From 1ac5624daf669ae7e40cff65b22d91da4172aca3 Mon Sep 17 00:00:00 2001 From: "geo-ghci-int[bot]" <146321879+geo-ghci-int[bot]@users.noreply.github.com> Date: Sun, 7 Jul 2024 19:35:58 +0000 Subject: [PATCH] Audit Snyk check/fix 2.7 --- Pipfile | 2 +- Pipfile.lock | 20 ++++++++++---------- admin/requirements.txt | 1 + ci/requirements.txt | 1 + doc/Pipfile | 2 +- doc/Pipfile.lock | 14 +++++++------- docker/config/requirements.txt | 1 + docker/qgisserver/requirements.txt | 1 + geoportal/requirements.txt | 1 + 9 files changed, 24 insertions(+), 19 deletions(-) diff --git a/Pipfile b/Pipfile index 6900a779da0..4a1d4ff32a1 100644 --- a/Pipfile +++ b/Pipfile @@ -62,7 +62,7 @@ boto3 = "==1.21.46" botocore = "==1.24.46" bottle = "==0.12.25" cee-syslog-handler = "==0.6.0" -certifi = "==2023.7.22" +certifi = "==2024.7.4" cffi = "==1.15.1" chameleon = "==3.9.1" chardet = "==4.0.0" diff --git a/Pipfile.lock b/Pipfile.lock index 3b5e9217633..796ef109034 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "66135654aacd309df1ef0258f9be75ec8d269157177ae3c383e6fb736715dc69" + "sha256": "9f7c6a99031caf9fa22d991d29857f6718bcd367cd5d19af67e2b960c57a9621" }, "pipfile-spec": 6, "requires": { @@ -186,11 +186,11 @@ }, "certifi": { "hashes": [ - "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", - "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" + "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b", + "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90" ], "index": "pypi", - "version": "==2023.7.22" + "version": "==2024.7.4" }, "cffi": { "hashes": [ @@ -2097,11 +2097,11 @@ }, "certifi": { "hashes": [ - "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", - "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" + "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b", + "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90" ], "index": "pypi", - "version": "==2023.7.22" + "version": "==2024.7.4" }, "cffi": { "hashes": [ @@ -2489,7 +2489,7 @@ "sha256:6f62d78e2f89b4500b080fe3a81690850cd254227f27f75c3a0c491a1f351ba7", "sha256:e8443a5e7a020e9d7f97f1d7d9cd17c88bcb3bc7e218bf9cf5095fe550be2951" ], - "markers": "python_version < '4.0' and python_full_version >= '3.6.1'", + "markers": "python_version < '4' and python_full_version >= '3.6.1'", "version": "==5.10.1" }, "jeepney": { @@ -2529,7 +2529,7 @@ "sha256:636694eb41b3535ed608fe04129f26542b59ed99808b4f688aa32dcf55317a83", "sha256:77281a1f71684953ee8b3d488371b162419767973789272434bbc3f29d9c8823" ], - "markers": "python_version >= '3'", + "markers": "python_version >= '3.7'", "version": "==4.4.0" }, "jsonschema-gentypes": { @@ -3306,7 +3306,7 @@ "sha256:5c6bd9dc7a543b7fe4304a631f8a8a3b674e2bbfc49c2ae96200cdbe55df6b17", "sha256:95c5d300c4e879ee69708c428ba566c59478fd653cc3a22243eeb8ed846950bb" ], - "markers": "python_version >= '3.6' and python_version < '4.0'", + "markers": "python_version >= '3.6' and python_version < '4'", "version": "==4.8" }, "ruamel.yaml": { diff --git a/admin/requirements.txt b/admin/requirements.txt index 8964bbc07f9..38f73931c81 100644 --- a/admin/requirements.txt +++ b/admin/requirements.txt @@ -16,3 +16,4 @@ jinja2>=2.11.3 # not directly required, pinned by Snyk to avoid a vulnerability pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/ci/requirements.txt b/ci/requirements.txt index 707d71bd829..b394c1a6839 100644 --- a/ci/requirements.txt +++ b/ci/requirements.txt @@ -2,3 +2,4 @@ c2cciutils==1.1.