From dee50eacffa9e271d41adbfd637579e65a860ba2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 21:52:45 +0000 Subject: [PATCH 1/4] Bump moto from 5.0.5 to 5.0.6 Bumps [moto](https://github.com/getmoto/moto) from 5.0.5 to 5.0.6. - [Release notes](https://github.com/getmoto/moto/releases) - [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md) - [Commits](https://github.com/getmoto/moto/compare/5.0.5...5.0.6) --- updated-dependencies: - dependency-name: moto dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- poetry.lock | 8 ++++---- pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index 18da04fa2..6a4c4f10e 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2381,13 +2381,13 @@ files = [ [[package]] name = "moto" -version = "5.0.5" +version = "5.0.6" description = "" optional = false python-versions = ">=3.8" files = [ - {file = "moto-5.0.5-py2.py3-none-any.whl", hash = "sha256:4ecdd4084491a2f25f7a7925416dcf07eee0031ce724957439a32ef764b22874"}, - {file = "moto-5.0.5.tar.gz", hash = "sha256:2eaca2df7758f6868df420bf0725cd0b93d98709606f1fb8b2343b5bdc822d91"}, + {file = "moto-5.0.6-py2.py3-none-any.whl", hash = "sha256:ca1e22831a741733b581ff2ef4d6ae2e1c6db1eab97af1b78b86ca2c6e88c609"}, + {file = "moto-5.0.6.tar.gz", hash = "sha256:ad8b23f2b555ad694da8b2432a42b6d96beaaf67a4e7d932196a72193a2eee2c"}, ] [package.dependencies] @@ -4798,4 +4798,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "7fc5c245fed278c8ee32c21513a3c80f5cef785b3708ec6d7f2182a2ed99b30c" +content-hash = "a5a93389b007f1729a19ef02acee2f4c172c9af0accd1ac403ee591dcfe959ac" diff --git a/pyproject.toml b/pyproject.toml index 3d3f91427..2ae839f4a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -64,7 +64,7 @@ freezegun = "^1.4.0" honcho = "*" isort = "^5.13.2" jinja2-cli = {version = "==0.8.2", extras = ["yaml"]} -moto = "==5.0.5" +moto = "==5.0.6" pip-audit = "*" pre-commit = "^3.6.0" pytest = "^8.1.1" From 6f6b74e26e119ebce01078ffa20ba3539d2d2319 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 21:54:33 +0000 Subject: [PATCH 2/4] Bump pip-audit from 2.7.2 to 2.7.3 Bumps [pip-audit](https://github.com/pypa/pip-audit) from 2.7.2 to 2.7.3. - [Release notes](https://github.com/pypa/pip-audit/releases) - [Changelog](https://github.com/pypa/pip-audit/blob/main/CHANGELOG.md) - [Commits](https://github.com/pypa/pip-audit/compare/v2.7.2...v2.7.3) --- updated-dependencies: - dependency-name: pip-audit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- poetry.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index 18da04fa2..3c1b953c0 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2913,18 +2913,18 @@ pip = "*" [[package]] name = "pip-audit" -version = "2.7.2" +version = "2.7.3" description = "A tool for scanning Python environments for known vulnerabilities" optional = false python-versions = ">=3.8" files = [ - {file = "pip_audit-2.7.2-py3-none-any.whl", hash = "sha256:49907430115baacb8bb7ffc1a2b689acfeac9d8534a43bffad3c73f8d8b32d52"}, - {file = "pip_audit-2.7.2.tar.gz", hash = "sha256:a12905e42dd452f43a2dbf895606d59c35348deed27b8cbaff8516423576fdfb"}, + {file = "pip_audit-2.7.3-py3-none-any.whl", hash = "sha256:46a11faee3323f76adf7987de8171daeb660e8f57d8088cc27fb1c1e5c7747b0"}, + {file = "pip_audit-2.7.3.tar.gz", hash = "sha256:08891bbf179bffe478521f150818112bae998424f58bf9285c0078965aef38bc"}, ] [package.dependencies] CacheControl = {version = ">=0.13.0", extras = ["filecache"]} -cyclonedx-python-lib = ">=5,<7" +cyclonedx-python-lib = ">=5,<8" html5lib = ">=1.1" packaging = ">=23.0.0" pip-api = ">=0.0.28" @@ -2936,7 +2936,7 @@ toml = ">=0.10" [package.extras] dev = ["build", "bump (>=1.3.2)", "pip-audit[doc,lint,test]"] doc = ["pdoc"] -lint = ["interrogate", "mypy", "ruff (<0.2.3)", "types-html5lib", "types-requests", "types-toml"] +lint = ["interrogate", "mypy", "ruff (<0.4.3)", "setuptools", "types-html5lib", "types-requests", "types-toml"] test = ["coverage[toml] (>=7.0,!