Commit Graph

376 Commits

Author SHA1 Message Date
dependabot[bot]
37691f504e Bump charset-normalizer from 3.4.0 to 3.4.1
Bumps [charset-normalizer](https://github.com/jawah/charset_normalizer) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/jawah/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jawah/charset_normalizer/compare/3.4.0...3.4.1)

---
updated-dependencies:
- dependency-name: charset-normalizer
  dependency-version: 3.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-14 15:20:35 +00:00
dependabot[bot]
9e7f747675 Bump flake8-bugbear from 24.8.19 to 24.12.12
Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 24.8.19 to 24.12.12.
- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases)
- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/24.8.19...24.12.12)

---
updated-dependencies:
- dependency-name: flake8-bugbear
  dependency-version: 24.12.12
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-10 15:55:56 +00:00
dependabot[bot]
7d54322846 Bump flake8 from 7.1.1 to 7.2.0
Bumps [flake8](https://github.com/pycqa/flake8) from 7.1.1 to 7.2.0.
- [Commits](https://github.com/pycqa/flake8/compare/7.1.1...7.2.0)

---
updated-dependencies:
- dependency-name: flake8
  dependency-version: 7.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-09 14:55:34 +00:00
dependabot[bot]
51c0793ffe Bump packaging from 24.1 to 24.2
Bumps [packaging](https://github.com/pypa/packaging) from 24.1 to 24.2.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/24.1...24.2)

---
updated-dependencies:
- dependency-name: packaging
  dependency-version: '24.2'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-08 20:40:57 +00:00
ccostino
55bcf7f722 Merge pull request #1637 from GSA/dependabot/pip/pre-commit-4.2.0
Bump pre-commit from 3.8.0 to 4.2.0
2025-04-08 16:38:46 -04:00
ccostino
21330acf51 Merge pull request #1639 from GSA/dependabot/pip/newrelic-10.8.1
Bump newrelic from 10.7.0 to 10.8.1
2025-04-08 12:51:34 -04:00
dependabot[bot]
365d68183e Bump pre-commit from 3.8.0 to 4.2.0
Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 3.8.0 to 4.2.0.
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pre-commit/pre-commit/compare/v3.8.0...v4.2.0)

---
updated-dependencies:
- dependency-name: pre-commit
  dependency-version: 4.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-08 15:16:07 +00:00
dependabot[bot]
e9d2d03796 Bump newrelic from 10.7.0 to 10.8.1
Bumps [newrelic](https://github.com/newrelic/newrelic-python-agent) from 10.7.0 to 10.8.1.
- [Release notes](https://github.com/newrelic/newrelic-python-agent/releases)
- [Commits](https://github.com/newrelic/newrelic-python-agent/compare/v10.7.0...v10.8.1)

---
updated-dependencies:
- dependency-name: newrelic
  dependency-version: 10.8.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-07 22:47:27 +00:00
dependabot[bot]
4d5ae7c9db Bump black from 24.10.0 to 25.1.0
Bumps [black](https://github.com/psf/black) from 24.10.0 to 25.1.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/24.10.0...25.1.0)

---
updated-dependencies:
- dependency-name: black
  dependency-version: 25.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-07 17:21:40 +00:00
dependabot[bot]
f3966afe53 Bump pytest-cov from 5.0.0 to 6.1.0
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 5.0.0 to 6.1.0.
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest-cov/compare/v5.0.0...v6.1.0)

---
updated-dependencies:
- dependency-name: pytest-cov
  dependency-version: 6.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-07 16:29:35 +00:00
dependabot[bot]
bc85de75f1 Bump async-timeout from 4.0.3 to 5.0.1
Bumps [async-timeout](https://github.com/aio-libs/async-timeout) from 4.0.3 to 5.0.1.
- [Release notes](https://github.com/aio-libs/async-timeout/releases)
- [Changelog](https://github.com/aio-libs/async-timeout/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/async-timeout/compare/v4.0.3...v5.0.1)

---
updated-dependencies:
- dependency-name: async-timeout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-07 15:07:43 +00:00
dependabot[bot]
30180574c9 Bump click-datetime from 0.2 to 0.4.0
Bumps click-datetime from 0.2 to 0.4.0.

