From b9c354f5eb62ac057e1436d1cde6963fbe54c504 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 18:07:30 -0500 Subject: [PATCH 1/7] Bump django from 3.2.20 to 3.2.23 in /src (#258) * Bump django from 3.2.20 to 3.2.23 in /src Bumps [django](https://github.com/django/django) from 3.2.20 to 3.2.23. - [Commits](https://github.com/django/django/compare/3.2.20...3.2.23) --- updated-dependencies: - dependency-name: django dependency-type: direct:production ... Signed-off-by: dependabot[bot] * Update requirements.in --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Romaniello --- src/requirements-dev.txt | 2 +- src/requirements.in | 2 +- src/requirements.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index 9faf8e26..fd5d6770 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -80,7 +80,7 @@ defusedxml==0.7.1 # its-preselector distlib==0.3.6 # via virtualenv -django==3.2.20 +django==3.2.23 # via # -r requirements.txt # django-session-timeout diff --git a/src/requirements.in b/src/requirements.in index 2a9e3b5a..b985812b 100644 --- a/src/requirements.in +++ b/src/requirements.in @@ -1,5 +1,5 @@ cryptography>=41.0.4 -django>=3.2.20, <4.0 +django>=3.2.23, <4.0 djangorestframework>=3.0, <4.0 django-session-timeout>=0.1, <1.0 drf-yasg>=1.0, <2.0 diff --git a/src/requirements.txt b/src/requirements.txt index 7c33aa01..abe173e0 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -28,7 +28,7 @@ cryptography==41.0.4 # via -r requirements.in defusedxml==0.7.1 # via its-preselector -django==3.2.20 +django==3.2.23 # via # -r requirements.in # django-session-timeout From 11ed95a28f8f6c03fbc7a0bbc2f2f288ad9a788e Mon Sep 17 00:00:00 2001 From: Doug Boulware Date: Wed, 29 Nov 2023 12:40:05 -0700 Subject: [PATCH 2/7] switch preselector and scos-actions branches. --- src/requirements-dev.txt | 4 ++-- src/requirements.txt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index fd5d6770..4ed6d234 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -142,7 +142,7 @@ inflection==0.5.1 # drf-yasg iniconfig==2.0.0 # via pytest -its-preselector @ git+https://github.com/NTIA/Preselector@3.0.2 +its-preselector @ git+https://github.com/NTIA/Preselector@analog_inputs # via # -r requirements.txt # scos-actions @@ -321,7 +321,7 @@ scipy==1.10.1 # via # -r requirements.txt # scos-actions -scos-actions @ git+https://github.com/NTIA/scos-actions@6.4.2 +scos-actions @ git+https://github.com/NTIA/scos-actions@switch_diagnostics # via # -r requirements.txt # scos-tekrsa diff --git a/src/requirements.txt b/src/requirements.txt index abe173e0..12bb04ea 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -65,7 +65,7 @@ idna==3.4 # via requests inflection==0.5.1 # via drf-yasg -its-preselector @ git+https://github.com/NTIA/Preselector@3.0.2 +its-preselector @ git+https://github.com/NTIA/Preselector@analog_inputs # via scos-actions itypes==1.2.0 # via coreapi @@ -149,7 +149,7 @@ ruamel-yaml-clib==0.2.8 # via ruamel-yaml scipy==1.10.1 # via scos-actions -scos-actions @ git+https://github.com/NTIA/scos-actions@6.4.2 +scos-actions @ git+https://github.com/NTIA/scos-actions@switch_diagnostics # via scos-tekrsa scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@3.1.5 # via -r requirements.in From 4f5f15329a86dab743ee759244c922278fcb798d Mon Sep 17 00:00:00 2001 From: Doug Boulware Date: Wed, 29 Nov 2023 12:54:51 -0700 Subject: [PATCH 3/7] switch tekrsa branch. --- src/requirements-dev.txt | 2 +- src/requirements.in | 2 +- src/requirements.