=7.3.3,<8.0)", "pretend", "pytest", "pytest-cov"] [[package]] From fa07e32c5bf0c17c8503705acd70e37b7a2dbd5b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 May 2024 13:55:53 +0000 Subject: [PATCH 3/4] Bump botocore from 1.34.94 to 1.34.99 Bumps [botocore](https://github.com/boto/botocore) from 1.34.94 to 1.34.99. - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/botocore/compare/1.34.94...1.34.99) --- updated-dependencies: - dependency-name: botocore dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- poetry.lock | 16 ++++++++-------- pyproject.toml | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/poetry.lock b/poetry.lock index 300dee938..79de506ea 100644 --- a/poetry.lock +++ b/poetry.lock @@ -204,17 +204,17 @@ tests-no-zope = ["attrs[tests-mypy]", "cloudpickle", "hypothesis", "pympler", "p [[package]] name = "awscli" -version = "1.32.94" +version = "1.32.99" description = "Universal Command Line Environment for AWS." optional = false python-versions = ">=3.8" files = [ - {file = "awscli-1.32.94-py3-none-any.whl", hash = "sha256:8d2311c491c42ca7ef5fa1dd6f623e2749372da76f99355612f0812bfa8bae47"}, - {file = "awscli-1.32.94.tar.gz", hash = "sha256:ffb9e2169c96fe4cf84b45b0743512da821011714b42cf51b0473d6d1c67ab2e"}, + {file = "awscli-1.32.99-py3-none-any.whl", hash = "sha256:23cf12da832472cd979efb12f86a4455e4366f6065a40ff9c821a351bdf7f09e"}, + {file = "awscli-1.32.99.tar.gz", hash = "sha256:4ff59f69c5faf1d469905e259296c65a858dd564f8e8fa5a8f502b213d8b438e"}, ] [package.dependencies] -botocore = "1.34.94" +botocore = "1.34.99" colorama = ">=0.2.5,<0.4.7" docutils = ">=0.10,<0.17" PyYAML = ">=3.10,<6.1" @@ -422,13 +422,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"] [[package]] name = "botocore" -version = "1.34.94" +version = "1.34.99" description = "Low-level, data-driven core of boto 3." optional = false python-versions = ">=3.8" files = [ - {file = "botocore-1.34.94-py3-none-any.whl", hash = "sha256:f00a79002e0cb9d6895ecd0919c506402850177d7b6c4d2634fa2da362d95bcb"}, - {file = "botocore-1.34.94.tar.gz", hash = "sha256:99b11be9a28f9051af4c96fa121e9c3f22a86d499abd773c9e868b2a38961bae"}, + {file = "botocore-1.34.99-py3-none-any.whl", hash = "sha256:18c68bdeb0ffb73290912b0c96204fc36d3128f00a00b5cdc35ac34d66225f1c"}, + {file = "botocore-1.34.99.tar.gz", hash = "sha256:cafe569e2136cb33cb0e5dd32fb1c0e1503ddc1413d3be215df8ddf05e69137a"}, ] [package.dependencies] @@ -4798,4 +4798,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "a5a93389b007f1729a19ef02acee2f4c172c9af0accd1ac403ee591dcfe959ac" +content-hash = "07ad288006c415313237bbb98f5c3807db310548d846ac38e6d0cdc657854966" diff --git a/pyproject.toml b/pyproject.toml index 2ae839f4a..22066eacd 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -12,7 +12,7 @@ alembic = "==1.13.1" amqp = "==5.2.0" beautifulsoup4 = "==4.12.3" boto3 = "^1.29.6" -botocore = "^1.32.6" +botocore = "^1.34.99" cachetools = "==5.3.3" celery = {version = "==5.3.6", extras = ["redis"]} certifi = ">=2022.12.7" From 5cd76eacdb28f3bb5286a6c91bd64ef76c187099 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 May 2024 14:24:33 +0000 Subject: [PATCH 4/4] Bump packaging from 23.2 to 24.0 Bumps [packaging](https://github.com/pypa/packaging) from 23.2 to 24.0. - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/packaging/compare/23.2...24.0) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- poetry.lock | 8 ++++---- pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index 79de506ea..9a35c544c 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2830,13 +2830,13 @@ test = ["pytest"] [[package]] name = "packaging" -version = "23.2" +version = "24.0" description = "Core utilities for Python packages" optional = false python-versions = ">=3.7" files = [ - {file = "packaging-23.2-py3-none-any.whl", hash = "sha256:8c491190033a9af7e1d931d0b5dacc2ef47509b34dd0de67ed209b5203fc88c7"}, - {file = "packaging-23.2.tar.gz", hash = "sha256:048fb0e9405036518eaaf48a55953c750c11e1a1b68e0dd1a9d62ed0c092cfc5"}, + {file = "packaging-24.0-py3-none-any.whl", hash = "sha256:2ddfb553fdf02fb784c234c7ba6ccc288296ceabec964ad2eae3777778130bc5"}, + {file = "packaging-24.0.tar.gz", hash = "sha256:eb82c5e3e56209074766e6885bb04b8c38a0c015d0a30036ebe7ece34c9989e9"}, ] [[package]] @@ -4798,4 +4798,4 @@ multidict = ">=4.0" [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "07ad288006c415313237bbb98f5c3807db310548d846ac38e6d0cdc657854966" +content-hash = "d265214d3aa74c944fea448ad0d362ebaa2a659f36aa2f8ab541ed045f1f6e97" diff --git a/pyproject.toml b/pyproject.toml index 22066eacd..5225d9eac 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -42,7 +42,7 @@ newrelic = "*" notifications-python-client = "==9.0.0" notifications-utils = {git = "https://github.com/GSA/notifications-utils.git"} oscrypto = "==1.3.0" -packaging = "==23.2" +packaging = "==24.0" poetry-dotenv-plugin = "==0.2.0" psycopg2-binary = "==2.9.9" pyjwt = "==2.8.0"