From b02ac0b01c89a66556b71e6eeb51fb6431afb2f3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 10 May 2024 07:28:58 -0600
Subject: [PATCH] Bump sqlparse from 0.4.4 to 0.5.0 in /src (#285)

* Bump sqlparse from 0.4.4 to 0.5.0 in /src

Bumps [sqlparse](https://github.com/andialbrecht/sqlparse) from 0.4.4 to 0.5.0.
- [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG)
- [Commits](https://github.com/andialbrecht/sqlparse/compare/0.4.4...0.5.0)

---
updated-dependencies:
- dependency-name: sqlparse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Require sqlparse>=0.5.0 in requirements.in

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Romaniello <aromaniello@ntia.gov>
---
 src/requirements-dev.txt | 2 +-
 src/requirements.in      | 3 ++-
 src/requirements.txt     | 6 ++++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt
index 9d022799..7d5c428c 100644
--- a/src/requirements-dev.txt
+++ b/src/requirements-dev.txt
@@ -335,7 +335,7 @@ six==1.16.0
     #   sigmf
 smart-open==6.4.0
     # via ray
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via
     #   -r requirements.txt
     #   django
diff --git a/src/requirements.in b/src/requirements.in
index af81daea..87cb7664 100644
--- a/src/requirements.in
+++ b/src/requirements.in
@@ -17,6 +17,7 @@ scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@6.0.0
 # higher minimum patch version than the dependencies which require them.
 # This is done to ensure the inclusion of specific security patches.
 idna>=3.7             # CVE-2024-3651
-pyyaml>=5.4.0         # CVE-2020-14343
 grpcio>=1.53.0        # CVE-2023-32732, CVE-2023-32731, CVE-2023-1428
+pyyaml>=5.4.0         # CVE-2020-14343
+sqlparse>=0.5.0       # CVE-2024-4340
 urllib3>=1.26.18      # CVE-2023-45803
diff --git a/src/requirements.txt b/src/requirements.txt
index 09783e0b..f56e3bcd 100644
--- a/src/requirements.txt
+++ b/src/requirements.txt
@@ -163,8 +163,10 @@ six==1.16.0
     #   python-dateutil
     #   requests-mock
     #   sigmf
-sqlparse==0.4.4
-    # via django
+sqlparse==0.5.0
+    # via
+    #   -r requirements.in
+    #   django
 tekrsa-api-wrap==1.3.2
     # via scos-tekrsa
 typing-extensions==4.8.0