Skip to content

Commit

Permalink
Security fixes for dependencies (#13603)
Browse files Browse the repository at this point in the history
  • Loading branch information
@stevejalim
stevejalim authored Aug 18, 2023
1 parent debdc31 commit 3686e42
Show file tree
Hide file tree
Showing 6 changed files with 36 additions and 28 deletions.
1 change: 1 addition & 0 deletions requirements/dev.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ factory-boy==3.2.1
freezegun==1.2.2
pipdeptree==2.10.1
py==1.11.0
Pygments>=2.15.0 # to bring it up to a secure version
PyPOM==2.2.4
pyquery==2.0.0
pytest==7.4.0 # Included because we use it directly, but also a subdep of pytest-selenium's subdeps
Expand Down
16 changes: 9 additions & 7 deletions requirements/dev.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,9 +104,9 @@ braceexpand==0.1.7 \
--hash=sha256:91332d53de7828103dcae5773fb43bc34950b0c8160e35e0f44c4427a3b85014 \
--hash=sha256:e6e539bd20eaea53547472ff94f4fb5c3d3bf9d0a89388c4b56663aba765f705
# via -r requirements/dev.in
certifi==2022.12.7 \
--hash=sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3 \
--hash=sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18
certifi==2023.7.22 \
--hash=sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082 \
--hash=sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9
# via
# -r requirements/prod.txt
# requests
Expand Down Expand Up @@ -882,10 +882,12 @@ pygithub==1.59.1 \
--hash=sha256:3d87a822e6c868142f0c2c4bf16cce4696b5a7a4d142a7bd160e1bdf75bc54a9 \
--hash=sha256:c44e3a121c15bf9d3a5cc98d94c9a047a5132a9b01d22264627f58ade9ddc217
# via -r requirements/prod.txt
pygments==2.11.2 \
--hash=sha256:44238f1b60a76d78fc8ca0528ee429702aae011c265fe6a8dd8b63049ae41c65 \
--hash=sha256:4e426f72023d88d03b2fa258de560726ce890ff3b630f88c21cbb8b2503b8c6a
# via bpython
pygments==2.16.1 \
--hash=sha256:13fc09fa63bc8d8671a6d247e1eb303c4b343eaee81d861f3404db2935653692 \
--hash=sha256:1daff0494820c69bc8941e407aa20f577374ee88364ee10a98fdbe0aece96e29
# via
# -r requirements/dev.in
# bpython
pyjwt[crypto]==2.4.0 \
--hash=sha256:72d1d253f32dbd4f5c88eaf1fdc62f3a19f676ccbadb9dbc5d07e951b2b26daf \
--hash=sha256:d42908208c699b3b973cbeb01a969ba6a96c821eefb1c5bfe4c390c01d67abba
Expand Down
5 changes: 3 additions & 2 deletions requirements/docs.in
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,15 @@
chardet==5.0.0
certifi>=2023.7.22 # to bring it up to a secure version
fluent.pygments==1.0
fluent.syntax==0.18.1
markdown-it-py>=2.2.0
markupsafe==2.1.3
myst-parser==2.0.0
requests==2.31.0 # hard-pin to bring it up to a secure version
requests>=2.31.0 # hard-pin to bring it up to a secure version
Sphinx==6.2.1
sphinx-autobuild==2021.3.14
sphinx-copybutton==0.5.2
sphinx-rtd-theme==1.2.2
sphinxcontrib-jquery>=4,<5
sphinxcontrib-websupport==1.2.4
tornado==6.3.2hard-pin to bring it up to a secure version
tornado>=6.3.3 # to bring it up to a secure version
34 changes: 18 additions & 16 deletions requirements/docs.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,12 @@ babel==2.9.1 \
--hash=sha256:ab49e12b91d937cd11f0b67cb259a57ab4ad2b59ac7a3b41d6c06c0ac5b0def9 \
--hash=sha256:bc0c176f9f6a994582230df350aa6e05ba2ebe4b3ac317eab29d9be5d2768da0
# via sphinx
certifi==2022.12.7 \
--hash=sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3 \
--hash=sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18
# via requests
certifi==2023.7.22 \
--hash=sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082 \
--hash=sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9
# via
# -r requirements/docs.in
# requests
chardet==5.0.0 \
--hash=sha256:0368df2bfd78b5fc20572bb4e9bb7fb53e2c094f60ae9993339e8671d0afb8aa \
--hash=sha256:d3e64f022d254183001eccc5db4040520c0f23b1a3f33d6413e099eb7f126557
Expand Down Expand Up @@ -267,18 +269,18 @@ sphinxcontrib-websupport==1.2.4 \
--hash=sha256:4edf0223a0685a7c485ae5a156b6f529ba1ee481a1417817935b20bde1956232 \
--hash=sha256:6fc9287dfc823fe9aa432463edd6cea47fa9ebbf488d7f289b322ffcfca075c7
# via -r requirements/docs.in
tornado==6.3.2 \
--hash=sha256:05615096845cf50a895026f749195bf0b10b8909f9be672f50b0fe69cba368e4 \
--hash=sha256:0c325e66c8123c606eea33084976c832aa4e766b7dff8aedd7587ea44a604cdf \
--hash=sha256:29e71c847a35f6e10ca3b5c2990a52ce38b233019d8e858b755ea6ce4dcdd19d \
--hash=sha256:4b927c4f19b71e627b13f3db2324e4ae660527143f9e1f2e2fb404f3a187e2ba \
--hash=sha256:5b17b1cf5f8354efa3d37c6e28fdfd9c1c1e5122f2cb56dac121ac61baa47cbe \
--hash=sha256:6a0848f1aea0d196a7c4f6772197cbe2abc4266f836b0aac76947872cd29b411 \
--hash=sha256:7efcbcc30b7c654eb6a8c9c9da787a851c18f8ccd4a5a3a95b05c7accfa068d2 \
--hash=sha256:834ae7540ad3a83199a8da8f9f2d383e3c3d5130a328889e4cc991acc81e87a0 \
--hash=sha256:b46a6ab20f5c7c1cb949c72c1994a4585d2eaa0be4853f50a03b5031e964fc7c \
--hash=sha256:c2de14066c4a38b4ecbbcd55c5cc4b5340eb04f1c5e81da7451ef555859c833f \
--hash=sha256:c367ab6c0393d71171123ca5515c61ff62fe09024fa6bf299cd1339dc9456829
tornado==6.3.3 \
--hash=sha256:1bd19ca6c16882e4d37368e0152f99c099bad93e0950ce55e71daed74045908f \
--hash=sha256:22d3c2fa10b5793da13c807e6fc38ff49a4f6e1e3868b0a6f4164768bb8e20f5 \
--hash=sha256:502fba735c84450974fec147340016ad928d29f1e91f49be168c0a4c18181e1d \
--hash=sha256:65ceca9500383fbdf33a98c0087cb975b2ef3bfb874cb35b8de8740cf7f41bd3 \
--hash=sha256:71a8db65160a3c55d61839b7302a9a400074c9c753040455494e2af74e2501f2 \
--hash=sha256:7ac51f42808cca9b3613f51ffe2a965c8525cb1b00b7b2d56828b8045354f76a \
--hash=sha256:7d01abc57ea0dbb51ddfed477dfe22719d376119844e33c661d873bf9c0e4a16 \
--hash=sha256:805d507b1f588320c26f7f097108eb4023bbaa984d63176d1652e184ba24270a \
--hash=sha256:9dc4444c0defcd3929d5c1eb5706cbe1b116e762ff3e0deca8b715d14bf6ec17 \
--hash=sha256:ceb917a50cd35882b57600709dd5421a418c29ddc852da8bcdab1f0db33406b0 \
--hash=sha256:e7d8db41c0181c80d76c982aacc442c0783a2c54d6400fe028954201a2e032fe
# via
# -r requirements/docs.in
# livereload
Expand Down
1 change: 1 addition & 0 deletions requirements/prod.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ basket-client==1.1.0
beautifulsoup4==4.12.2
bleach[css]==6.0.0
boto3==1.28.25
certifi>=2023.7.22 # to bring it up to a secure version
chardet==5.1.0
commonware==0.6.0
contentful==2.1.1
Expand Down
7 changes: 4 additions & 3 deletions requirements/prod.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,11 @@ botocore==1.31.26 \
# via
# boto3
# s3transfer
certifi==2022.12.7 \
--hash=sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3 \
--hash=sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18
certifi==2023.7.22 \
--hash=sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082 \
--hash=sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9
# via
# -r requirements/prod.in
# requests
# sentry-sdk
cffi==1.15.0 \
Expand Down

0 comments on commit 3686e42

Please sign in to comment.