From f58221b0c09fe4ac4eafe036a89d014dd18515a7 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Wed, 14 Apr 2021 14:00:02 +0100 Subject: [PATCH 1/6] Update eventlet from 0.30.1 to 0.30.2 --- requirements-app.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-app.txt b/requirements-app.txt index d41ceab62..3d88a87da 100644 --- a/requirements-app.txt +++ b/requirements-app.txt @@ -10,7 +10,7 @@ Flask-Migrate==2.7.0 git+https://github.com/mitsuhiko/flask-sqlalchemy.git@500e732dd1b975a56ab06a46bd1a20a21e682262#egg=Flask-SQLAlchemy==2.3.2.dev20190108 Flask==1.1.2 click-datetime==0.2 -eventlet==0.30.1 +eventlet==0.30.2 gunicorn==20.0.4 iso8601==0.1.14 itsdangerous==1.1.0 From 29c89ee03a7b790dd3de8975dea170aec7c79a45 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Wed, 14 Apr 2021 14:00:03 +0100 Subject: [PATCH 2/6] Update gunicorn from 20.0.4 to 20.1.0 --- requirements-app.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-app.txt b/requirements-app.txt index 3d88a87da..52c436eaf 100644 --- a/requirements-app.txt +++ b/requirements-app.txt @@ -11,7 +11,7 @@ git+https://github.com/mitsuhiko/flask-sqlalchemy.git@500e732dd1b975a56ab06a46bd Flask==1.1.2 click-datetime==0.2 eventlet==0.30.2 -gunicorn==20.0.4 +gunicorn==20.1.0 iso8601==0.1.14 itsdangerous==1.1.0 jsonschema==3.2.0 From 49434981071a154625219820e55533cc5ae5faf2 Mon Sep 17 00:00:00 2001 From: pyup-bot Date: Wed, 14 Apr 2021 14:00:04 +0100 Subject: [PATCH 3/6] Update prometheus-client from 0.9.0 to 0.10.1 --- requirements-app.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-app.txt b/requirements-app.txt index 52c436eaf..2cde020ae 100644 --- a/requirements-app.txt +++ b/requirements-app.txt @@ -37,5 +37,5 @@ awscli-cwlogs==1.4.6 git+https://github.com/alphagov/notifications-utils.git@44.1.0#egg=notifications-utils==44.1.0 # gds-metrics requires prometheseus 0.2.0, override that requirement as 0.7.1 brings significant performance gains -prometheus-client==0.9.0 +prometheus-client==0.10.1 gds-metrics==0.2.4 From 1439f1b52858851a4e3510178178b9b77d63755a Mon Sep 17 00:00:00 2001 From: Katie Smith Date: Mon, 19 Apr 2021 11:36:04 +0100 Subject: [PATCH 4/6] Freeze requirements --- requirements.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/requirements.txt b/requirements.txt index 4bc58e08c..c429ad7d1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -12,8 +12,8 @@ Flask-Migrate==2.7.0 git+https://github.com/mitsuhiko/flask-sqlalchemy.git@500e732dd1b975a56ab06a46bd1a20a21e682262#egg=Flask-SQLAlchemy==2.3.2.dev20190108 Flask==1.1.2 click-datetime==0.2 -eventlet==0.30.1 -gunicorn==20.0.4 +eventlet==0.30.2 +gunicorn==20.1.0 iso8601==0.1.14 itsdangerous==1.1.0 jsonschema==3.2.0 @@ -39,7 +39,7 @@ awscli-cwlogs==1.4.6 git+https://github.com/alphagov/notifications-utils.git@44.1.0#egg=notifications-utils==44.1.0 # gds-metrics requires prometheseus 0.2.0, override that requirement as 0.7.1 brings significant performance gains -prometheus-client==0.9.0 +prometheus-client==0.10.1 gds-metrics==0.2.4 ## The following requirements were added by pip freeze: @@ -47,14 +47,14 @@ alembic==1.5.8 amqp==1.4.9 anyjson==0.3.3 attrs==20.3.0 -awscli==1.19.39 +awscli==1.19.53 bcrypt==3.2.0 billiard==3.3.0.23 bleach==3.3.0 blinker==1.4 boto==2.49.0 -boto3==1.17.39 -botocore==1.20.39 +boto3==1.17.53 +botocore==1.20.53 certifi==2020.12.5 chardet==4.0.0 click==7.1.2 @@ -74,7 +74,7 @@ MarkupSafe==1.1.1 mistune==0.8.4 orderedset==2.0.3 packaging==20.9 -phonenumbers==8.12.20 +phonenumbers==8.12.21 pyasn1==0.4.8 pycparser==2.20 pyparsing==2.4.7 @@ -87,8 +87,8 @@ pytz==2021.1 PyYAML==5.4.1 redis==3.5.3 requests==2.25.1 -rsa==4.5 -s3transfer==0.3.6 +rsa==4.7.2 +s3transfer==0.3.7 Shapely==1.7.1 six==1.15.0 smartypants==2.0.1 From 6287b407320543317a508c070c299b7f8070359c Mon Sep 17 00:00:00 2001 From: Katie Smith Date: Mon, 19 Apr 2021 11:52:58 +0100 Subject: [PATCH 5/6] Stop pyup upgrading Cryptography We'd specified that the version should be less than 3.4 previously, but needed to also tell pyup not to change that. --- requirements-app.txt | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-app.txt b/requirements-app.txt index 2cde020ae..929b90cac 100644 --- a/requirements-app.txt +++ b/requirements-app.txt @@ -27,7 +27,7 @@ beautifulsoup4==4.9.3 lxml==4.6.3 # higher version causes build to fail on PaaS due to lack of Rust # see https://github.com/pyca/cryptography/issues/5810 -cryptography<3.4 +cryptography<3.4 # pyup: <3.4 notifications-python-client==6.0.2 diff --git a/requirements.txt b/requirements.txt index c429ad7d1..e42ef8ce5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -29,7 +29,7 @@ beautifulsoup4==4.9.3 lxml==4.6.3 # higher version causes build to fail on PaaS due to lack of Rust # see https://github.com/pyca/cryptography/issues/5810 -cryptography<3.4 +cryptography<3.4 # pyup: <3.4 notifications-python-client==6.0.2 From 1f301fd0f1932902a8e856c3f312f6ed484d0f01 Mon Sep 17 00:00:00 2001 From: Katie Smith Date: Mon, 19 Apr 2021 11:56:02 +0100 Subject: [PATCH 6/6] Pin marshmallow-sqlalchemy below v0.24.0 This was pinned to `<0.24.1` not `<0.24.0` by mistake, which meant pyup was trying to upgrade from version `0.23.1`. --- requirements-app.txt | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-app.txt b/requirements-app.txt index 929b90cac..a3cd69af9 100644 --- a/requirements-app.txt +++ b/requirements-app.txt @@ -15,7 +15,7 @@ gunicorn==20.1.0 iso8601==0.1.14 itsdangerous==1.1.0 jsonschema==3.2.0 -marshmallow-sqlalchemy==0.23.1 # pyup: <0.24.1 # marshmallow v3 throws errors +marshmallow-sqlalchemy==0.23.1 # pyup: <0.24.0 # marshmallow v3 throws errors marshmallow==2.21.0 # pyup: <3 # v3 throws errors psycopg2-binary==2.8.6 PyJWT==2.0.1 diff --git a/requirements.txt b/requirements.txt index e42ef8ce5..42f1bf29e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -17,7 +17,7 @@ gunicorn==20.1.0 iso8601==0.1.14 itsdangerous==1.1.0 jsonschema==3.2.0 -marshmallow-sqlalchemy==0.23.1 # pyup: <0.24.1 # marshmallow v3 throws errors +marshmallow-sqlalchemy==0.23.1 # pyup: <0.24.0 # marshmallow v3 throws errors marshmallow==2.21.0 # pyup: <3 # v3 throws errors psycopg2-binary==2.8.6 PyJWT==2.0.1