'Maintenance of python packages (<=3.7) with numpy dependency considering its recent vulnerability

I maintain a package that requires numpy. Recently, a vulnerability has been reported, which is resolved in numpy versions higher than 1.22.0. However, I cannot use these safe versions of numpy for python versions <=3.7, because numpy 1.22.2 requires Python >=3.8. And, since python 3.7 is the default for services like google colab, I prefer not to deprecate my package for python version 3.7.

Are there any solutions for maintaining python packages with numpy dependencies in python 3.7 without compromising security?

pythonnumpysecuritygoogle-colaboratoryversioning


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?