darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-01-05 02:03:33 -05:00
Code Issues Packages Projects Releases Wiki Activity
12,888 Commits 127 Branches 60 Tags
bcd33e7af87f33c7beb84197d35635c763afc606
Commit Graph

12888 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ccostino
bcd33e7af8 Merge pull request #1751 from GSA/dependabot/pip/pytest-8.4.0 
Bump pytest from 8.3.5 to 8.4.0
 2025-06-03 10:47:27 -04:00
dependabot[bot]
64535abb7c Bump pytest from 8.3.5 to 8.4.0 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.5 to 8.4.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/8.3.5...8.4.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 8.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-03 12:56:28 +00:00
ccostino
25ee386155 Merge pull request #1750 from GSA/dependabot/pip/celery-5.5.3 
Bump celery from 5.5.2 to 5.5.3
 2025-06-03 08:54:17 -04:00
dependabot[bot]
e15a49ba18 Bump celery from 5.5.2 to 5.5.3 
Bumps [celery](https://github.com/celery/celery) from 5.5.2 to 5.5.3.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.5.2...v5.5.3)

---
updated-dependencies:
- dependency-name: celery
  dependency-version: 5.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-02 21:49:47 +00:00
ccostino
6d8e2221d0 Merge pull request #1748 from GSA/fix-daily-checks 
Update daily checks to match PR checks
 2025-06-02 09:52:15 -04:00
Carlo Costino
8af59b1c55 Update daily checks to match PR checks 
This changeset adds the same additional steps needed in our PR checks to make sure the daily checks work properly with the recent Poetry update.  It also updates our PR checks to use the latest pip-audit GitHub action.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-06-02 09:23:02 -04:00
Beverly Nguyen
abdaa74d0b Merge pull request #1747 from GSA/remove-python-vuln-ignore-again 
Remove extra vulnerability from our ignore list
 2025-05-30 14:21:57 -07:00
Carlo Costino
cf4deb083b Remove extra vulnerability from our ignore list 
This changeset fixes an oversight where a vulnerability got added back to our ignore list.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-05-30 16:28:03 -04:00
ccostino
cbe50a1aa7 Merge pull request #1744 from GSA/add-detect-secrets-docs 
Add detect-secrets documentation
5-30-2025 		2025-05-30 11:50:14 -04:00
Carlo Costino
0a28b33e99 Add detect-secrets documentation 
This changeset adds documentation to help our team manage our secrets detection with the detect-secrets pre-commit plugin.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-05-30 11:39:07 -04:00
ccostino
c301513caf Merge pull request #1738 from GSA/poetry 
upgrade poetry
 2025-05-30 10:55:47 -04:00
Kenneth Kehl
e5484f0723 Update Makefile 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
 2025-05-29 11:14:29 -07:00
Kenneth Kehl
222e258e34 Update Makefile 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
 2025-05-29 11:14:00 -07:00
Kenneth Kehl
d40ab17770 Update Makefile 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
 2025-05-29 11:13:36 -07:00
Kenneth Kehl
3b5f11932f ugh secrets 2025-05-29 10:15:58 -07:00
Kenneth Kehl
c2ed11d28e add comments about poetry upgrade 2025-05-29 08:48:00 -07:00
Kenneth Kehl
59af82b0a4 merge from main 2025-05-29 08:05:46 -07:00
Alex Janousek
062683ada6 Merge pull request #1742 from GSA/dependabot/pip/phonenumbers-9.0.6 
Bump phonenumbers from 9.0.5 to 9.0.6
 2025-05-29 09:19:29 -04:00
dependabot[bot]
47a3c6dc91 Bump phonenumbers from 9.0.5 to 9.0.6 
Bumps [phonenumbers](https://github.com/daviddrysdale/python-phonenumbers) from 9.0.5 to 9.0.6.
- [Commits](https://github.com/daviddrysdale/python-phonenumbers/compare/v9.0.5...v9.0.6)

---
updated-dependencies:
- dependency-name: phonenumbers
  dependency-version: 9.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-29 13:12:28 +00:00
Beverly Nguyen
500dc80557 Merge pull request #1743 from GSA/ignore-redis-false-report 
Updated pip-audit ignore-vulns
 2025-05-28 17:32:24 -07:00
Carlo Costino
55e24a611a Updated pip-audit ignore-vulns 
This changeset updates the PYSEC notices to ignore to due versions that either cannot be fixed or are false positives.  Specifically, this changeset removes previously ignored vulnerability reports and adds PYSEC-2023-312 to the list because it is a false positive and refers to Redis itself, not the Python Redis client (see https://github.com/pypa/advisory-database/issues/237 for details).