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index 4ed6d234..7aa09d82 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -325,7 +325,7 @@ scos-actions @ git+https://github.com/NTIA/scos-actions@switch_diagnostics # via # -r requirements.txt # scos-tekrsa -scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@3.1.5 +scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@switch_diagnostics # via -r requirements.txt sigmf @ git+https://github.com/NTIA/SigMF@multi-recording-archive # via diff --git a/src/requirements.in b/src/requirements.in index b985812b..c794a42e 100644 --- a/src/requirements.in +++ b/src/requirements.in @@ -13,7 +13,7 @@ psycopg2-binary>=2.0, <3.0 pyjwt>=2.4.0, <3.0 requests-mock>=1.0, <2.0 requests_oauthlib>=1.0, <2.0 -scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@3.1.5 +scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@switch_diagnostics # The following are sub-dependencies for which SCOS Sensor enforces a # higher minimum patch version than the dependencies which require them. diff --git a/src/requirements.txt b/src/requirements.txt index 12bb04ea..edd7f8e4 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -151,7 +151,7 @@ scipy==1.10.1 # via scos-actions scos-actions @ git+https://github.com/NTIA/scos-actions@switch_diagnostics # via scos-tekrsa -scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@3.1.5 +scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@switch_diagnostics # via -r requirements.in sigmf @ git+https://github.com/NTIA/SigMF@multi-recording-archive # via scos-actions From 4df53cb25cfe5d5e4388349f730adab7d6986206 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Nov 2023 10:47:26 -0700 Subject: [PATCH 4/7] Bump aiohttp from 3.8.5 to 3.9.0 in /src (#260) * Bump aiohttp from 3.8.5 to 3.9.0 in /src Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.9.0. - [Release notes](https://github.com/aio-libs/aiohttp/releases) - [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst) - [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.9.0) --- updated-dependencies: - dependency-name: aiohttp dependency-type: direct:development ... Signed-off-by: dependabot[bot] * update requirements-dev.in --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Romaniello --- src/requirements-dev.in | 2 +- src/requirements-dev.txt | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/requirements-dev.in b/src/requirements-dev.in index 7a80f7f1..3c586abb 100644 --- a/src/requirements-dev.in +++ b/src/requirements-dev.in @@ -9,4 +9,4 @@ tox>=4.0,<5.0 # The following are sub-dependencies for which SCOS Sensor enforces a # higher minimum patch version than the dependencies which require them. # This is done to ensure the inclusion of specific security patches. -aiohttp>=3.8.5 # CVE-2023-37276 +aiohttp>=3.9.0 # CVE-2023-37276 diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index fd5d6770..700823f3 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -4,7 +4,7 @@ # # pip-compile requirements-dev.in # -aiohttp==3.8.5 +aiohttp==3.9.0 # via # -r requirements-dev.in # aiohttp-cors @@ -49,7 +49,6 @@ chardet==5.1.0 charset-normalizer==3.0.1 # via # -r requirements.txt - # aiohttp # requests click==8.1.3 # via From 159d1b024bdba826bb0fcec3c5ec8ad0f9825234 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Nov 2023 10:56:30 -0700 Subject: [PATCH 5/7] Bump cryptography from 41.0.4 to 41.0.6 in /src (#261) * Bump cryptography from 41.0.4 to 41.0.6 in /src Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.4 to 41.0.6. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/41.0.4...41.0.6) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production ... Signed-off-by: dependabot[bot] * Bump aiohttp from 3.8.5 to 3.9.0 in /src (#260) * Bump aiohttp from 3.8.5 to 3.9.0 in /src Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.5 to 3.9.0. - [Release notes](https://github.com/aio-libs/aiohttp/releases) - [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst) - [Commits](https://github.com/aio-libs/aiohttp/compare/v3.8.5...v3.9.0) --- updated-dependencies: - dependency-name: aiohttp dependency-type: direct:development ... Signed-off-by: dependabot[bot] * update requirements-dev.in --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Romaniello * Bump cryptography from 41.0.4 to 41.0.6 in /src Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.4 to 41.0.6. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/41.0.4...41.0.6) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production ... Signed-off-by: dependabot[bot] * Bump cryptography version in requirements.in --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Romaniello --- src/requirements-dev.txt | 2 +- src/requirements.in | 2 +- src/requirements.