Skip to content

Commit

Permalink
Upgrade django and sqlparse to pickup CVE fixes
Browse files Browse the repository at this point in the history 
Signed-off-by: Tomas Z <[email protected]>
  • Loading branch information
@tznamena
tznamena committed Sep 16, 2024
1 parent c9ae368 commit f5d4f44
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 24 deletions.
4 changes: 2 additions & 2 deletions requirements/requirements.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ cryptography>=41.0.7 # CVE-2023-49083
Cython<3 # due to https://github.com/yaml/pyyaml/pull/702
daphne
distro
django==4.2.10 # CVE-2024-24680
django==4.2.16 # CVEs up to CVE-2024-45230
django-auth-ldap
django-cors-headers
django-crum
Expand Down Expand Up @@ -58,7 +58,7 @@ pyzstd # otel collector log file compression library
receptorctl
social-auth-core[openidconnect]==4.4.2 # see UPGRADE BLOCKERs
social-auth-app-django==5.4.0 # see UPGRADE BLOCKERs
sqlparse>=0.4.4 # Required by django https://github.com/ansible/awx/security/dependabot/96
sqlparse==0.5.0 # CVE-2024-4340
redis[hiredis]
requests
slack-sdk
Expand Down
47 changes: 25 additions & 22 deletions requirements/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,6 @@ asgiref==3.7.2
# django-cors-headers
asn1==2.7.0
# via -r /awx_devel/requirements/requirements.in
async-timeout==4.0.3
# via
# aiohttp
# redis
attrs==23.2.0
# via
# aiohttp
Expand All @@ -43,6 +39,7 @@ autocommand==2.2.2
# via jaraco-text
automat==22.10.0
# via twisted
# via -r /awx_devel/requirements/requirements_git.txt
azure-common==1.1.28
# via
# azure-keyvault-certificates
Expand All @@ -56,17 +53,23 @@ azure-core==1.30.0
# azure-keyvault-secrets
# msrest
azure-identity==1.15.0
# via -r /awx_devel/requirements/requirements.in
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
azure-keyvault==4.2.0
# via -r /awx_devel/requirements/requirements.in
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
azure-keyvault-certificates==4.7.0
# via azure-keyvault
azure-keyvault-keys==4.8.0
# via azure-keyvault
azure-keyvault-secrets==4.7.0
# via azure-keyvault
boto3==1.34.47
# via -r /awx_devel/requirements/requirements.in
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
botocore==1.34.47
# via
# -r /awx_devel/requirements/requirements.in
Expand Down Expand Up @@ -124,9 +127,10 @@ deprecated==1.2.14
# opentelemetry-exporter-otlp-proto-http
distro==1.9.0
# via -r /awx_devel/requirements/requirements.in
django==4.2.10
django==4.2.16
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
# channels
# django-ansible-base
# django-auth-ldap
Expand Down Expand Up @@ -211,10 +215,7 @@ idna==3.6
# twisted
# yarl
importlib-metadata==6.2.1
# via
# ansible-runner
# markdown
# opentelemetry-api
# via opentelemetry-api
incremental==22.10.0
# via twisted
inflect==7.0.0
Expand Down Expand Up @@ -293,7 +294,9 @@ msgpack==1.0.5
msrest==0.7.1
# via msrestazure
msrestazure==0.6.4
# via -r /awx_devel/requirements/requirements.in
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
multidict==6.0.5
# via
# aiohttp
Expand Down Expand Up @@ -415,7 +418,9 @@ python-dateutil==2.8.2
# kubernetes
# receptorctl
python-dsv-sdk==1.0.4
# via -r /awx_devel/requirements/requirements.in
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
python-jose==3.3.0
# via social-auth-core
python-ldap==3.4.4
Expand All @@ -425,7 +430,9 @@ python-ldap==3.4.4
python-string-utils==1.0.0
# via openshift
python-tss-sdk==1.2.2
# via -r /awx_devel/requirements/requirements.in
# via
# -r /awx_devel/requirements/requirements.in
# awx-plugins-core
python3-openid==3.2.0
# via social-auth-core
# via -r /awx_devel/requirements/requirements_git.txt
Expand All @@ -437,6 +444,7 @@ pyyaml==6.0.1
# via
# -r /awx_devel/requirements/requirements.in
# ansible-runner
# awx-plugins-core
# djangorestframework-yaml
# kubernetes
# receptorctl
Expand All @@ -456,6 +464,7 @@ requests==2.31.0
# via
# -r /awx_devel/requirements/requirements.in
# adal
# awx-plugins-core
# azure-core
# django-ansible-base
# django-oauth-toolkit
Expand Down Expand Up @@ -515,7 +524,7 @@ social-auth-core[openidconnect]==4.4.2
# via
# -r /awx_devel/requirements/requirements.in
# social-auth-app-django
sqlparse==0.4.4
sqlparse==0.5.0
# via
# -r /awx_devel/requirements/requirements.in
# django
Expand All @@ -525,11 +534,6 @@ tempora==5.5.1
# via
# irc
# jaraco-logging
tomli==2.0.1
# via
# maturin
# setuptools-rust
# setuptools-scm
twilio==8.13.0
# via -r /awx_devel/requirements/requirements.in
twisted[tls]==23.10.0
Expand All @@ -540,7 +544,6 @@ txaio==23.1.1
# via autobahn
typing-extensions==4.9.0
# via
# asgiref
# azure-core
# azure-keyvault-certificates
# azure-keyvault-keys
Expand Down

0 comments on commit f5d4f44

Please sign in to comment.