diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index a3a8164..1321b31 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -56,7 +56,7 @@ jobs: run: poetry run pip freeze > requirements.txt - name: Audit dependencies - run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579 + run: poetry run pip-audit --ignore-vuln PYSEC-2022-203 --ignore-vuln PYSEC-2023-58 --ignore-vuln PYSEC-2023-57 --ignore-vuln GHSA-m2qf-hxjv-5gpq --ignore-vuln PYSEC-2022-4301 --ignore-vuln PYSEC-2022-43012 test: needs: lint diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index b09f49c..3e0e924 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -34,4 +34,4 @@ jobs: run: poetry run pip freeze > requirements.txt - name: Audit dependencies - run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579 + run: poetry run pip-audit --ignore-vuln PYSEC-2022-203 --ignore-vuln PYSEC-2023-58 --ignore-vuln PYSEC-2023-57 --ignore-vuln GHSA-m2qf-hxjv-5gpq --ignore-vuln PYSEC-2022-4301 diff --git a/poetry.lock b/poetry.lock index 17b8630..b7c1ad1 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.4.2 and should not be changed by hand. +# This file is automatically @generated by Poetry and should not be changed by hand. [[package]] name = "aafigure" @@ -2631,25 +2631,25 @@ md = ["cmarkgfm (>=0.8.0)"] [[package]] name = "requests" -version = "2.25.1" +version = "2.31.0" description = "Python HTTP for Humans." category = "main" optional = false -python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" +python-versions = ">=3.7" files = [ - {file = "requests-2.25.1-py2.py3-none-any.whl", hash = "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"}, - {file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"}, + {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"}, + {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"}, ] [package.dependencies] certifi = ">=2017.4.17" -chardet = ">=3.0.2,<5" -idna = ">=2.5,<3" -urllib3 = ">=1.21.1,<1.27" +charset-normalizer = ">=2,<4" +idna = ">=2.5,<4" +urllib3 = ">=1.21.1,<3" [package.extras] -security = ["cryptography (>=1.3.4)", "pyOpenSSL (>=0.14)"] -socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"] +socks = ["PySocks (>=1.5.6,!=1.5.7)"] +use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] [[package]] name = "requests-toolbelt" @@ -3395,4 +3395,4 @@ testing = ["func-timeout", "jaraco.itertools", "pytest (>=6)", "pytest-black (>= [metadata] lock-version = "2.0" python-versions = "^3.9" -content-hash = "fd2d68ab80c881889e69ef05f682ba0659d183f95bd135ebb1e4939cd8ca7b3d" +content-hash = "7bbc4f46a465a2586505b3cf89d87ff3106d81824aef18670b154d71721b53a4" diff --git a/pyproject.toml b/pyproject.toml index 8333268..619f1bb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -37,7 +37,7 @@ pymongo = "3.11.4" tarantool = ">=0.12.1" python-rapidjson = ">=1.0" pyyaml = "6.0.0" -requests = "2.25.1" +requests = "2.31.0" setproctitle = "1.2.2" werkzeug = "2.0.3" nest-asyncio = "1.5.5"