From ffbd2e22d1d80f08e1418c7eb61437497d501bb6 Mon Sep 17 00:00:00 2001 From: KYTG-Dev <146472893+KYTG-Dev@users.noreply.github.com> Date: Fri, 19 Apr 2024 15:50:14 -0400 Subject: [PATCH 1/7] fix CVE-2024-22195 --- requirements/py3.10/tests.txt | 2 +- requirements/py3.7/tests.txt | 2 +- requirements/py3.8/tests.txt | 2 +- requirements/py3.9/tests.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requirements/py3.10/tests.txt b/requirements/py3.10/tests.txt index bf51b52..07452be 100644 --- a/requirements/py3.10/tests.txt +++ b/requirements/py3.10/tests.txt @@ -58,7 +58,7 @@ idna==3.3 # via yarl iniconfig==1.1.1 # via pytest -jinja2==3.0.3 +jinja2==3.1.3 # via rend markupsafe==2.1.1 # via jinja2 diff --git a/requirements/py3.7/tests.txt b/requirements/py3.7/tests.txt index 7fd025b..41a87b3 100644 --- a/requirements/py3.7/tests.txt +++ b/requirements/py3.7/tests.txt @@ -63,7 +63,7 @@ importlib-metadata==4.11.3 # pytest iniconfig==1.1.1 # via pytest -jinja2==3.0.3 +jinja2==3.1.3 # via rend markupsafe==2.1.1 # via jinja2 diff --git a/requirements/py3.8/tests.txt b/requirements/py3.8/tests.txt index f27bfe5..0e34c14 100644 --- a/requirements/py3.8/tests.txt +++ b/requirements/py3.8/tests.txt @@ -58,7 +58,7 @@ idna==3.3 # via yarl iniconfig==1.1.1 # via pytest -jinja2==3.0.3 +jinja2==3.1.3 # via rend markupsafe==2.1.1 # via jinja2 diff --git a/requirements/py3.9/tests.txt b/requirements/py3.9/tests.txt index 7783087..26dab28 100644 --- a/requirements/py3.9/tests.txt +++ b/requirements/py3.9/tests.txt @@ -58,7 +58,7 @@ idna==3.3 # via yarl iniconfig==1.1.1 # via pytest -jinja2==3.0.3 +jinja2==3.1.3 # via rend markupsafe==2.1.1 # via jinja2 From c0866874d4a23be78345c5214c1a33e28caa6da9 Mon Sep 17 00:00:00 2001 From: KYTG-Dev <146472893+KYTG-Dev@users.noreply.github.com> Date: Fri, 19 Apr 2024 15:50:57 -0400 Subject: [PATCH 2/7] fix CVE-2024-3651 --- requirements/py3.10/tests.txt | 2 +- requirements/py3.7/tests.txt | 2 +- requirements/py3.8/tests.txt | 2 +- requirements/py3.9/tests.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requirements/py3.10/tests.txt b/requirements/py3.10/tests.txt index 07452be..5310f35 100644 --- a/requirements/py3.10/tests.txt +++ b/requirements/py3.10/tests.txt @@ -54,7 +54,7 @@ frozenlist==1.3.0 # via # aiohttp # aiosignal -idna==3.3 +idna==3.7 # via yarl iniconfig==1.1.1 # via pytest diff --git a/requirements/py3.7/tests.txt b/requirements/py3.7/tests.txt index 41a87b3..1b5fe82 100644 --- a/requirements/py3.7/tests.txt +++ b/requirements/py3.7/tests.txt @@ -55,7 +55,7 @@ frozenlist==1.3.0 # via # aiohttp # aiosignal -idna==3.3 +idna==3.7 # via yarl importlib-metadata==4.11.3 # via diff --git a/requirements/py3.8/tests.txt b/requirements/py3.8/tests.txt index 0e34c14..9f1a0e6 100644 --- a/requirements/py3.8/tests.txt +++ b/requirements/py3.8/tests.txt @@ -54,7 +54,7 @@ frozenlist==1.3.0 # via # aiohttp # aiosignal -idna==3.3 +idna==3.7 # via yarl iniconfig==1.1.1 # via pytest diff --git a/requirements/py3.9/tests.txt b/requirements/py3.9/tests.txt index 26dab28..a885f0e 100644 --- a/requirements/py3.9/tests.txt +++ b/requirements/py3.9/tests.txt @@ -54,7 +54,7 @@ frozenlist==1.3.0 # via # aiohttp # aiosignal -idna==3.3 +idna==3.7 # via yarl iniconfig==1.1.1 # via pytest From 6adf6c0cbd4689f27fa2e8f7c09220df6a18caad Mon Sep 17 00:00:00 2001 From: KYTG-Dev <146472893+KYTG-Dev@users.noreply.github.com> Date: Fri, 19 Apr 2024 15:51:54 -0400 Subject: [PATCH 3/7] fix CVE-2024-27306 --- requirements/py3.10/tests.txt | 2 +- requirements/py3.7/tests.txt | 2 +- requirements/py3.8/tests.txt | 2 +- requirements/py3.9/tests.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requirements/py3.10/tests.txt b/requirements/py3.10/tests.txt index 5310f35..f419832 100644 --- a/requirements/py3.10/tests.txt +++ b/requirements/py3.10/tests.txt @@ -12,7 +12,7 @@ aiofiles==0.8.0 # via # acct # dict-toolbox -aiohttp[speedups]==3.8.1 +aiohttp[speedups]==3.9.4 # via pop-aiohttp aiosignal==1.2.0 # via aiohttp diff --git a/requirements/py3.7/tests.txt b/requirements/py3.7/tests.txt index 1b5fe82..0848f19 100644 --- a/requirements/py3.7/tests.txt +++ b/requirements/py3.7/tests.txt @@ -12,7 +12,7 @@ aiofiles==0.8.0 # via # acct # dict-toolbox -aiohttp[speedups]==3.8.1 +aiohttp[speedups]==3.9.4 # via pop-aiohttp aiosignal==1.2.0 # via aiohttp diff --git a/requirements/py3.8/tests.txt b/requirements/py3.8/tests.txt index 9f1a0e6..8a8a07f 100644 --- a/requirements/py3.8/tests.txt +++ b/requirements/py3.8/tests.txt @@ -12,7 +12,7 @@ aiofiles==0.8.0 # via # acct # dict-toolbox -aiohttp[speedups]==3.8.1 +aiohttp[speedups]==3.9.4 # via pop-aiohttp aiosignal==1.2.0 # via aiohttp diff --git a/requirements/py3.9/tests.txt b/requirements/py3.9/tests.txt index a885f0e..2017d23 100644 --- a/requirements/py3.9/tests.txt +++ b/requirements/py3.9/tests.txt @@ -12,7 +12,7 @@ aiofiles==0.8.0 # via # acct # dict-toolbox -aiohttp[speedups]==3.8.1 +aiohttp[speedups]==3.9.4 # via pop-aiohttp aiosignal==1.2.0 # via aiohttp From 55d194b7e0ad5a00350e65c1f5e7571a115b4acb Mon Sep 17 00:00:00 2001 From: KYTG-Dev <146472893+KYTG-Dev@users.noreply.github.com> Date: Fri, 19 Apr 2024 15:52:38 -0400 Subject: [PATCH 4/7] fix CVE-2023-50782 --- requirements/py3.10/tests.txt | 2 +- requirements/py3.7/tests.txt | 2 +- requirements/py3.8/tests.txt | 2 +- requirements/py3.9/tests.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requirements/py3.10/tests.txt b/requirements/py3.10/tests.txt index f419832..94c8bd8 100644 --- a/requirements/py3.10/tests.txt +++ b/requirements/py3.10/tests.txt @@ -42,7 +42,7 @@ charset-normalizer==2.0.12 # via aiohttp colored==1.4.3 # via rend -cryptography==37.0.2 +cryptography==42.0.2 # via acct dict-toolbox==2.2.0 # via diff --git a/requirements/py3.7/tests.txt b/requirements/py3.7/tests.txt index 0848f19..1c892d0 100644 --- a/requirements/py3.7/tests.txt +++ b/requirements/py3.7/tests.txt @@ -43,7 +43,7 @@ charset-normalizer==2.0.12 # via aiohttp colored==1.4.3 # via rend -cryptography==37.0.2 +cryptography==42.0.2 # via acct dict-toolbox==2.2.0 # via diff --git a/requirements/py3.8/tests.txt b/requirements/py3.8/tests.txt index 8a8a07f..9b6d9da 100644 --- a/requirements/py3.8/tests.txt +++ b/requirements/py3.8/tests.txt @@ -42,7 +42,7 @@ charset-normalizer==2.0.12 # via aiohttp colored==1.4.3 # via rend -cryptography==37.0.2 +cryptography==42.0.2 # via acct dict-toolbox==2.2.0 # via diff --git a/requirements/py3.9/tests.txt b/requirements/py3.9/tests.txt index 2017d23..cc37222 100644 --- a/requirements/py3.9/tests.txt +++ b/requirements/py3.9/tests.txt @@ -42,7 +42,7 @@ charset-normalizer==2.0.12 # via aiohttp colored==1.4.3 # via rend -cryptography==37.0.2 +cryptography==42.0.2 # via acct dict-toolbox==2.2.0 # via From 3ee6cd4035f9b231030d4dcac52917eb50bc8d20 Mon Sep 17 00:00:00 2001 From: KYTG-Dev <146472893+KYTG-Dev@users.noreply.github.com> Date: Fri, 19 Apr 2024 16:12:10 -0400 Subject: [PATCH 5/7] update pyyaml package --- requirements/py3.10/tests.txt | 2 +- requirements/py3.7/tests.txt | 2 +- requirements/py3.8/tests.txt | 2 +- requirements/py3.9/tests.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requirements/py3.10/tests.txt b/requirements/py3.10/tests.txt index 94c8bd8..9e97f34 100644 --- a/requirements/py3.10/tests.txt +++ b/requirements/py3.10/tests.txt @@ -125,7 +125,7 @@ pytest==7.1.1 # -r requirements/tests.in # pytest-asyncio # pytest-pop -pyyaml==6.0 +pyyaml==6.0.1 # via # acct # dict-toolbox diff --git a/requirements/py3.7/tests.txt b/requirements/py3.7/tests.txt index 1c892d0..733654e 100644 --- a/requirements/py3.7/tests.txt +++ b/requirements/py3.7/tests.txt @@ -130,7 +130,7 @@ pytest==7.1.1 # -r requirements/tests.in # pytest-asyncio # pytest-pop -pyyaml==6.0 +pyyaml==6.0.1 # via # acct # dict-toolbox diff --git a/requirements/py3.8/tests.txt b/requirements/py3.8/tests.txt index 9b6d9da..b96aae7 100644 --- a/requirements/py3.8/tests.txt +++ b/requirements/py3.8/tests.txt @@ -125,7 +125,7 @@ pytest==7.1.1 # -r requirements/tests.in # pytest-asyncio # pytest-pop -pyyaml==6.0 +pyyaml==6.0.1 # via # acct # dict-toolbox diff --git a/requirements/py3.9/tests.txt b/requirements/py3.9/tests.txt index cc37222..0df1b08 100644 --- a/requirements/py3.9/tests.txt +++ b/requirements/py3.9/tests.txt @@ -125,7 +125,7 @@ pytest==7.1.1 # -r requirements/tests.in # pytest-asyncio # pytest-pop -pyyaml==6.0 +pyyaml==6.0.1 # via # acct # dict-toolbox From 3de6a354b6d22f401bcdeba362a0b8dc76a29e3d Mon Sep 17 00:00:00 2001 From: KYTG-Dev Date: Mon, 22 Apr 2024 14:48:19 -0400 Subject: [PATCH 6/7] remove unused packages from tests.txt --- requirements/py3.10/tests.txt | 4 ---- requirements/py3.8/tests.txt | 4 ---- requirements/py3.9/tests.txt | 4 ---- 3 files changed, 12 deletions(-) diff --git a/requirements/py3.10/tests.txt b/requirements/py3.10/tests.txt index 9e97f34..64168be 100644 --- a/requirements/py3.10/tests.txt +++ b/requirements/py3.10/tests.txt @@ -32,14 +32,10 @@ brotli==1.0.9 # via aiohttp bs4==0.0.1 # via -r requirements/base.txt -cchardet==2.1.7 - # via aiohttp cffi==1.15.0 # via # cryptography # pycares -charset-normalizer==2.0.12 - # via aiohttp colored==1.4.3 # via rend cryptography==42.0.2 diff --git a/requirements/py3.8/tests.txt b/requirements/py3.8/tests.txt index b96aae7..9f32779 100644 --- a/requirements/py3.8/tests.txt +++ b/requirements/py3.8/tests.txt @@ -32,14 +32,10 @@ brotli==1.0.9 # via aiohttp bs4==0.0.1 # via -r requirements/base.txt -cchardet==2.1.7 - # via aiohttp cffi==1.15.0 # via # cryptography # pycares -charset-normalizer==2.0.12 - # via aiohttp colored==1.4.3 # via rend cryptography==42.0.2 diff --git a/requirements/py3.9/tests.txt b/requirements/py3.9/tests.txt index 0df1b08..908cdba 100644 --- a/requirements/py3.9/tests.txt +++ b/requirements/py3.9/tests.txt @@ -32,14 +32,10 @@ brotli==1.0.9 # via aiohttp bs4==0.0.1 # via -r requirements/base.txt -cchardet==2.1.7 - # via aiohttp cffi==1.15.0 # via # cryptography # pycares -charset-normalizer==2.0.12 - # via aiohttp colored==1.4.3 # via rend cryptography==42.0.2 From 88aab5b6d54577868a4986562f54c4cf94b1377c Mon Sep 17 00:00:00 2001 From: KYTG-Dev <146472893+KYTG-Dev@users.noreply.github.com> Date: Tue, 23 Apr 2024 10:54:29 -0400 Subject: [PATCH 7/7] remove py3.7, add py3.11 requirements --- .pre-commit-config.yaml | 30 +++--- requirements/{py3.7 => py3.11}/tests.txt | 117 +++++++++-------------- 2 files changed, 61 insertions(+), 86 deletions(-) rename requirements/{py3.7 => py3.11}/tests.txt (57%) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 01fa15a..65b0af2 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -48,14 +48,14 @@ repos: rev: v2.38.4 hooks: - id: pyupgrade - name: Rewrite Code to be Py3.7+ - args: [--py37-plus] + name: Rewrite Code to be Py3.8+ + args: [--py38-plus] - repo: https://github.com/asottile/reorder_python_imports rev: v2.6.0 hooks: - id: reorder-python-imports - args: [--py37-plus] + args: [--py38-plus] - repo: https://github.com/psf/black rev: 22.3.0 @@ -82,18 +82,6 @@ repos: - repo: https://github.com/saltstack/pip-tools-compile-impersonate rev: '4.1' hooks: - - id: pip-tools-compile - alias: compile-3.7-test-requirements - name: Py3.7 Test Requirements - files: ^requirements/tests.in$ - pass_filenames: false - args: - - -v - - --py-version=3.7 - - --platform=linux - - --no-emit-index-url - - requirements/tests.in - - id: pip-tools-compile alias: compile-3.8-test-requirements name: Py3.8 Test Requirements @@ -130,6 +118,18 @@ repos: - --no-emit-index-url - requirements/tests.in + - id: pip-tools-compile + alias: compile-3.11-test-requirements + name: Py3.11 Test Requirements + files: ^requirements/tests.in$ + pass_filenames: false + args: + - -v + - --py-version=3.11 + - --platform=linux + - --no-emit-index-url + - requirements/tests.in + # <---- Testing Static Requirements ------------------------------------------------------------------------------------- # ----- Docs --------------------------------------------------------------------------------------------------> diff --git a/requirements/py3.7/tests.txt b/requirements/py3.11/tests.txt similarity index 57% rename from requirements/py3.7/tests.txt rename to requirements/py3.11/tests.txt index 733654e..1e5b6a7 100644 --- a/requirements/py3.7/tests.txt +++ b/requirements/py3.11/tests.txt @@ -2,130 +2,116 @@ # This file is autogenerated by pip-compile # To update, run: # -# pip-compile --no-emit-index-url --output-file=requirements/py3.7/tests.txt requirements/tests.in +# pip-compile --no-emit-index-url --output-file=requirements/py3.11/tests.txt requirements/tests.in # -acct==6.5.1 +acct==8.6.2 # via pop-aiohttp -aiodns==3.0.0 +aiodns==3.2.0 # via aiohttp -aiofiles==0.8.0 +aiofiles==23.2.1 # via # acct # dict-toolbox -aiohttp[speedups]==3.9.4 +aiohttp[speedups]==3.9.5 # via pop-aiohttp -aiosignal==1.2.0 - # via aiohttp -async-timeout==4.0.2 +aiosignal==1.3.1 # via aiohttp asynctest==0.13.0 - # via - # -r requirements/tests.in - # aiohttp - # pytest-pop -attrs==21.4.0 - # via - # aiohttp - # pytest -beautifulsoup4==4.11.1 + # via -r requirements/tests.in +attrs==23.2.0 + # via aiohttp +beautifulsoup4==4.12.3 # via bs4 -brotli==1.0.9 +brotli==1.1.0 # via aiohttp -bs4==0.0.1 +bs4==0.0.2 # via -r requirements/base.txt -cchardet==2.1.7 - # via aiohttp -cffi==1.15.0 +cffi==1.16.0 # via # cryptography # pycares -charset-normalizer==2.0.12 - # via aiohttp -colored==1.4.3 +colorama==0.4.6 # via rend -cryptography==42.0.2 +cryptography==42.0.5 # via acct -dict-toolbox==2.2.0 +dict-toolbox==5.0.0 # via # acct # pop # pop-config + # pytest-pop # rend -frozenlist==1.3.0 +frozenlist==1.4.1 # via # aiohttp # aiosignal idna==3.7 # via yarl -importlib-metadata==4.11.3 - # via - # pluggy - # pytest -iniconfig==1.1.1 +iniconfig==2.0.0 # via pytest jinja2==3.1.3 # via rend -markupsafe==2.1.1 +lazy-object-proxy==1.10.0 + # via pop +markupsafe==2.1.5 # via jinja2 -mock==4.0.3 +mock==5.1.0 # via # -r requirements/tests.in # pytest-pop -msgpack==1.0.3 +msgpack==1.0.8 # via - # acct # dict-toolbox -multidict==6.0.2 + # pop-serial +multidict==6.0.5 # via # aiohttp # yarl -nest-asyncio==1.5.4 +nest-asyncio==1.6.0 # via # pop-loop # pytest-pop -packaging==21.3 +packaging==24.0 # via pytest -pluggy==1.0.0 +pluggy==1.5.0 # via pytest -pop-aiohttp==1.0.0 +pop-aiohttp==1.2.0 # via -r requirements/base.txt -pop-config==9.0.0 +pop-config==12.0.4 # via # acct # pop # pop-aiohttp -pop-loop==1.0.4 + # pytest-pop +pop-loop==1.1.0 # via # pop # pop-aiohttp -pop==21.0.1 +pop-serial==2.0.0 + # via acct +pop==27.1.0 # via # -r requirements/base.txt # acct # pop-aiohttp # pop-config # pop-loop + # pop-serial # pytest-pop # rend -proxy-tools==0.1.0 - # via pop -py==1.11.0 - # via pytest -pycares==4.2.2 +pycares==4.4.0 # via aiodns -pycparser==2.21 +pycparser==2.22 # via cffi -pyparsing==3.0.7 - # via packaging pytest-async==0.1.1 # via pytest-pop -pytest-asyncio==0.18.2 +pytest-asyncio==0.18.3 # via # -r requirements/tests.in # pytest-pop -pytest-pop==8.0.1 +pytest-pop==12.0.0 # via -r requirements/tests.in -pytest==7.1.1 +pytest==8.1.1 # via # -r requirements/tests.in # pytest-asyncio @@ -136,26 +122,15 @@ pyyaml==6.0.1 # dict-toolbox # pop # rend -rend==6.4.2 +rend==7.0.2 # via # acct # pop-config -sniffio==1.2.0 +sniffio==1.3.1 # via pop-loop -soupsieve==2.3.2.post1 +soupsieve==2.5 # via beautifulsoup4 toml==0.10.2 # via rend -tomli==2.0.1 - # via pytest -typing-extensions==4.1.1 - # via - # aiohttp - # async-timeout - # importlib-metadata - # pytest-asyncio - # yarl -yarl==1.7.2 +yarl==1.9.4 # via aiohttp -zipp==3.7.0 - # via importlib-metadata