---
updated-dependencies:
- dependency-name: click-datetime
  dependency-version: 0.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-03 21:17:32 +00:00
dependabot[bot]
18fd5a1037 Bump urllib3 from 2.2.3 to 2.3.0
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.2.3 to 2.3.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.2.3...2.3.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-03 19:05:15 +00:00
Kenneth Kehl
5bfca4bf82 upgrade mistune 2025-03-31 09:28:35 -07:00
ccostino
555b10d793 Merge pull request #1603 from GSA/dependabot/pip/newrelic-10.7.0
Bump newrelic from 10.2.0 to 10.7.0
2025-03-24 17:44:19 -04:00
Kenneth Kehl
90d71299d5 initial 2025-03-17 09:45:23 -07:00
dependabot[bot]
5cb293a6a3 Bump newrelic from 10.2.0 to 10.7.0
Bumps [newrelic](https://github.com/newrelic/newrelic-python-agent) from 10.2.0 to 10.7.0.
- [Release notes](https://github.com/newrelic/newrelic-python-agent/releases)
- [Commits](https://github.com/newrelic/newrelic-python-agent/compare/v10.2.0...v10.7.0)

---
updated-dependencies:
- dependency-name: newrelic
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-14 21:05:22 +00:00
dependabot[bot]
186e4133d2 Bump certifi from 2024.8.30 to 2025.1.31
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.8.30 to 2025.1.31.
- [Commits](https://github.com/certifi/python-certifi/compare/2024.08.30...2025.01.31)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-13 16:46:57 +00:00
dependabot[bot]
d40572d8e8 Bump marshmallow from 3.22.0 to 3.26.1
Bumps [marshmallow](https://github.com/marshmallow-code/marshmallow) from 3.22.0 to 3.26.1.
- [Changelog](https://github.com/marshmallow-code/marshmallow/blob/dev/CHANGELOG.rst)
- [Commits](https://github.com/marshmallow-code/marshmallow/compare/3.22.0...3.26.1)

---
updated-dependencies:
- dependency-name: marshmallow
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-11 22:00:10 +00:00
dependabot[bot]
74f100cc5d Bump numpy from 1.26.4 to 2.2.3
Bumps [numpy](https://github.com/numpy/numpy) from 1.26.4 to 2.2.3.
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](https://github.com/numpy/numpy/compare/v1.26.4...v2.2.3)

---
updated-dependencies:
- dependency-name: numpy
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-11 14:27:38 +00:00
dependabot[bot]
23abab8304 Bump lxml from 5.2.2 to 5.3.1
Bumps [lxml](https://github.com/lxml/lxml) from 5.2.2 to 5.3.1.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-5.2.2...lxml-5.3.1)

---
updated-dependencies:
- dependency-name: lxml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-11 14:14:23 +00:00
dependabot[bot]
5a5f880c59 Bump pyjwt from 2.8.0 to 2.10.1
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.8.0 to 2.10.1.
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jpadilla/pyjwt/compare/2.8.0...2.10.1)

---
updated-dependencies:
- dependency-name: pyjwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-07 15:24:51 +00:00
dependabot[bot]
e3b56015d8 Bump jinja2 from 3.1.5 to 3.1.6
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.5...3.1.6)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-06 04:48:17 +00:00
dependabot[bot]
2d4ff9e87b Bump gunicorn from 22.0.0 to 23.0.0
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 22.0.0 to 23.0.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/22.0.0...23.0.0)

---
updated-dependencies:
- dependency-name: gunicorn
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-04 14:54:49 +00:00
dependabot[bot]
38367dfca2 Bump amqp from 5.2.0 to 5.3.1
Bumps [amqp](https://github.com/celery/py-amqp) from 5.2.0 to 5.3.1.
- [Release notes](https://github.com/celery/py-amqp/releases)
- [Changelog](https://github.com/celery/py-amqp/blob/main/Changelog)
- [Commits](https://github.com/celery/py-amqp/compare/v5.2.0...v5.3.1)

---
updated-dependencies:
- dependency-name: amqp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-26 22:03:30 +00:00
dependabot[bot]
559b789d2c Bump moto from 5.0.11 to 5.1.0
Bumps [moto](https://github.com/getmoto/moto) from 5.0.11 to 5.1.0.
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getmoto/moto/compare/5.0.11...5.1.0)

---
updated-dependencies:
- dependency-name: moto
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-24 22:47:08 +00:00
Kenneth Kehl
b1712964a8 remove pytz remnants 2025-02-24 10:18:33 -08:00
dependabot[bot]
6e5585027c Bump cffi from 1.16.0 to 1.17.1
Bumps [cffi](https://github.com/python-cffi/cffi) from 1.16.0 to 1.17.1.
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](https://github.com/python-cffi/cffi/compare/v1.16.0...v1.17.1)

---
updated-dependencies:
- dependency-name: cffi
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-13 21:07:52 +00:00
dependabot[bot]
7a509fe873 Bump geojson from 3.1.0 to 3.2.0
Bumps [geojson](https://github.com/jazzband/geojson) from 3.1.0 to 3.2.0.
- [Changelog](https://github.com/jazzband/geojson/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/jazzband/geojson/compare/3.1.0...3.2.0)

