Audit Snyk check/fix 1.6 (#1853)

Co-authored-by: geo-ghci-int[bot] <146321879+geo-ghci-int[bot]@users.noreply.github.com>
camptocamp · Aug 5, 2024 · bd64ff3 · bd64ff3
1 parent 35d2374
commit bd64ff3
Show file tree

Hide file tree

Showing 7 changed files with 1,002 additions and 649 deletions.
diff --git a/example-project/ci/requirements.txt b/example-project/ci/requirements.txt
@@ -1,2 +1,3 @@
 c2cciutils[checks,publish]==1.5.12
 pre-commit==3.3.3
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/example-project/requirements.txt b/example-project/requirements.txt
@@ -4,3 +4,4 @@ poetry-dynamic-versioning[plugin]==0.19.0
 poetry-plugin-tweak-dependencies-version==1.0.0
 pip==23.3.2
 pre-commit==3.3.3
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -86,8 +86,10 @@ importlib-metadata = { version = "6.8.0", optional = true }
 tomlkit = { version = "0.12.5", optional = true }
 multi-repo-automation = { version="0.3.1", optional = true }
 cryptography = { version="42.0.8", optional = true }
-urllib3 = { version="2.0.7", optional = true }
+urllib3 = "2.2.2"
 idna = { version="3.7", optional = true }
+certifi = "2024.7.4"
+zipp = "3.19.1"
 
 [tool.poetry.extras]
 audit = []

diff --git a/requirements.txt b/requirements.txt
@@ -5,3 +5,4 @@ poetry-plugin-tweak-dependencies-version==1.0.0
 pip==23.3.2
 pre-commit==3.3.3
 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/test/Pipfile b/test/Pipfile
@@ -7,7 +7,7 @@ verify_ssl = true
 PyYAML = "==6.0"
 inotify = "==0.2.10"
 c2cwsgiutils = {version = "==5.0.0", extras = ["broadcast", "standard"]}
-setuptools = "==65.5.1"
+setuptools = "==70.0.0"
 
 [dev-packages]
 pytest-cov = "==3.0.0"