From bc28e3e2f9311c99ac61e876ef2724331a20be2b Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Thu, 19 Jun 2025 06:58:20 -0700 Subject: [PATCH 1/3] upgrade python again to 3.13.2 --- .github/actions/setup-project/action.yml | 4 ++-- README.md | 16 ++++++++-------- poetry.lock | 8 ++------ pyproject.toml | 2 +- runtime.txt | 2 +- 5 files changed, 14 insertions(+), 18 deletions(-) diff --git a/.github/actions/setup-project/action.yml b/.github/actions/setup-project/action.yml index 6a7d508a0..ad207f112 100644 --- a/.github/actions/setup-project/action.yml +++ b/.github/actions/setup-project/action.yml @@ -9,10 +9,10 @@ runs: sudo apt-get update \ && sudo apt-get install -y --no-install-recommends \ libcurl4-openssl-dev - - name: Set up Python 3.12.2 + - name: Set up Python 3.13.2 uses: actions/setup-python@v4 with: - python-version: "3.12.2" + python-version: "3.13.2" - name: Install poetry shell: bash run: pip install poetry==2.1.3 diff --git a/README.md b/README.md index c8a2e44c5..35cea487f 100644 --- a/README.md +++ b/README.md @@ -186,12 +186,12 @@ session to make the changes take effect. Now we're ready to install the Python version we need with `pyenv`, like so: ```sh -pyenv install 3.12 +pyenv install 3.13 ``` -This will install the latest version of Python 3.12. +This will install the latest version of Python 3.13. -_NOTE: This project currently runs on Python 3.12.x._ +_NOTE: This project currently runs on Python 3.13.x._ #### [API Step] Python Dependency Installation @@ -243,12 +243,12 @@ git clone git@github.com:GSA/notifications-admin.git Now go into the project directory (`notifications-admin` by default), create a virtual environment, and set the local Python version to point to the virtual -environment (assumes version Python `3.12.2` is what is installed on your +environment (assumes version Python `3.13.2` is what is installed on your machine): ```sh cd notifications-admin -pyenv virtualenv 3.12.2 notify-admin +pyenv virtualenv 3.13.2 notify-admin pyenv local notify-admin ``` @@ -281,10 +281,10 @@ If you're upgrading an existing project to a newer version of Python, you can follow these steps to get yourself up-to-date. First, use `pyenv` to install the newer version of Python you'd like to use; -we'll use `3.12` in our example here since we recently upgraded to this version: +we'll use `3.13` in our example here since we recently upgraded to this version: ```sh -pyenv install 3.12 +pyenv install 3.13 ``` Next, delete the virtual environment you previously had set up. If you followed @@ -299,7 +299,7 @@ environment with the newer version of Python you just installed: ```sh cd notifications-admin -pyenv virtualenv 3.12.2 notify-admin +pyenv virtualenv 3.13.2 notify-admin pyenv local notify-admin ``` diff --git a/poetry.lock b/poetry.lock index 641e506d6..b072e8495 100644 --- a/poetry.lock +++ b/poetry.lock @@ -27,7 +27,6 @@ files = [ [package.dependencies] idna = ">=2.8" sniffio = ">=1.1" -typing_extensions = {version = ">=4.5", markers = "python_version < \"3.13\""} [package.extras] doc = ["Sphinx (>=8.2,<9.0)", "packaging", "sphinx-autodoc-typehints (>=1.2.0)", "sphinx_rtd_theme"] @@ -949,9 +948,6 @@ files = [ {file = "exceptiongroup-1.3.0.tar.gz", hash = "sha256:b241f5885f560bc56a59ee63ca4c6a8bfa46ae4ad651af316d4e81817bb9fd88"}, ] -[package.dependencies] -typing-extensions = {version = ">=4.6.0", markers = "python_version < \"3.13\""} - [package.extras] test = ["pytest (>=6)"] @@ -4128,5 +4124,5 @@ cffi = ["cffi (>=1.11)"] [metadata] lock-version = "2.1" -python-versions = "^3.12.2" -content-hash = "acc8897a5d775035e535d20a130a984636c954bb4a597f4f479dccd1bf172ba2" +python-versions = "^3.13.2" +content-hash = "ab3d05d57794f6b989981791e00c0bb03bbb18d161f5f9a517b46dee64c5ea2a" diff --git a/pyproject.toml b/pyproject.toml index e591c3fe7..06e49a985 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -8,7 +8,7 @@ package-mode = false [tool.poetry.dependencies] axe-core-python = "^0.1.0" -python = "^3.12.2" +python = "^3.13.2" ago = "~=0.1.0" beautifulsoup4 = "^4.13.3" blinker = "~=1.8" diff --git a/runtime.txt b/runtime.txt index 64f28603a..c94f67640 100644 --- a/runtime.txt +++ b/runtime.txt @@ -1 +1 @@ -python-3.12.x +python-3.13.x From f73b44abba8daec29ec3f35dc3bda04acbcc5f75 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Thu, 19 Jun 2025 07:07:02 -0700 Subject: [PATCH 2/3] upgrade to urllib 2.5.0 due to pip audit --- poetry.lock | 8 ++++---- pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index b072e8495..6d0c2c06b 100644 --- a/poetry.lock +++ b/poetry.lock @@ -3784,14 +3784,14 @@ files = [ [[package]] name = "urllib3" -version = "2.4.0" +version = "2.5.0" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false python-versions = ">=3.9" groups = ["main", "dev"] files = [ - {file = "urllib3-2.4.0-py3-none-any.whl", hash = "sha256:4e16665048960a0900c702d4a66415956a584919c03361cac9f1df5c5dd7e813"}, - {file = "urllib3-2.4.0.tar.gz", hash = "sha256:414bc6535b787febd7567804cc015fee39daab8ad86268f1310a9250697de466"}, + {file = "urllib3-2.5.0-py3-none-any.whl", hash = "sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc"}, + {file = "urllib3-2.5.0.tar.gz", hash = "sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760"}, ] [package.extras] @@ -4125,4 +4125,4 @@ cffi = ["cffi (>=1.11)"] [metadata] lock-version = "2.1" python-versions = "^3.13.2" -content-hash = "ab3d05d57794f6b989981791e00c0bb03bbb18d161f5f9a517b46dee64c5ea2a" +content-hash = "d98565f1af2809cf4ee04b26bd9fa49cf0ffa1280029caa925024c6c6ec06923" diff --git a/pyproject.toml b/pyproject.toml index 06e49a985..b025774f6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -68,7 +68,7 @@ python-dateutil = "^2.9.0.post0" pyyaml = "^6.0.1" requests = "^2.32.4" six = "^1.16.0" -urllib3 = "^2.2.2" +urllib3 = "^2.5.0" webencodings = "^0.5.1" virtualenv = "<20.30" From d317240ddf844163fadf47f1961584c3a933e779 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Mon, 23 Jun 2025 12:09:24 -0700 Subject: [PATCH 3/3] ugh --- poetry.lock | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/poetry.lock b/poetry.lock index 8d8628933..3693d86be 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.1.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.1.3 and should not be changed by hand. [[package]] name = "ago" @@ -4125,5 +4125,4 @@ cffi = ["cffi (>=1.11)"] [metadata] lock-version = "2.1" python-versions = "^3.13.2" -content-hash = "d98565f1af2809cf4ee04b26bd9fa49cf0ffa1280029caa925024c6c6ec06923" - +content-hash = "ae9e6a9bb12ace3aba4af3c962513082956b9f284f43a99dce1dd5682e022db7"