
…pawn

resultserver: spawn (not fork) the multiworker per-VM worker processes
@pull pull Bot locked and limited conversation to collaborators Jul 7, 2026
@pull pull Bot added the ⤵️ pull label Jul 7, 2026
@pull
pull Bot merged commit d51f927 into threatcode:master Jul 7, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants