Patches
- Use defused-xml instead of xml to reduce vulnerability to XXE attacks: see https://semgrep.dev/r?q=python.lang.security.use-defused-xml-parse.use-defused-xml-parse.
- Replace pickle caching with safer alternatives: see https://semgrep.dev/r?q=python.lang.security.deserialization.pickle.avoid-pickle.
- Accept more recent pymoca releases from the 0.9.* series
Full Changelog: 2.6.0...2.6.1