---
updated-dependencies:
- dependency-name: geojson
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-13 15:41:47 +00:00
dependabot[bot]
ea07e84341 Bump cryptography from 43.0.3 to 44.0.1
Bumps [cryptography](https://github.com/pyca/cryptography) from 43.0.3 to 44.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/43.0.3...44.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-11 19:18:15 +00:00
dependabot[bot]
5c3b065382 Bump blinker from 1.8.2 to 1.9.0
Bumps [blinker](https://github.com/pallets-eco/blinker) from 1.8.2 to 1.9.0.
- [Release notes](https://github.com/pallets-eco/blinker/releases)
- [Changelog](https://github.com/pallets-eco/blinker/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets-eco/blinker/compare/1.8.2...1.9.0)

---
updated-dependencies:
- dependency-name: blinker
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-10 21:13:53 +00:00
dependabot[bot]
89b620f899 Bump setuptools from 72.2.0 to 75.8.0
Bumps [setuptools](https://github.com/pypa/setuptools) from 72.2.0 to 75.8.0.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v72.2.0...v75.8.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-10 20:14:44 +00:00
dependabot[bot]
dda96bb3b7 Bump aiohttp from 3.10.10 to 3.10.11
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.10.10 to 3.10.11.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.10.10...v3.10.11)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-10 19:08:13 +00:00
Kenneth Kehl
879ed2da0a ugh specify rev 2025-01-06 13:47:11 -08:00
Andrew Shumway
90ce2b2a65 Poetry lock --no-update command 2024-12-23 11:46:14 -07:00
Andrew Shumway
f4442e1ef5 Update jinja2 to 3.1.5 to address vulnerability 2024-12-23 11:37:36 -07:00
Carlo Costino
a0e8828500 Merge pull request #1379 from GSA/API-1328_Logging_Formatter_With_Scrub
API-1328 - Using a custom formatter to scrub PII from all log records.
2024-10-30 13:43:00 -04:00
Cliff Hill
50812b5a57 Attempting to fix security vulnerability that was found.
Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>
2024-10-30 09:27:39 -04:00
dependabot[bot]
d5cc8b239f Bump werkzeug from 3.0.3 to 3.0.6
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.3 to 3.0.6.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/werkzeug/compare/3.0.3...3.0.6)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-26 00:08:57 +00:00
Kenneth Kehl
1288e726b7 pip audit fail 2024-09-04 11:24:44 -07:00
Kenneth Kehl
aa2c8afefe limit cache download by time 2024-08-27 10:31:58 -07:00
dependabot[bot]
92f1f93f84 Bump marshmallow from 3.21.3 to 3.22.0
Bumps [marshmallow](https://github.com/marshmallow-code/marshmallow) from 3.21.3 to 3.22.0.
- [Changelog](https://github.com/marshmallow-code/marshmallow/blob/dev/CHANGELOG.rst)
- [Commits](https://github.com/marshmallow-code/marshmallow/compare/3.21.3...3.22.0)

---
updated-dependencies:
- dependency-name: marshmallow
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-21 01:58:45 +00:00
Kenneth Kehl
e144662b37 merge from main 2024-08-20 13:49:23 -07:00
Kenneth Kehl
0a47481548 Fix job.created_at time if necessary 2024-08-20 11:19:43 -07:00
dependabot[bot]
d8813a1f2f Bump flake8 from 7.1.0 to 7.1.1
Bumps [flake8](https://github.com/pycqa/flake8) from 7.1.0 to 7.1.1.
- [Commits](https://github.com/pycqa/flake8/compare/7.1.0...7.1.1)

---
updated-dependencies:
- dependency-name: flake8
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-19 21:50:10 +00:00
dependabot[bot]
686367d464 Bump aiohttp from 3.9.5 to 3.10.2
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.5 to 3.10.2.
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.9.5...v3.10.2)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-19 21:37:14 +00:00
Kenneth Kehl
b9eec69423 add retry with backoff 2024-08-13 14:51:51 -07:00
dependabot[bot]
1234c45934 Bump botocore from 1.34.154 to 1.34.159
Bumps [botocore](https://github.com/boto/botocore) from 1.34.154 to 1.34.159.
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.34.154...1.34.159)

---
updated-dependencies:
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 19:37:56 +00:00
dependabot[bot]
3c251c4016 Bump black from 24.4.2 to 24.8.0
Bumps [black](https://github.com/psf/black) from 24.4.2 to 24.8.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/24.4.2...24.8.0)

---
updated-dependencies:
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 19:21:31 +00:00
dependabot[bot]
06e1157d85 Bump pyyaml from 6.0.1 to 6.0.2
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.2/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 19:07:30 +00:00