Address Dependabot alerts #1137
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
michplunkett
commented
Dec 10, 2024
| @@ -65,7 +66,7 @@ urllib3==1.26.20 | |||
| us==3.1.1 | |||
| visitor~=0.1.3 | |||
| webencodings~=0.5.1 | |||
| Werkzeug~=2.3.6 | |||
| Werkzeug==3.0.6 | |||
michplunkett
commented
Dec 10, 2024
| docutils~=0.20.1 | ||
| dominate~=2.8.0 | ||
| email-validator==2.0.0.post2 | ||
| Faker==18.13.0 | ||
| Flask==2.3.2 | ||
| Flask-Compress==1.13 | ||
| Flask-Limiter==3.3.1 | ||
| Flask-Login==0.6.2 | ||
| Flask-Login==0.6.3 |
There was a problem hiding this comment.
Needed for Werkzeug update.
michplunkett
commented
Dec 10, 2024
| @@ -53,9 +53,10 @@ pytest~=7.4.0 | |||
| python-dateutil==2.8.2 | |||
| PyYAML~=6.0 | |||
| recommonmark==0.7.1 | |||
| requests~=2.31.0 | |||
| requests==2.32.0 | |||
michplunkett
commented
Dec 10, 2024
| cffi~=1.15.1 | ||
| click==8.1.4 | ||
| cryptography~=43.0.1 | ||
| Deprecated~=1.2.14 | ||
| dnspython~=2.3.0 | ||
| dnspython==2.6.1 |
michplunkett
commented
Dec 10, 2024
| @@ -10,20 +10,20 @@ Bootstrap-Flask==2.4.0 | |||
| boto3==1.28.1 | |||
| botocore==1.31.1 | |||
| cachetools==5.3.1 | |||
| certifi~=2023.7.22 | |||
| certifi==2024.07.04 | |||
michplunkett
commented
Dec 10, 2024
| rich~=13.4.2 | ||
| s3transfer~=0.6.1 | ||
| selenium==4.26.0 |
There was a problem hiding this comment.
This is likely a hangover from #1135. The make command throws several errors without selenium in the requirements.txt file.
There was a problem hiding this comment.
(env) michaelp@MacBook-Air-18 OpenOversight % make
docker compose build
WARN[0000] The "APPROVE_REGISTRATIONS" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_DEFAULT_REGION" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_SECRET_ACCESS_KEY" variable is not set. Defaulting to a blank string.
WARN[0000] The "S3_BUCKET_NAME" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_ACCESS_KEY_ID" variable is not set. Defaulting to a blank string.
[+] Building 0.4s (25/25) FINISHED docker:desktop-linux
=> [web internal] load build definition from Dockerfile-dev 0.0s
=> => transferring dockerfile: 727B 0.0s
=> [web-test internal] load build definition from Dockerfile-test 0.0s
=> => transferring dockerfile: 1.35kB 0.0s
=> [web internal] load metadata for docker.io/library/python:3.11-bullseye 0.3s
=> [web internal] load .dockerignore 0.0s
=> => transferring context: 154B 0.0s
=> [web-test internal] load .dockerignore 0.0s
=> => transferring context: 154B 0.0s
=> [web 1/11] FROM docker.io/library/python:3.11-bullseye@sha256:25e7e1f0ff89ef8780810b92e0826842decd5dbfef09deb44f3074b69949be5f 0.0s
=> [web-test internal] load build context 0.0s
=> => transferring context: 542B 0.0s
=> [web internal] load build context 0.0s
=> => transferring context: 237B 0.0s
=> CACHED [web 2/11] WORKDIR /usr/src/app 0.0s
=> CACHED [web-test 3/11] RUN apt-get update && apt-get install -y xvfb firefox-esr libpq-dev python3-dev && apt-get install -y libsqlite3-0 && apt-get clean 0.0s
=> CACHED [web-test 4/11] RUN curl --proto =https --tlsv1.2 -sSf -L --max-redirs 1 -O https://github.com/mozilla/geckodriver/releases/download/v0.35.0/geckodriver-v0.35.0-linux64.tar.gz 0.0s
=> CACHED [web-test 5/11] RUN echo "ac26e9ba8f3b8ce0fbf7339b9c9020192f6dcfcbf04a2bcd2af80dfe6bb24260 geckodriver-v0.35.0-linux64.tar.gz" | sha256sum --check - 0.0s
=> CACHED [web-test 6/11] RUN mkdir geckodriver 0.0s
=> CACHED [web-test 7/11] RUN tar -xzf geckodriver-v0.35.0-linux64.tar.gz -C geckodriver 0.0s
=> CACHED [web-test 8/11] COPY requirements.txt dev-requirements.txt /usr/src/app/ 0.0s
