From 1a09e64743bf201c1ace2b057c16d44361c28d46 Mon Sep 17 00:00:00 2001 From: "geo-ghci-int[bot]" <146321879+geo-ghci-int[bot]@users.noreply.github.com> Date: Thu, 20 Jun 2024 13:47:30 +0000 Subject: [PATCH] Audit Snyk check/fix 2.6 (#11174) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Audit Snyk check/fix 2.6 * Update dpkg versions list From the artifact of the previous workflow run * Don't update npm packages --------- Co-authored-by: geo-ghci-int[bot] <146321879+geo-ghci-int[bot]@users.noreply.github.com> Co-authored-by: Stéphane Brunner --- Pipfile | 2 +- Pipfile.lock | 14 +++++++------- admin/requirements.txt | 2 +- doc/Pipfile | 2 +- doc/Pipfile.lock | 37 ++++++++----------------------------- geoportal/requirements.txt | 2 +- 6 files changed, 19 insertions(+), 40 deletions(-) diff --git a/Pipfile b/Pipfile index 67148bb044..af61a2f691 100644 --- a/Pipfile +++ b/Pipfile @@ -180,7 +180,7 @@ sqlalchemy-utils = "==0.36.8" stevedore = "==3.3.3" toml = "==0.10.2" ujson = "==5.4.0" -urllib3 = "==1.26.18" +urllib3 = "==1.26.19" venusian = "==3.0.0" waitress = "==2.1.2" webob = "==1.8.7" diff --git a/Pipfile.lock b/Pipfile.lock index 802b1275dc..cc32e9dab9 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "ab6c3c925ce0c10e505048da36ea816ba26c68be6421ce5c5b0bed23a4bd6779" + "sha256": "3eb5a4e90e7bdfa7e9f3790ad1a623adf5c2cdf9a7cb3a8f5ad5ba30001939f9" }, "pipfile-spec": 6, "requires": { @@ -1479,11 +1479,11 @@ }, "urllib3": { "hashes": [ - "sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07", - "sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0" + "sha256:37a0344459b199fce0e80b0d3569837ec6b6937435c5244e7fd73fa6006830f3", + "sha256:3e3d753a8618b86d7de333b4223005f68720bcd6a7d2bcb9fbd2229ec7c1e429" ], "index": "pypi", - "version": "==1.26.18" + "version": "==1.26.19" }, "venusian": { "hashes": [ @@ -2516,11 +2516,11 @@ }, "urllib3": { "hashes": [ - "sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07", - "sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0" + "sha256:37a0344459b199fce0e80b0d3569837ec6b6937435c5244e7fd73fa6006830f3", + "sha256:3e3d753a8618b86d7de333b4223005f68720bcd6a7d2bcb9fbd2229ec7c1e429" ], "index": "pypi", - "version": "==1.26.18" + "version": "==1.26.19" }, "waitress": { "hashes": [ diff --git a/admin/requirements.txt b/admin/requirements.txt index ac8331b5dc..9ae70e48e0 100644 --- a/admin/requirements.txt +++ b/admin/requirements.txt @@ -19,5 +19,5 @@ babel>=2.9.1 # not directly required, pinned by Snyk to avoid a vulnerability setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability -urllib3>=1.26.18 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=1.26.19 # not directly required, pinned by Snyk to avoid a vulnerability idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/doc/Pipfile b/doc/Pipfile index b59ef3681a..4d73e9a9c3 100644 --- a/doc/Pipfile +++ b/doc/Pipfile @@ -29,7 +29,7 @@ sphinxcontrib-devhelp = "==1.0.2" sphinxcontrib-jsmath = "==1.0.1" sphinxcontrib-qthelp = "==1.0.3" sphinxcontrib-serializinghtml = "==1.1.5" -urllib3 = "==1.26.18" +urllib3 = "==1.26.19" [requires] python_version = "3.8" diff --git a/doc/Pipfile.lock b/doc/Pipfile.lock index d1b578bca1..fe94356d21 100644 --- a/doc/Pipfile.lock +++ b/doc/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "5303655ad90ed2c5b9a8a5ea2e7ec84917faa48c4556d5b12f8717f11654599e" + "sha256": "e07737a64cb7af9c8b56829abcd502bd1fd189e517be107eb9d36529f20afc3e" }, "pipfile-spec": 6, "requires": { @@ -22,7 +22,6 @@ "sha256:a27a4a084d5e690e16e01e03ad2b2e552c61a65469419b907243193de1a84ae2" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==0.7.13" }, "babel": { @@ -31,7 +30,6 @@ "sha256:bc0c176f9f6a994582230df350aa6e05ba2ebe4b3ac317eab29d9be5d2768da0" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.9.1" }, "certifi": { @@ -40,7 +38,6 @@ "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==2023.7.22" }, "chardet": { @@ -144,7 +141,7 @@ "sha256:fd1abc0d89e30cc4e02e4064dc67fcc51bd941eb395c502aac3ec19fab46b519", "sha256:ff8fa367d09b717b2a17a052544193ad76cd49979c805768879cb63d9ca50561" ], - "markers": "python_full_version >= '3.7.0'", + "markers": "python_version >= '3.7'", "version": "==3.3.2" }, "docutils": { @@ -153,7 +150,6 @@ "sha256:c2de3a60e9e7d07be26b7f2b00ca0309c207e06c100f9cc2a94931fc75a478fc" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==0.16" }, "idna": { @@ -162,7 +158,6 @@ "sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==3.7" }, "imagesize": { @@ -171,7 +166,6 @@ "sha256:b1f6b5a4eab1f73479a50fb79fcf729514a900c341d8503d62a62dbc4127a2b1" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.2.0" }, "importlib-metadata": { @@ -188,7 +182,6 @@ "sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==3.1.4" }, "markupsafe": { @@ -255,7 +248,6 @@ "sha256:ffee1f21e5ef0d712f9033568f8344d5da8cc2869dbd08d87c84656e6a2d2f68" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==2.1.5" }, "packaging": { @@ -264,7 +256,6 @@ "sha256:e665345f9eef0c621aa0bf2f8d78cf6d21904eef16a93f020240b704a57f1334" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==20.1" }, "pygments": { @@ -273,7 +264,6 @@ "sha256:db2db3deb4b4179f399a09054b023b6a586b76499d36965813c71aa8ed7b5fd1" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==2.15.1" }, "pyparsing": { @@ -282,7 +272,6 @@ "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b" ], "index": "pypi", - "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.4.7" }, "pytz": { @@ -299,7 +288,6 @@ "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==2.32.3" }, "setuptools": { @@ -308,7 +296,6 @@ "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==65.5.1" }, "six": { @@ -317,7 +304,6 @@ "sha256:8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.14.0" }, "snowballstemmer": { @@ -334,7 +320,6 @@ "sha256:6caad9786055cb1fa22b4a365c1775816b876f91966481765d7d50e9f0dd35cc" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==4.4.0" }, "sphinx-prompt": { @@ -351,7 +336,6 @@ "sha256:828f867945bbe39817c210a1abfd1bc4895c8b73fcaade56d45357a348a07d7e" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==1.0.4" }, "sphinxcontrib-devhelp": { @@ -360,7 +344,6 @@ "sha256:ff7f1afa7b9642e7060379360a67e9c41e8f3121f2ce9164266f61b9f4b338e4" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==1.0.2" }, "sphinxcontrib-htmlhelp": { @@ -377,7 +360,6 @@ "sha256:a9925e4a4587247ed2191a22df5f6970656cb8ca2bd6284309578f2153e0c4b8" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==1.0.1" }, "sphinxcontrib-qthelp": { @@ -386,7 +368,6 @@ "sha256:bd9fc24bcb748a8d51fd4ecaade681350aa63009a347a8c14e637895444dfab6" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==1.0.3" }, "sphinxcontrib-serializinghtml": { @@ -395,25 +376,23 @@ "sha256:aa5f6de5dfdf809ef505c4895e51ef5c9eac17d0f287933eb49ec495280b6952" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==1.1.5" }, "urllib3": { "hashes": [ - "sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07", - "sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0" + "sha256:37a0344459b199fce0e80b0d3569837ec6b6937435c5244e7fd73fa6006830f3", + "sha256:3e3d753a8618b86d7de333b4223005f68720bcd6a7d2bcb9fbd2229ec7c1e429" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", - "version": "==1.26.18" + "version": "==1.26.19" }, "zipp": { "hashes": [ - "sha256:2828e64edb5386ea6a52e7ba7cdb17bb30a73a858f5eb6eb93d8d36f5ea26091", - "sha256:35427f6d5594f4acf82d25541438348c26736fa9b3afa2754bcd63cdb99d8e8f" + "sha256:bf1dcf6450f873a13e952a29504887c89e6de7506209e5b1bcc3460135d4de19", + "sha256:f091755f667055f2d02b32c53771a7a6c8b47e1fdbc4b72a8b9072b3eef8015c" ], "markers": "python_version >= '3.8'", - "version": "==3.19.1" + "version": "==3.19.2" } }, "develop": {} diff --git a/geoportal/requirements.txt b/geoportal/requirements.txt index d6abbf9412..d505ebd14e 100644 --- a/geoportal/requirements.txt +++ b/geoportal/requirements.txt @@ -35,5 +35,5 @@ numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability -urllib3>=1.26.18 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=1.26.19 # not directly required, pinned by Snyk to avoid a vulnerability idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability