From a2ab1ab7e20e3057cfbc1e7f60fcfc222afbda12 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Aug 2024 04:32:41 +0000 Subject: [PATCH] Bump the pip group across 1 directory with 10 updates Bumps the pip group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cryptography](https://github.com/pyca/cryptography) | `42.0.8` | `43.0.0` | | [gevent](https://github.com/gevent/gevent) | `21.8.0` | `23.9.0` | | [idna](https://github.com/kjd/idna) | `2.10` | `3.7` | | [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.4` | | [lxml](https://github.com/lxml/lxml) | `5.2.1` | `5.3.0` | | [pillow](https://github.com/python-pillow/Pillow) | `10.2.0` | `10.3.0` | | [reportlab](https://www.reportlab.com/) | `4.1.0` | `4.2.2` | | [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.2` | | [urllib3](https://github.com/urllib3/urllib3) | `2.0.7` | `2.2.2` | | [werkzeug](https://github.com/pallets/werkzeug) | `2.0.2` | `3.0.3` | Updates `cryptography` from 42.0.8 to 43.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/42.0.8...43.0.0) Updates `gevent` from 21.8.0 to 23.9.0 - [Release notes](https://github.com/gevent/gevent/releases) - [Changelog](https://github.com/gevent/gevent/blob/master/docs/changelog_pre.rst) - [Commits](https://github.com/gevent/gevent/compare/21.8.0...23.9.0) Updates `idna` from 2.10 to 3.7 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v2.10...v3.7) Updates `jinja2` from 3.1.2 to 3.1.4 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/3.1.2...3.1.4) Updates `lxml` from 5.2.1 to 5.3.0 - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](https://github.com/lxml/lxml/compare/lxml-5.2.1...lxml-5.3.0) Updates `pillow` from 10.2.0 to 10.3.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.2.0...10.3.0) Updates `reportlab` from 4.1.0 to 4.2.2 Updates `requests` from 2.31.0 to 2.32.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.31.0...v2.32.2) Updates `urllib3` from 2.0.7 to 2.2.2 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/2.0.7...2.2.2) Updates `werkzeug` from 2.0.2 to 3.0.3 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/werkzeug/compare/2.0.2...3.0.3) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production dependency-group: pip - dependency-name: gevent dependency-type: direct:production dependency-group: pip - dependency-name: idna dependency-type: direct:production dependency-group: pip - dependency-name: jinja2 dependency-type: direct:production dependency-group: pip - dependency-name: lxml dependency-type: direct:production dependency-group: pip - dependency-name: pillow dependency-type: direct:production dependency-group: pip - dependency-name: reportlab dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-type: direct:production dependency-group: pip - dependency-name: werkzeug dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] --- requirements.txt | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/requirements.txt b/requirements.txt index 94e79d811cdbb..da458680ee5a9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ Babel==2.9.1 # min version = 2.6.0 (Focal with security backports) chardet==4.0.0 cryptography==3.4.8; python_version < '3.12' # incompatibility between pyopenssl 19.0.0 and cryptography>=37.0.0 -cryptography==42.0.8 ; python_version >= '3.12' # (Noble) min 41.0.7, pinning 42.0.8 for security fixes +cryptography==43.0.0 ; python_version >= '3.12' # (Noble) min 41.0.7, pinning 42.0.8 for security fixes decorator==4.4.2 docutils==0.17 ebaysdk==2.1.5 @@ -11,18 +11,18 @@ freezegun==1.1.0 geoip2==2.9.0 gevent==21.8.0 ; sys_platform != 'win32' and python_version == '3.10' # (Jammy) gevent==22.10.2; sys_platform != 'win32' and python_version > '3.10' and python_version < '3.12' -gevent==24.2.1 ; sys_platform != 'win32' and python_version >= '3.12' # (Noble) +gevent==23.9.0 ; sys_platform != 'win32' and python_version >= '3.12' # (Noble) greenlet==1.1.2 ; sys_platform != 'win32' and python_version == '3.10' # (Jammy) greenlet==2.0.2 ; sys_platform != 'win32' and python_version > '3.10' and python_version < '3.12' greenlet==3.0.3 ; sys_platform != 'win32' and python_version >= '3.12' # (Noble) -idna==2.10 # requests 2.25.1 depends on idna<3 and >=2.5 +idna==3.7 # requests 2.25.1 depends on idna<3 and >=2.5 Jinja2==3.0.3 ; python_version <= '3.10' -Jinja2==3.1.2 ; python_version > '3.10' +Jinja2==3.1.4 ; python_version > '3.10' libsass==0.20.1 ; python_version < '3.12' libsass==0.22.0 ; python_version >= '3.12' # (Noble) Mostly to have a wheel package lxml==4.8.0 ; python_version <= '3.10' lxml==4.9.3 ; python_version > '3.10' and python_version < '3.12' # min 4.9.2, pinning 4.9.3 because of missing wheels for darwin in 4.9.3 -lxml==5.2.1; python_version >= '3.12' # (Noble - removed html clean) +lxml==5.3.0; python_version >= '3.12' # (Noble - removed html clean) lxml-html-clean; python_version >= '3.12' # (Noble - removed from lxml, unpinned for futur security patches) MarkupSafe==2.0.1 ; python_version <= '3.10' MarkupSafe==2.1.2 ; python_version > '3.10' and python_version < '3.12' @@ -32,7 +32,7 @@ ofxparse==0.21 passlib==1.7.4 # min version = 1.7.2 (Focal with security backports) Pillow==9.0.1 ; python_version <= '3.10' Pillow==9.4.0 ; python_version > '3.10' and python_version < '3.12' -Pillow==10.2.0 ; python_version >= '3.12' # (Noble) Mostly to have a wheel package +Pillow==10.3.0 ; python_version >= '3.12' # (Noble) Mostly to have a wheel package polib==1.1.1 psutil==5.9.0 ; python_version <= '3.10' psutil==5.9.4 ; python_version > '3.10' and python_version < '3.12' @@ -56,14 +56,14 @@ pyusb==1.2.1 qrcode==7.3.1 reportlab==3.6.8 ; python_version <= '3.10' reportlab==3.6.12 ; python_version > '3.10' and python_version < '3.12' -reportlab==4.1.0 ; python_version >= '3.12' # (Noble) Mostly to have a wheel package +reportlab==4.2.2 ; python_version >= '3.12' # (Noble) Mostly to have a wheel package requests==2.25.1 ; python_version < '3.12' # versions < 2.25 aren't compatible w/ urllib3 1.26. Bullseye = 2.25.1. min version = 2.22.0 (Focal) -requests==2.31.0 ; python_version >= '3.12' # (Noble) +requests==2.32.2 ; python_version >= '3.12' # (Noble) rjsmin==1.1.0 urllib3==1.26.5 ; python_version < '3.12' # indirect / min version = 1.25.8 (Focal with security backports) -urllib3==2.0.7 ; python_version >= '3.12' # (Noble) Compatibility with cryptography +urllib3==2.2.2 ; python_version >= '3.12' # (Noble) Compatibility with cryptography vobject==0.9.6.1 -Werkzeug==2.0.2 +Werkzeug==3.0.3 xlrd==1.2.0 XlsxWriter==3.0.2 xlwt==1.3.0