From 80ad40f58731d8f9347074513825a33e26e59bc6 Mon Sep 17 00:00:00 2001 From: Chris Hill-Scott Date: Thu, 5 May 2022 13:43:45 +0100 Subject: [PATCH 1/3] Update minor and patch versions of some core dependencies --- requirements.in | 8 ++++---- requirements.txt | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/requirements.in b/requirements.in index 268743e01..6a86da0aa 100644 --- a/requirements.in +++ b/requirements.in @@ -7,9 +7,9 @@ humanize==4.0.0 Flask==1.1.2 # pyup: <2 Flask-WTF==1.0.1 wtforms==3.0.1 -Flask-Login==0.6.0 -werkzeug==2.0.2 -jinja2==3.0.2 +Flask-Login==0.6.1 +werkzeug==2.1.2 +jinja2==3.1.2 blinker==1.4 pyexcel==0.7.0 @@ -23,7 +23,7 @@ git+https://github.com/benoitc/gunicorn.git@1299ea9e967a61ae2edebe191082fd169b86 notifications-python-client==6.3.0 rtreelib==0.2.0 fido2==0.9.3 -pyproj==3.3.0 +pyproj==3.3.1 # PaaS awscli-cwlogs>=1.4,<1.5 diff --git a/requirements.txt b/requirements.txt index 7bb34b388..ae4eae030 100644 --- a/requirements.txt +++ b/requirements.txt @@ -61,7 +61,7 @@ flask==1.1.2 # flask-wtf # gds-metrics # notifications-utils -flask-login==0.6.0 +flask-login==0.6.1 # via -r requirements.in flask-redis==0.4.0 # via notifications-utils @@ -91,7 +91,7 @@ itsdangerous==1.1.0 # flask # flask-wtf # notifications-utils -jinja2==3.0.2 +jinja2==3.1.2 # via # -r requirements.in # flask @@ -158,7 +158,7 @@ pyparsing==2.4.7 # via packaging pypdf2==1.27.9 # via notifications-utils -pyproj==3.3.0 +pyproj==3.3.1 # via # -r requirements.in # notifications-utils @@ -213,7 +213,7 @@ urllib3==1.26.5 # requests webencodings==0.5.1 # via bleach -werkzeug==2.0.2 +werkzeug==2.1.2 # via # -r requirements.in # flask From 75a57568b670fada7009080fe132657b53d2d410 Mon Sep 17 00:00:00 2001 From: Chris Hill-Scott Date: Thu, 5 May 2022 14:01:36 +0100 Subject: [PATCH 2/3] Pin Jinja to below 3.1.x MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We can’t upgrade to Jinja 3.1.0 because the `escape` module has been moved to the `markupsafe` library. The old version of Flask we are using tries to import `escape` from `jinja2`, causing an error. See https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-0 --- requirements.in | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.in b/requirements.in index 6a86da0aa..ba1f753b2 100644 --- a/requirements.in +++ b/requirements.in @@ -9,7 +9,7 @@ Flask-WTF==1.0.1 wtforms==3.0.1 Flask-Login==0.6.1 werkzeug==2.1.2 -jinja2==3.1.2 +jinja2==3.0.3 # Can’t be upgraded until we are using Flask >= 2 blinker==1.4 pyexcel==0.7.0 diff --git a/requirements.txt b/requirements.txt index ae4eae030..bc632b6f9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -91,7 +91,7 @@ itsdangerous==1.1.0 # flask # flask-wtf # notifications-utils -jinja2==3.1.2 +jinja2==3.0.3 # via # -r requirements.in # flask From 6f95e4e0ca4d44f44f16ecf2f7cfd0a4e49ca66c Mon Sep 17 00:00:00 2001 From: Chris Hill-Scott Date: Thu, 5 May 2022 14:08:11 +0100 Subject: [PATCH 3/3] Pin Werkzeug to below 2.1.x MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We can’t upgrade to Werkzeug 2.1.0 because the `BaseResponse` class has been renamed. The old version of Flask we are using tries to import `BaseResponse` causing an error. See https://github.com/pallets/werkzeug/issues/1963 --- requirements.in | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.in b/requirements.in index ba1f753b2..15596e3df 100644 --- a/requirements.in +++ b/requirements.in @@ -8,7 +8,7 @@ Flask==1.1.2 # pyup: <2 Flask-WTF==1.0.1 wtforms==3.0.1 Flask-Login==0.6.1 -werkzeug==2.1.2 +werkzeug==2.0.3 # Can’t be upgraded until we are using Flask >= 2 jinja2==3.0.3 # Can’t be upgraded until we are using Flask >= 2 blinker==1.4 diff --git a/requirements.txt b/requirements.txt index bc632b6f9..028e1af5f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -213,7 +213,7 @@ urllib3==1.26.5 # requests webencodings==0.5.1 # via bleach -werkzeug==2.1.2 +werkzeug==2.0.3 # via # -r requirements.in # flask