darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-27 02:41:23 -05:00
Code Issues Packages Projects Releases Wiki Activity
12,913 Commits 126 Branches 60 Tags
c8eae375f472caed37255b68ae79bf6f1d1e6a9c
Commit Graph

12913 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
alexjanousekGSA
c8eae375f4 Fixed scan errors 2025-06-02 10:44:42 -04:00
Carlo Costino
07195ba145 Merge branch 'main' into update-marshmallow-deps 2025-06-02 10:19:17 -04:00
ccostino
6d8e2221d0 Merge pull request #1748 from GSA/fix-daily-checks 
Update daily checks to match PR checks
 2025-06-02 09:52:15 -04:00
Carlo Costino
8af59b1c55 Update daily checks to match PR checks 
This changeset adds the same additional steps needed in our PR checks to make sure the daily checks work properly with the recent Poetry update.  It also updates our PR checks to use the latest pip-audit GitHub action.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-06-02 09:23:02 -04:00
alexjanousekGSA
baa8cc4bfa All tests should pass now 2025-05-31 08:56:24 -04:00
Beverly Nguyen
abdaa74d0b Merge pull request #1747 from GSA/remove-python-vuln-ignore-again 
Remove extra vulnerability from our ignore list
 2025-05-30 14:21:57 -07:00
alexjanousekGSA
a431ccfb73 Fixed more unit tests 2025-05-30 16:42:52 -04:00
Carlo Costino
cf4deb083b Remove extra vulnerability from our ignore list 
This changeset fixes an oversight where a vulnerability got added back to our ignore list.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-05-30 16:28:03 -04:00
alexjanousekGSA
aa445f5f40 Fixed more tests 2025-05-30 16:23:47 -04:00
ccostino
cbe50a1aa7 Merge pull request #1744 from GSA/add-detect-secrets-docs 
Add detect-secrets documentation
5-30-2025 		2025-05-30 11:50:14 -04:00
Carlo Costino
0a28b33e99 Add detect-secrets documentation 
This changeset adds documentation to help our team manage our secrets detection with the detect-secrets pre-commit plugin.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-05-30 11:39:07 -04:00
ccostino
c301513caf Merge pull request #1738 from GSA/poetry 
upgrade poetry
 2025-05-30 10:55:47 -04:00
Kenneth Kehl
e5484f0723 Update Makefile 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
 2025-05-29 11:14:29 -07:00
Kenneth Kehl
222e258e34 Update Makefile 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
 2025-05-29 11:14:00 -07:00
Kenneth Kehl
d40ab17770 Update Makefile 
Co-authored-by: ccostino <ccostino@users.noreply.github.com>
 2025-05-29 11:13:36 -07:00
Kenneth Kehl
3b5f11932f ugh secrets 2025-05-29 10:15:58 -07:00
Kenneth Kehl
c2ed11d28e add comments about poetry upgrade 2025-05-29 08:48:00 -07:00
Kenneth Kehl
59af82b0a4 merge from main 2025-05-29 08:05:46 -07:00
Alex Janousek
062683ada6 Merge pull request #1742 from GSA/dependabot/pip/phonenumbers-9.0.6 
Bump phonenumbers from 9.0.5 to 9.0.6
 2025-05-29 09:19:29 -04:00
dependabot[bot]
47a3c6dc91 Bump phonenumbers from 9.0.5 to 9.0.6 
Bumps [phonenumbers](https://github.com/daviddrysdale/python-phonenumbers) from 9.0.5 to 9.0.6.
- [Commits](https://github.com/daviddrysdale/python-phonenumbers/compare/v9.0.5...v9.0.6)

---
updated-dependencies:
- dependency-name: phonenumbers
  dependency-version: 9.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-29 13:12:28 +00:00
Beverly Nguyen
500dc80557 Merge pull request #1743 from GSA/ignore-redis-false-report 
Updated pip-audit ignore-vulns
 2025-05-28 17:32:24 -07:00
Carlo Costino
55e24a611a Updated pip-audit ignore-vulns 
This changeset updates the PYSEC notices to ignore to due versions that either cannot be fixed or are false positives.  Specifically, this changeset removes previously ignored vulnerability reports and adds PYSEC-2023-312 to the list because it is a false positive and refers to Redis itself, not the Python Redis client (see https://github.com/pypa/advisory-database/issues/237 for details).

