This changeset adds the awscli tools as a development dependency so that we are able to manage local connectivity to AWS resources when needed. It is also needed to help with deploying the project to the sandbox environment and/or updating the Terraform to manage the infrastructure.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates the Python cryptography package to the latest release to address a pip-audit finding.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates several Python dependencies that Dependabot has flagged for updating. This includes a major version bump of notifications-python-client, which is mostly just formatted string updates that should not have any adverse effects for us.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates several Python dependencies that Dependabot has flagged.
It also ignores a pip-audit report of idna, which incorrectly flagged the version we are on as having been affected by PYSEC-2024-60; this was fixed in version 3.7 of idna, which we are currently using. We will update the action again once the audit flag is corrected and/or another fix version is released (if needed).
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates several Python dependencies that Dependabot had flagged for updating. It includes a few others that we are getting ahead of, as well.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
The npm install line needs to be run within the context of the nvm-managed Node.js and should happen after that environment is initialized but before the build step. This also adds a couple more Python dependency updates that Dependabot flagged as well.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates Python dependencies that Dependabot has flagged in addition to several others that were due for updates. It also reformats a test file via black.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates a couple of dependencies flagged by Dependabot and fixes an end-to-end test that needed to be updated with the one-off send filename changes.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates several Python dependencies that Dependabot flagged for updates due to end-to-end tests still failing in Dependabot PRs.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates a few Python dependencies the week of May 28th to help keep our project up-to-date.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
The merging of notifications_utils to this repo does not deploy because of missing dependencies. This changeset adds them back in directly.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset pulls in all of the notification_utils code directly into the admin and removes it as an external dependency. We are doing this to cut down on operational maintenance of the project and will begin removing parts of it no longer needed for the admin.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates several dependencies flagged by Dependabot that we cannot merge directly due to the E2E test issue.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates a few dependencies that Dependabot flagged for updates. We cannot merge the Dependabot PRs at the moment due to E2E test compatability issues.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates the exceptiongroup and newrelic packages due to the Dependabot E2E test failures
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This changeset updates the gunicorn dependency to the latest release to address a recent CVE. It also updates the its-dangerous package.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
