From d4a173c78cdab5cad16930731d85476546189bfc Mon Sep 17 00:00:00 2001
From: Chris Hill-Scott <me@quis.cc>
Date: Wed, 19 Feb 2020 13:47:35 +0000
Subject: [PATCH] Upgrade itsdangerous

Version 1.1.0 has reverted the breaking change (moving from sha1 to
sha256) that was introduced in version 1.0.0.

Upgrading now so that we can take advantage of this bug fix:
https://github.com/pallets/itsdangerous/issues/46
---
 requirements-app.txt | 4 +---
 requirements.txt     | 8 +++-----
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/requirements-app.txt b/requirements-app.txt
index d2bd53f6d7..7ac863e6da 100644
--- a/requirements-app.txt
+++ b/requirements-app.txt
@@ -19,9 +19,7 @@ notifications-python-client==5.5.1
 
 # PaaS
 awscli-cwlogs>=1.4,<1.5
-
-# Putting upgrade on hold due to v1.0.0 using sha512 instead of sha1 by default
-itsdangerous==0.24  # pyup: <1.0.0
+itsdangerous==1.1.0
 
 git+https://github.com/alphagov/notifications-utils.git@36.6.0#egg=notifications-utils==36.6.0
 git+https://github.com/alphagov/govuk-frontend-jinja.git@v0.5.1-alpha#egg=govuk-frontend-jinja==0.5.1-alpha
diff --git a/requirements.txt b/requirements.txt
index 89e5225457..335cee4a92 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -21,18 +21,16 @@ notifications-python-client==5.5.1
 
 # PaaS
 awscli-cwlogs>=1.4,<1.5
-
-# Putting upgrade on hold due to v1.0.0 using sha512 instead of sha1 by default
-itsdangerous==0.24  # pyup: <1.0.0
+itsdangerous==1.1.0
 
 git+https://github.com/alphagov/notifications-utils.git@36.6.0#egg=notifications-utils==36.6.0
 git+https://github.com/alphagov/govuk-frontend-jinja.git@v0.5.1-alpha#egg=govuk-frontend-jinja==0.5.1-alpha
 
 ## The following requirements were added by pip freeze:
-awscli==1.17.15
+awscli==1.18.2
 bleach==3.1.0
 boto3==1.10.38
-botocore==1.14.15
+botocore==1.15.2
 certifi==2019.11.28
 chardet==3.0.4
 Click==7.0