From 4d44ca0459ccc3482d6f442d6f2f0e9d45b321c9 Mon Sep 17 00:00:00 2001 From: Federico Jaureguialzo Date: Tue, 5 Nov 2024 22:25:14 +0100 Subject: [PATCH 1/2] Update virtualenv (20.25.0 -> 20.27.1) --- poetry.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index fbb2b36..7fa66dc 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2003,13 +2003,13 @@ zstd = ["zstandard (>=0.18.0)"] [[package]] name = "virtualenv" -version = "20.25.0" +version = "20.27.1" description = "Virtual Python Environment builder" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" files = [ - {file = "virtualenv-20.25.0-py3-none-any.whl", hash = "sha256:4238949c5ffe6876362d9c0180fc6c3a824a7b12b80604eeb8085f2ed7460de3"}, - {file = "virtualenv-20.25.0.tar.gz", hash = "sha256:bf51c0d9c7dd63ea8e44086fa1e4fb1093a31e963b86959257378aef020e1f1b"}, + {file = "virtualenv-20.27.1-py3-none-any.whl", hash = "sha256:f11f1b8a29525562925f745563bfd48b189450f61fb34c4f9cc79dd5aa32a1f4"}, + {file = "virtualenv-20.27.1.tar.gz", hash = "sha256:142c6be10212543b32c6c45d3d3893dff89112cc588b7d0879ae5a1ec03a47ba"}, ] [package.dependencies] @@ -2018,7 +2018,7 @@ filelock = ">=3.12.2,<4" platformdirs = ">=3.9.1,<5" [package.extras] -docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx (>=7.1.2)", "sphinx-argparse (>=0.4)", "sphinxcontrib-towncrier (>=0.2.1a0)", "towncrier (>=23.6)"] +docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx (>=7.1.2,!=7.3)", "sphinx-argparse (>=0.4)", "sphinxcontrib-towncrier (>=0.2.1a0)", "towncrier (>=23.6)"] test = ["covdefaults (>=2.3)", "coverage (>=7.2.7)", "coverage-enable-subprocess (>=1)", "flaky (>=3.7)", "packaging (>=23.1)", "pytest (>=7.4)", "pytest-env (>=0.8.2)", "pytest-freezer (>=0.4.8)", "pytest-mock (>=3.11.1)", "pytest-randomly (>=3.12)", "pytest-timeout (>=2.1)", "setuptools (>=68)", "time-machine (>=2.10)"] [[package]] From 3998afc4983142dccaab5cdbce15848d83ce8381 Mon Sep 17 00:00:00 2001 From: Federico Jaureguialzo Date: Tue, 5 Nov 2024 22:26:55 +0100 Subject: [PATCH 2/2] Ignore unnused vulnerabilities --- .safety-policy.yml | 3 +++ poetry.lock | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.safety-policy.yml b/.safety-policy.yml index 5ec8510..7b6b72a 100644 --- a/.safety-policy.yml +++ b/.safety-policy.yml @@ -9,4 +9,7 @@ security: # configuration for the `safety check` command 70612: reason: we do not use the vulnerable function expires: '2025-10-10' + 73302: + reason: we do not use the vulnerable function + expires: '2025-10-10' continue-on-vulnerability-error: False # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities diff --git a/poetry.lock b/poetry.lock index 7fa66dc..135e74c 100644 --- a/poetry.lock +++ b/poetry.lock @@ -38,13 +38,13 @@ test = ["coverage", "pip-tools", "pytest (>=7.2.0)", "pytest-mock", "pytest-plus [[package]] name = "ansible-core" -version = "2.17.5" +version = "2.17.6" description = "Radically simple IT automation" optional = false python-versions = ">=3.10" files = [ - {file = "ansible_core-2.17.5-py3-none-any.whl", hash = "sha256:10f165b475cf2bc8d886e532cadb32c52ee6a533649793101d3166bca9bd3ea3"}, - {file = "ansible_core-2.17.5.tar.gz", hash = "sha256:ae7f51fd13dc9d57c9bcd43ef23f9c255ca8f18f4b5c0011a4f9b724d92c5a8e"}, + {file = "ansible_core-2.17.6-py3-none-any.whl", hash = "sha256:dab09cd49fe7e17003e13188ce1ab52a0a6e5b88bc4bf29ff101cfdcb2862395"}, + {file = "ansible_core-2.17.6.tar.gz", hash = "sha256:3e53970b7cebfe2adb39b711c1e2f8bbfcbedac828da51dc0357a19070638e95"}, ] [package.dependencies]