Merge #2896

2896: Update python deps to fix CVEs and build r=mergify[bot] a=ghostwheel42 ## What type of PR? Security ## What does this PR do? Fixes CVEs shown by depandabot and fixes build. Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2025-01-16 02:46:44 +02:00 · 2023-08-06 17:39:13 +00:00 · 2023-08-06 17:39:13 +00:00 · f17aa85b54
commit f17aa85b54
parent 62096c77c0 2d9b348eb0
1 changed files with 9 additions and 10 deletions
--- a/core/base/requirements-prod.txt
+++ b/core/base/requirements-prod.txt
@ -1,5 +1,5 @@
 aiodns==3.0.0
-aiohttp==3.8.3
+aiohttp==3.8.5
 aiosignal==1.2.0
 alembic==1.8.1
 async-timeout==4.0.2
@ -7,12 +7,12 @@ attrs==22.1.0
 Babel==2.11.0
 bcrypt==4.0.1
 blinker==1.5
-certifi==2022.12.7
+certifi==2023.7.22
 cffi==1.15.1
 charset-normalizer==2.1.1
 click==8.1.3
 colorclass==2.2.2
-cryptography==39.0.1
+cryptography==41.0.3
 decorator==5.1.1
 defusedxml==0.7.1
 Deprecated==1.2.13
@ -20,7 +20,7 @@ dnspython==2.2.1
 dominate==2.7.0
 easygui==0.98.3
 email-validator==1.3.0
-Flask==2.2.2
+Flask==2.2.5
 Flask-Babel==2.0.0
 Flask-Bootstrap==3.3.7.1
 Flask-DebugToolbar==0.13.1
@ -43,7 +43,7 @@ Mako==1.2.3
 MarkupSafe==2.1.1
 marshmallow==3.18.0
 marshmallow-sqlalchemy==0.28.1
-msoffcrypto-tool==5.0.0
+msoffcrypto-tool==5.1.1
 multidict==6.0.2
 mysql-connector-python==8.0.32
 olefile==0.46
@ -57,16 +57,15 @@ protobuf==3.20.2
 psycopg2-binary==2.9.5
 pycares==4.2.2
 pycparser==2.21
-Pygments==2.13.0
-pyOpenSSL==23.1.1
+Pygments==2.15.0
 pyparsing==2.4.7
 python-dateutil==2.8.2
 python-magic==0.4.27
 pytz==2022.6
-PyYAML==6.0
+PyYAML==6.0.1
 Radicale==3.1.8
-redis==4.3.6
-requests==2.28.1
+redis==4.4.4
+requests==2.31.0
 six==1.16.0
 socrate @ file:///app/libs/socrate
 SQLAlchemy==1.4.42