* cryptography>=39.0.1 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/doc/Pipfile b/doc/Pipfile index eacb9b6c085..bcc2f5410b6 100644 --- a/doc/Pipfile +++ b/doc/Pipfile @@ -17,7 +17,7 @@ sphinxcontrib-mermaid = "==0.7.1" tilecloud-chain = "==1.17.4" # Lock dependencies babel = "==2.9.1" -certifi = "==2023.7.22" +certifi = "==2024.7.4" charset-normalizer = "==2.0.12" docutils = "==0.17.1" idna = "==3.7" diff --git a/doc/Pipfile.lock b/doc/Pipfile.lock index 0dd86d63644..ee33165c86e 100644 --- a/doc/Pipfile.lock +++ b/doc/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "29c4edbd7ebafa03bfa1e29d0dfb4b6dd7d4ac3526bce45a1fc0e67acf241058" + "sha256": "3608657ee7417b4bd2a1823ff02c6cb0dc4d546d1b49a959e1552457ce9403f6" }, "pipfile-spec": 6, "requires": { @@ -57,11 +57,11 @@ }, "certifi": { "hashes": [ - "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", - "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" + "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b", + "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90" ], "index": "pypi", - "version": "==2023.7.22" + "version": "==2024.7.4" }, "charset-normalizer": { "hashes": [ @@ -801,7 +801,7 @@ "sha256:8165223f9a335cc1af7ffe1ed31d2871f325254c0423bc0c4c7cd1c1e4734a2e", "sha256:ff7f1afa7b9642e7060379360a67e9c41e8f3121f2ce9164266f61b9f4b338e4" ], - "markers": "python_version >= '3.5'", + "markers": "python_full_version >= '3.5.0'", "version": "==1.0.2" }, "sphinxcontrib-htmlhelp": { @@ -833,7 +833,7 @@ "sha256:4c33767ee058b70dba89a6fc5c1892c0d57a54be67ddd3e7875a18d14cba5a72", "sha256:bd9fc24bcb748a8d51fd4ecaade681350aa63009a347a8c14e637895444dfab6" ], - "markers": "python_version >= '3.5'", + "markers": "python_full_version >= '3.5.0'", "version": "==1.0.3" }, "sphinxcontrib-serializinghtml": { @@ -841,7 +841,7 @@ "sha256:352a9a00ae864471d3a7ead8d7d79f5fc0b57e8b3f95e9867eb9eb28999b92fd", "sha256:aa5f6de5dfdf809ef505c4895e51ef5c9eac17d0f287933eb49ec495280b6952" ], - "markers": "python_version >= '3.5'", + "markers": "python_full_version >= '3.5.0'", "version": "==1.1.5" }, "tilecloud": { diff --git a/docker/config/requirements.txt b/docker/config/requirements.txt index cedfa97f32d..58f4d018930 100644 --- a/docker/config/requirements.txt +++ b/docker/config/requirements.txt @@ -4,3 +4,4 @@ poetry-core==1.3.2 pip==22.3.1 cryptography>=39.0.1 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/docker/qgisserver/requirements.txt b/docker/qgisserver/requirements.txt index 7df06509d03..0da5dd9a72f 100644 --- a/docker/qgisserver/requirements.txt +++ b/docker/qgisserver/requirements.txt @@ -2,3 +2,4 @@ wheel==0.38.4 pipenv==2022.1.8 pip>=21.1 # not directly required, pinned by Snyk to avoid a vulnerability setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/geoportal/requirements.txt b/geoportal/requirements.txt index 458878241dc..e809676f477 100644 --- a/geoportal/requirements.txt +++ b/geoportal/requirements.txt @@ -33,3 +33,4 @@ jinja2>=2.11.3 # not directly required, pinned by Snyk to avoid a vulnerability pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability