From 7f9823fe12eaf25e7f24410136ddb7a691616ee8 Mon Sep 17 00:00:00 2001 From: Chris Gemignani Date: Wed, 24 Apr 2019 10:43:04 -0500 Subject: [PATCH] Update requirements Fixes security issues with Jinja2, urllib3, pyyaml. Raises an error when installing pyyaml==5.1 due to pinned constraints in docker-compose and aws-cli. AWS-cli has issues w pyyaml 5 dropping support for python 2.6 https://github.com/aws/aws-cli/issues/3828 Docker compose is still waiting on some issues w unicode support in pyyaml 5.1, but this doesn't affect us. https://github.com/docker/compose/pull/6623 --- jbcli/requirements.txt | 5 ++--- jbcli/setup.py | 8 ++------ requirements.txt | 19 +++++++------------ 3 files changed, 11 insertions(+), 21 deletions(-) diff --git a/jbcli/requirements.txt b/jbcli/requirements.txt index da5dc5b..1cc940b 100644 --- a/jbcli/requirements.txt +++ b/jbcli/requirements.txt @@ -1,6 +1,5 @@ -botocore==1.5.76 -docker==2.2.1 -docker-compose==1.12.0 +docker==3.7.2 +docker-compose==1.24.0 click==6.2 gabbi==1.24.0 requests==2.20.1 diff --git a/jbcli/setup.py b/jbcli/setup.py index 19849a7..b1db534 100644 --- a/jbcli/setup.py +++ b/jbcli/setup.py @@ -2,14 +2,10 @@ requirements = [ 'click==6.2', - 'cookiecutter==1.3.0', 'gabbi==1.24.0', - 'docker==2.2.1', - 'docker-compose==1.12.0', + 'docker==3.7.2', + 'docker-compose==1.24.0', 'requests==2.20.1', - 'docker==2.2.1', - 'docker-compose==1.12.0', - 'botocore==1.5.76', 'watchdog==0.8.3', 'tabulate==0.8.3' ] diff --git a/requirements.txt b/requirements.txt index fcab9fd..ddc120a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,19 +1,16 @@ appdirs==1.4.3 argh==0.26.2 -awscli==1.11.113 +awscli==1.16.144 Babel==2.4.0 backports.ssl-match-hostname==3.5.0.1 binaryornot==0.4.3 -botocore==1.5.76 cached-property==1.3.0 chardet==3.0.2 click==6.2 colorama==0.3.9 -cookiecutter==1.3.0 decorator==4.0.11 -docker==2.2.1 -docker-compose==1.12.0 -docker-pycreds==0.2.1 +docker==3.7.2 +docker-compose==1.24.0 dockerpty==0.4.1 docopt==0.6.2 docutils==0.13.1 @@ -23,7 +20,7 @@ future==0.16.0 futures==3.1.1 gabbi==1.24.0 ipaddress==1.0.18 -Jinja2==2.9.6 +Jinja2==2.10.1 jmespath==0.9.3 jsonpath-rw==1.4.0 jsonpath-rw-ext==1.1.1 @@ -39,15 +36,13 @@ pyparsing==2.2.0 pytest==3.0.7 python-dateutil==2.6.0 pytz==2017.2 -PyYAML==3.12 -requests==2.11.1 +pyyaml==5.1 +requests==2.20.1 rsa==3.4.2 ruamel.ordereddict==0.4.9 ruamel.yaml==0.14.11 -s3transfer==0.1.10 six==1.10.0 -texttable==0.8.8 -urllib3==1.21.1 +urllib3==1.24.2 watchdog==0.8.3 websocket-client==0.40.0 whichcraft==0.4.1