=> CACHED [web-test 9/11] RUN pip3 install --no-cache-dir -r requirements.txt && pip3 install --no-cache-dir -r dev-requirements.txt 0.0s
=> CACHED [web-test 10/11] COPY test_data.py /usr/src/app/ 0.0s
=> CACHED [web-test 11/11] WORKDIR /usr/src/app/ 0.0s
=> [web-test] exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:d6786304eaae3e907826301535523d8aec4f5703df3aa9b5cae7c97d52d9188e 0.0s
=> => naming to docker.io/library/openoversight-web-test 0.0s
=> CACHED [web 3/7] RUN apt-get update && apt-get install -y xvfb libpq-dev python3-dev && apt-get clean 0.0s
=> CACHED [web 4/7] COPY requirements.txt /usr/src/app/ 0.0s
=> CACHED [web 5/7] RUN pip3 install --no-cache-dir -r requirements.txt 0.0s
=> CACHED [web 6/7] COPY test_data.py /usr/src/app/ 0.0s
=> CACHED [web 7/7] WORKDIR /usr/src/app/ 0.0s
=> [web] exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:9dda0f8e043d9375a384ce8f450809ff5d69dcef32e186848f382a8114e8d500 0.0s
=> => naming to docker.io/library/openoversight-web 0.0s
docker compose up -d
WARN[0000] The "APPROVE_REGISTRATIONS" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_ACCESS_KEY_ID" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_SECRET_ACCESS_KEY" variable is not set. Defaulting to a blank string.
WARN[0000] The "S3_BUCKET_NAME" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_DEFAULT_REGION" variable is not set. Defaulting to a blank string.
[+] Running 15/15
✔ postgres 14 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 8.0s
✔ bb3f2b52e6af Pull complete 1.1s
✔ f97dcd96cc16 Pull complete 0.4s
✔ 5aa7c759ac41 Pull complete 0.7s
✔ ac65a950b085 Pull complete 1.0s
✔ d9e795891602 Pull complete 1.4s
✔ 682d2de617aa Pull complete 1.7s
✔ 7a9d97770021 Pull complete 1.5s
✔ 3b54683df903 Pull complete 1.8s
✔ c1e3facb55d4 Pull complete 4.0s
✔ 193cce693ad5 Pull complete 2.1s
✔ 6e1701bd990e Pull complete 2.1s
✔ 7708a99cafa8 Pull complete 2.5s
✔ 801a4544bdb5 Pull complete 2.6s
✔ 572e7c3e755f Pull complete 3.0s
[+] Running 3/4
⠹ Network openoversight_default Created 1.2s
✔ Container openoversight-web-test-1 Started 0.9s
✔ Container openoversight-postgres-1 Started 0.9s
✔ Container openoversight-web-1 Started 0.6s
Postgres is up
## Creating database
docker compose run --rm web flask db stamp head
WARN[0000] The "AWS_SECRET_ACCESS_KEY" variable is not set. Defaulting to a blank string.
WARN[0000] The "S3_BUCKET_NAME" variable is not set. Defaulting to a blank string.
WARN[0000] The "APPROVE_REGISTRATIONS" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_ACCESS_KEY_ID" variable is not set. Defaulting to a blank string.
WARN[0000] The "AWS_DEFAULT_REGION" variable is not set. Defaulting to a blank string.
[+] Creating 1/0
✔ Container openoversight-postgres-1 Running
...
INFO [alembic.runtime.migration] Context impl PostgresqlImpl.
INFO [alembic.runtime.migration] Will assume transactional DDL.
Postgres is up
...
michplunkett
commented
Dec 10, 2024
| @@ -8,7 +8,6 @@ pytest==7.4.0 | |||
| pytest-cov==4.1.0 | |||
| pytest-pep8==1.0.6 | |||
| pytest-xdist==3.3.1 | |||
| selenium==4.26.0 | |||
There was a problem hiding this comment.
Since selenium is already included in requirements.txt, there is no reason to have it here.
michplunkett
requested review from
b-meson,
AetherUnbound,
abandoned-prototype and
sea-kelp
b-meson
approved these changes
Dec 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes issue
Description of Changes
Updated the packages that were causing the creation of Dependabot alerts.
Tests and Linting
developbranch.pytestpasses on my local development environment.pre-commitpasses on my local development environment.