ONTAP Rest API Discussions

Highlighted

NetApp OnTap Python Library uses old version of marshmallow

When installing the netapp-ontap package via pip, it shows a dependency of marshmallow<=3.0.0rc7,>=3.0.0rc5. These version of marshmallow are vulnerable to CVE-2018-17175 and thus not allowed within my organization. Why does the library force such an old version (current version is 3.2.2)? Can the OnTap library be updated to support the new version?

Check out the KB!
Knowledge Base
All Community Forums