Bump requests from 2.25.1 to 2.31.0 (#395)

* Bump requests from 2.25.1 to 2.31.0 Bumps [requests](https://github.com/psf/requests) from 2.25.1 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.25.1...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * fixed vulnerability analysis (excluded new/different vulns) Signed-off-by: Jürgen Eckel <juergen@riddleandcode.com> * disabled another vuln Signed-off-by: Jürgen Eckel <juergen@riddleandcode.com> * adjust the right pipeline Signed-off-by: Jürgen Eckel <juergen@riddleandcode.com> * fixed proper pipeline Signed-off-by: Jürgen Eckel <juergen@riddleandcode.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jürgen Eckel <juergen@riddleandcode.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jürgen Eckel <juergen@riddleandcode.com>
2025-06-05 05:36:41 +00:00 · 2023-05-23 14:06:02 +02:00 · 2023-05-23 14:06:02 +02:00 · 3e223f04cd
commit 3e223f04cd
parent 95001fc262
4 changed files with 14 additions and 14 deletions
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@ -56,7 +56,7 @@ jobs:
        run: poetry run pip freeze > requirements.txt

      - name: Audit dependencies
-        run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579
+        run: poetry run pip-audit --ignore-vuln PYSEC-2022-203  --ignore-vuln PYSEC-2023-58 --ignore-vuln PYSEC-2023-57  --ignore-vuln GHSA-m2qf-hxjv-5gpq --ignore-vuln PYSEC-2022-4301 --ignore-vuln PYSEC-2022-43012 

  test:
    needs: lint
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@ -34,4 +34,4 @@ jobs:
        run: poetry run pip freeze > requirements.txt

      - name: Audit dependencies
-        run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579
+        run: poetry run pip-audit --ignore-vuln PYSEC-2022-203  --ignore-vuln PYSEC-2023-58 --ignore-vuln PYSEC-2023-57  --ignore-vuln GHSA-m2qf-hxjv-5gpq --ignore-vuln PYSEC-2022-4301
--- a/poetry.lock
+++ b/poetry.lock
@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.4.2 and should not be changed by hand.
+# This file is automatically @generated by Poetry and should not be changed by hand.

 [[package]]
 name = "aafigure"
@ -2631,25 +2631,25 @@ md = ["cmarkgfm (>=0.8.0)"]

 [[package]]
 name = "requests"
-version = "2.25.1"
+version = "2.31.0"
 description = "Python HTTP for Humans."
 category = "main"
 optional = false
-python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
+python-versions = ">=3.7"
 files = [
-    {file = "requests-2.25.1-py2.py3-none-any.whl", hash = "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"},
-    {file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"},
+    {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"},
+    {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"},
 ]

 [package.dependencies]
 certifi = ">=2017.4.17"
-chardet = ">=3.0.2,<5"
-idna = ">=2.5,<3"
-urllib3 = ">=1.21.1,<1.27"
+charset-normalizer = ">=2,<4"
+idna = ">=2.5,<4"
+urllib3 = ">=1.21.1,<3"

 [package.extras]
-security = ["cryptography (>=1.3.4)", "pyOpenSSL (>=0.14)"]
-socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"]
+socks = ["PySocks (>=1.5.6,!=1.5.7)"]
+use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"]

 [[package]]
 name = "requests-toolbelt"
@ -3395,4 +3395,4 @@ testing = ["func-timeout", "jaraco.itertools", "pytest (>=6)", "pytest-black (>=
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.9"
-content-hash = "fd2d68ab80c881889e69ef05f682ba0659d183f95bd135ebb1e4939cd8ca7b3d"
+content-hash = "7bbc4f46a465a2586505b3cf89d87ff3106d81824aef18670b154d71721b53a4"
--- a/pyproject.toml
+++ b/pyproject.toml
@ -37,7 +37,7 @@ pymongo = "3.11.4"
 tarantool = ">=0.12.1"
 python-rapidjson = ">=1.0"
 pyyaml = "6.0.0"
-requests = "2.25.1"
+requests = "2.31.0"
 setproctitle = "1.2.2"
 werkzeug = "2.0.3"
 nest-asyncio = "1.5.5"