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
 2025-05-28 17:43:50 -04:00
alexjanousekGSA
7c1f3f2c3a More fixed tests 2025-05-28 14:01:55 -04:00
alexjanousekGSA
8feced8d7f Fixed more tests, 48 left 2025-05-28 13:47:35 -04:00
Kenneth Kehl
1287be143c filter requirements text 2025-05-28 08:57:49 -07:00
Kenneth Kehl
976027d52f filter requirements text 2025-05-28 08:54:59 -07:00
Kenneth Kehl
bf9f01e526 filter requirements text 2025-05-28 08:40:17 -07:00
Kenneth Kehl
ca5b0b2230 filter requirements text 2025-05-28 08:33:55 -07:00
Kenneth Kehl
3c02ad92bb filter requirements text 2025-05-28 08:29:31 -07:00
Kenneth Kehl
87d29de41d filter requirements text 2025-05-28 08:16:38 -07:00
Kenneth Kehl
f620a886b0 oops 2025-05-28 08:10:28 -07:00
Kenneth Kehl
9c68deb337 revert to pinned oscrypto 2025-05-28 08:03:43 -07:00
Kenneth Kehl
b976b395c6 try oscrypto 1.3.0 2025-05-28 07:55:50 -07:00
Kenneth Kehl
96bb7f24d0 try oscrypto 1.3.0 2025-05-28 07:44:50 -07:00
Kenneth Kehl
d526e0a54c use skip-editable for pip-audit to work around dependencies that are pinned to revisions 2025-05-28 07:35:47 -07:00
Kenneth Kehl
f0739b5fcf try setting package-mode to false 2025-05-28 07:11:15 -07:00
alexjanousekGSA
f0fefbef21 Fixed another 30 tests 2025-05-27 19:40:26 -04:00
Alex Janousek
c924cff4d2 Merge pull request #1739 from GSA/dependabot/pip/cryptography-45.0.3 
Bump cryptography from 45.0.2 to 45.0.3
 2025-05-27 18:34:19 -04:00
dependabot[bot]
cf70242482 Bump cryptography from 45.0.2 to 45.0.3 
Bumps [cryptography](https://github.com/pyca/cryptography) from 45.0.2 to 45.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/45.0.2...45.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 22:27:19 +00:00
Alex Janousek
903587ed27 Merge pull request #1740 from GSA/dependabot/pip/setuptools-80.9.0 
Bump setuptools from 80.8.0 to 80.9.0
 2025-05-27 18:25:07 -04:00
dependabot[bot]
e98fb4913f Bump setuptools from 80.8.0 to 80.9.0 
Bumps [setuptools](https://github.com/pypa/setuptools) from 80.8.0 to 80.9.0.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v80.8.0...v80.9.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-version: 80.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 22:18:27 +00:00
Alex Janousek
da629baef0 Merge pull request #1741 from GSA/dependabot/pip/freezegun-1.5.2 
Bump freezegun from 1.5.1 to 1.5.2
 2025-05-27 18:16:19 -04:00
dependabot[bot]
4e7a0893ff Bump freezegun from 1.5.1 to 1.5.2 
Bumps [freezegun](https://github.com/spulec/freezegun) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/spulec/freezegun/releases)
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG)
- [Commits](https://github.com/spulec/freezegun/compare/1.5.1...1.5.2)

---
updated-dependencies:
- dependency-name: freezegun
  dependency-version: 1.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 21:46:36 +00:00
Kenneth Kehl
3a9db4f3a7 fix makefile 2025-05-27 14:40:06 -07:00
Kenneth Kehl
ebbb894245 upgrade poetry 2025-05-27 14:24:42 -07:00
Kenneth Kehl
22a0d9e287 upgrade poetry 2025-05-27 14:14:44 -07:00
ccostino
04a50c8825 Merge pull request #1732 from GSA/update-register_socket_handlers 
Socket.IO 400 errors
 2025-05-27 14:23:57 -04:00
Alex Janousek
119914a3f7 Merge pull request #1735 from GSA/dependabot/pip/pytest-xdist-3.7.0 
Bump pytest-xdist from 3.6.1 to 3.7.0
 2025-05-27 14:07:55 -04:00
dependabot[bot]
3e1a7df375 Bump pytest-xdist from 3.6.1 to 3.7.0 
Bumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 3.6.1 to 3.7.0.
- [Release notes](https://github.com/pytest-dev/pytest-xdist/releases)
- [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest-xdist/compare/v3.6.1...v3.7.0)

---
updated-dependencies:
- dependency-name: pytest-xdist
  dependency-version: 3.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 18:00:08 +00:00
Alex Janousek
7168d50f38 Merge pull request #1731 from GSA/dependabot/pip/cachetools-6.0.0 
Bump cachetools from 5.4.0 to 6.0.0
 2025-05-27 13:58:01 -04:00