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index 700823f3..56273838 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -71,7 +71,7 @@ coverage[toml]==7.2.1 # via # coverage # pytest-cov -cryptography==41.0.4 +cryptography==41.0.6 # via -r requirements.txt defusedxml==0.7.1 # via diff --git a/src/requirements.in b/src/requirements.in index b985812b..8badee91 100644 --- a/src/requirements.in +++ b/src/requirements.in @@ -1,4 +1,4 @@ -cryptography>=41.0.4 +cryptography>=41.0.6 django>=3.2.23, <4.0 djangorestframework>=3.0, <4.0 django-session-timeout>=0.1, <1.0 diff --git a/src/requirements.txt b/src/requirements.txt index abe173e0..24f24cbd 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -24,7 +24,7 @@ coreschema==0.0.4 # via # coreapi # drf-yasg -cryptography==41.0.4 +cryptography==41.0.6 # via -r requirements.in defusedxml==0.7.1 # via its-preselector From bc10e57a647facc65f129cb012d8760a5637a7f9 Mon Sep 17 00:00:00 2001 From: Doug Boulware Date: Fri, 1 Dec 2023 08:00:57 -0700 Subject: [PATCH 6/7] Update to Preselector 3.1.0 --- src/requirements-dev.txt | 2 +- src/requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index 7aa09d82..74e9f38e 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -142,7 +142,7 @@ inflection==0.5.1 # drf-yasg iniconfig==2.0.0 # via pytest -its-preselector @ git+https://github.com/NTIA/Preselector@analog_inputs +its-preselector @ git+https://github.com/NTIA/Preselector@3.1.0 # via # -r requirements.txt # scos-actions diff --git a/src/requirements.txt b/src/requirements.txt index edd7f8e4..bbaf579e 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -65,7 +65,7 @@ idna==3.4 # via requests inflection==0.5.1 # via drf-yasg -its-preselector @ git+https://github.com/NTIA/Preselector@analog_inputs +its-preselector @ git+https://github.com/NTIA/Preselector@3.1.0 # via scos-actions itypes==1.2.0 # via coreapi From fca01bfb99d8ab384318f9b1a839ad92cc5701bc Mon Sep 17 00:00:00 2001 From: Doug Boulware Date: Fri, 1 Dec 2023 14:45:25 -0700 Subject: [PATCH 7/7] Set scos dependencies to release versions. --- src/requirements-dev.txt | 4 ++-- src/requirements.in | 2 +- src/requirements.txt | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt index 74e9f38e..b44a9aae 100644 --- a/src/requirements-dev.txt +++ b/src/requirements-dev.txt @@ -321,11 +321,11 @@ scipy==1.10.1 # via # -r requirements.txt # scos-actions -scos-actions @ git+https://github.com/NTIA/scos-actions@switch_diagnostics +scos-actions @ git+https://github.com/NTIA/scos-actions@7.0.0 # via # -r requirements.txt # scos-tekrsa -scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@switch_diagnostics +scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@4.0.0 # via -r requirements.txt sigmf @ git+https://github.com/NTIA/SigMF@multi-recording-archive # via diff --git a/src/requirements.in b/src/requirements.in index c794a42e..737c083f 100644 --- a/src/requirements.in +++ b/src/requirements.in @@ -13,7 +13,7 @@ psycopg2-binary>=2.0, <3.0 pyjwt>=2.4.0, <3.0 requests-mock>=1.0, <2.0 requests_oauthlib>=1.0, <2.0 -scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@switch_diagnostics +scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@4.0.0 # The following are sub-dependencies for which SCOS Sensor enforces a # higher minimum patch version than the dependencies which require them. diff --git a/src/requirements.txt b/src/requirements.txt index bbaf579e..c6b3bb12 100644 --- a/src/requirements.txt +++ b/src/requirements.txt @@ -149,9 +149,9 @@ ruamel-yaml-clib==0.2.8 # via ruamel-yaml scipy==1.10.1 # via scos-actions -scos-actions @ git+https://github.com/NTIA/scos-actions@switch_diagnostics +scos-actions @ git+https://github.com/NTIA/scos-actions@7.0.0 # via scos-tekrsa -scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@switch_diagnostics +scos-tekrsa @ git+https://github.com/NTIA/scos-tekrsa@4.0.0 # via -r requirements.in sigmf @ git+https://github.com/NTIA/SigMF@multi-recording-archive # via scos-actions