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-05-28 17:43:50 -04:00
Kenneth Kehl
1287be143c filter requirements text 2025-05-28 08:57:49 -07:00
Kenneth Kehl
976027d52f filter requirements text 2025-05-28 08:54:59 -07:00
Kenneth Kehl
bf9f01e526 filter requirements text 2025-05-28 08:40:17 -07:00
Kenneth Kehl
ca5b0b2230 filter requirements text 2025-05-28 08:33:55 -07:00
Kenneth Kehl
3c02ad92bb filter requirements text 2025-05-28 08:29:31 -07:00
Kenneth Kehl
87d29de41d filter requirements text 2025-05-28 08:16:38 -07:00
Kenneth Kehl
f620a886b0 oops 2025-05-28 08:10:28 -07:00
Kenneth Kehl
9c68deb337 revert to pinned oscrypto 2025-05-28 08:03:43 -07:00
Kenneth Kehl
b976b395c6 try oscrypto 1.3.0 2025-05-28 07:55:50 -07:00
Kenneth Kehl
96bb7f24d0 try oscrypto 1.3.0 2025-05-28 07:44:50 -07:00
Kenneth Kehl
d526e0a54c use skip-editable for pip-audit to work around dependencies that are pinned to revisions 2025-05-28 07:35:47 -07:00
Kenneth Kehl
f0739b5fcf try setting package-mode to false 2025-05-28 07:11:15 -07:00
Alex Janousek
c924cff4d2 Merge pull request #1739 from GSA/dependabot/pip/cryptography-45.0.3 
Bump cryptography from 45.0.2 to 45.0.3
 2025-05-27 18:34:19 -04:00
dependabot[bot]
cf70242482 Bump cryptography from 45.0.2 to 45.0.3 
Bumps [cryptography](https://github.com/pyca/cryptography) from 45.0.2 to 45.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/45.0.2...45.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 22:27:19 +00:00
Alex Janousek
903587ed27 Merge pull request #1740 from GSA/dependabot/pip/setuptools-80.9.0 
Bump setuptools from 80.8.0 to 80.9.0
 2025-05-27 18:25:07 -04:00
dependabot[bot]
e98fb4913f Bump setuptools from 80.8.0 to 80.9.0 
Bumps [setuptools](https://github.com/pypa/setuptools) from 80.8.0 to 80.9.0.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v80.8.0...v80.9.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-version: 80.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 22:18:27 +00:00
Alex Janousek
da629baef0 Merge pull request #1741 from GSA/dependabot/pip/freezegun-1.5.2 
Bump freezegun from 1.5.1 to 1.5.2
 2025-05-27 18:16:19 -04:00
dependabot[bot]
4e7a0893ff Bump freezegun from 1.5.1 to 1.5.2 
Bumps [freezegun](https://github.com/spulec/freezegun) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/spulec/freezegun/releases)
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG)
- [Commits](https://github.com/spulec/freezegun/compare/1.5.1...1.5.2)

---
updated-dependencies:
- dependency-name: freezegun
  dependency-version: 1.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 21:46:36 +00:00
Kenneth Kehl
3a9db4f3a7 fix makefile 2025-05-27 14:40:06 -07:00
Kenneth Kehl
ebbb894245 upgrade poetry 2025-05-27 14:24:42 -07:00
Kenneth Kehl
22a0d9e287 upgrade poetry 2025-05-27 14:14:44 -07:00
ccostino
04a50c8825 Merge pull request #1732 from GSA/update-register_socket_handlers 
Socket.IO 400 errors
 2025-05-27 14:23:57 -04:00
Alex Janousek
119914a3f7 Merge pull request #1735 from GSA/dependabot/pip/pytest-xdist-3.7.0 
Bump pytest-xdist from 3.6.1 to 3.7.0
 2025-05-27 14:07:55 -04:00
dependabot[bot]
3e1a7df375 Bump pytest-xdist from 3.6.1 to 3.7.0 
Bumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 3.6.1 to 3.7.0.
- [Release notes](https://github.com/pytest-dev/pytest-xdist/releases)
- [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest-xdist/compare/v3.6.1...v3.7.0)

---
updated-dependencies:
- dependency-name: pytest-xdist
  dependency-version: 3.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 18:00:08 +00:00
Alex Janousek
7168d50f38 Merge pull request #1731 from GSA/dependabot/pip/cachetools-6.0.0 
Bump cachetools from 5.4.0 to 6.0.0
 2025-05-27 13:58:01 -04:00
dependabot[bot]
d5c0497767 Bump cachetools from 5.4.0 to 6.0.0 
Bumps [cachetools](https://github.com/tkem/cachetools) from 5.4.0 to 6.0.0.
- [Changelog](https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tkem/cachetools/compare/v5.4.0...v6.0.0)

---
updated-dependencies:
- dependency-name: cachetools
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 17:51:16 +00:00
Alex Janousek
cb8e3776a8 Merge pull request #1736 from GSA/dependabot/pip/moto-5.1.5 
Bump moto from 5.1.4 to 5.1.5
 2025-05-27 13:49:08 -04:00
dependabot[bot]
eb4c6a5ff9 Bump moto from 5.1.4 to 5.1.5 
Bumps [moto](https://github.com/getmoto/moto) from 5.1.4 to 5.1.5.
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getmoto/moto/compare/5.1.4...5.1.5)

---
updated-dependencies:
- dependency-name: moto
  dependency-version: 5.1.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 16:47:06 +00:00
ccostino
d20dc03e77 Merge pull request #1733 from GSA/dependabot/pip/pytest-mock-3.14.1 
Bump pytest-mock from 3.14.0 to 3.14.1
 2025-05-27 12:44:50 -04:00