From 04604caa62c6a0a4675978acee11b95344ce1d54 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 19 Mar 2024 21:14:44 +0000
Subject: [PATCH] Bump django from 4.2.10 to 4.2.11 in /engine (#4079)
Bumps [django](https://github.com/django/django) from 4.2.10 to 4.2.11.
Commits
61a986f
[4.2.x] Bumped version for 4.2.11 release.3c9a277
[4.2.x] Fixed CVE-2024-27351 -- Prevented potential ReDoS in
Truncator.words().7973951
[4.2.x] Added release date for 4.2.11 and 3.2.25.86d8034
[4.2.x] Refs #34900,
Refs #34118
-- Updated assertion in test_skip_class_unle...cb173bb
[4.2.x] Fixed #35172
-- Fixed intcomma for string floats.227ef29
[4.2.x] Added CVE-2024-24680 to security archive.e2f1907
[4.2.x] Post release version bump.- See full diff in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/grafana/oncall/network/alerts).
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joey Orlando
---
engine/requirements-dev.txt | 66 +++++++++----------
engine/requirements.in | 2 +-
engine/requirements.txt | 122 ++++++++++++++++++------------------
3 files changed, 95 insertions(+), 95 deletions(-)
diff --git a/engine/requirements-dev.txt b/engine/requirements-dev.txt
index e4fbdb15..ab9cc21e 100644
--- a/engine/requirements-dev.txt
+++ b/engine/requirements-dev.txt
@@ -6,69 +6,69 @@
#
asgiref==3.7.2
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# django
celery-types==0.18.0
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
certifi==2024.2.2
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# requests
cfgv==3.4.0
# via pre-commit
charset-normalizer==3.3.2
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# requests
distlib==0.3.8
# via virtualenv
-django==4.2.10
+django==4.2.11
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# django-stubs
# django-stubs-ext
django-filter-stubs==0.1.3
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
django-stubs==4.2.2
# via
- # -r ./engine/requirements-dev.in
+ # -r requirements-dev.in
# django-filter-stubs
# djangorestframework-stubs
django-stubs-ext==4.2.7
# via django-stubs
djangorestframework-stubs==3.14.2
# via
- # -r ./engine/requirements-dev.in
+ # -r requirements-dev.in
# django-filter-stubs
execnet==2.0.2
# via pytest-xdist
factory-boy==2.12.0
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# pytest-factoryboy
faker==23.1.0
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# factory-boy
filelock==3.13.1
# via virtualenv
httpretty==1.1.4
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
identify==2.5.34
# via pre-commit
idna==3.6
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# requests
inflection==0.5.1
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# pytest-factoryboy
iniconfig==2.0.0
# via pytest
mypy==1.4.1
# via
- # -r ./engine/requirements-dev.in
+ # -r requirements-dev.in
# django-filter-stubs
# django-stubs
# djangorestframework-stubs
@@ -83,55 +83,55 @@ platformdirs==4.2.0
pluggy==1.4.0
# via pytest
pre-commit==2.15.0
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
psutil==5.9.4
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# pytest-xdist
pytest==7.3.1
# via
- # -r ./engine/requirements-dev.in
+ # -r requirements-dev.in
# pytest-django
# pytest-factoryboy
# pytest-xdist
pytest-django==4.5.2
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
pytest-factoryboy==2.5.1
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
pytest-xdist==3.5.0
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
python-dateutil==2.8.2
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# faker
pyyaml==6.0.1
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# pre-commit
requests==2.31.0
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# djangorestframework-stubs
six==1.16.0
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# python-dateutil
sqlparse==0.4.4
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# django
toml==0.10.2
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# pre-commit
types-beautifulsoup4==4.12.0.5
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
types-html5lib==1.1.11.20240106
# via types-beautifulsoup4
types-pymysql==1.0.19.7
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
types-python-dateutil==2.8.19.13
- # via -r ./engine/requirements-dev.in
+ # via -r requirements-dev.in
types-pytz==2024.1.0.20240203
# via django-stubs
types-pyyaml==6.0.12.12
@@ -140,13 +140,13 @@ types-pyyaml==6.0.12.12
# djangorestframework-stubs
types-requests==2.31.0.1
# via
- # -r ./engine/requirements-dev.in
+ # -r requirements-dev.in
# djangorestframework-stubs
types-urllib3==1.26.25.14
# via types-requests
typing-extensions==4.9.0
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# celery-types
# django-filter-stubs
# django-stubs
@@ -156,7 +156,7 @@ typing-extensions==4.9.0
# pytest-factoryboy
urllib3==1.26.18
# via
- # -c ./engine/requirements.txt
+ # -c requirements.txt
# requests
virtualenv==20.25.0
# via pre-commit
diff --git a/engine/requirements.in b/engine/requirements.in
index cf7d0370..696a3ca4 100644
--- a/engine/requirements.in
+++ b/engine/requirements.in
@@ -2,7 +2,7 @@ babel==2.12.1
beautifulsoup4==4.12.2
celery[redis]==5.3.1
cryptography==38.0.4 # version 39.0.0 introduced an issue - https://stackoverflow.com/a/75053968/3902555
-django==4.2.10
+django==4.2.11
django-add-default-value==0.10.0
django-amazon-ses==4.0.1
django-anymail==8.6
diff --git a/engine/requirements.txt b/engine/requirements.txt
index a44e2525..f9e84e12 100644
--- a/engine/requirements.txt
+++ b/engine/requirements.txt
@@ -19,11 +19,11 @@ attrs==23.2.0
autopep8==2.0.4
# via django-silk
babel==2.12.1
- # via -r ./engine/requirements.in
+ # via -r requirements.in
backoff==2.2.1
# via opentelemetry-exporter-otlp-proto-grpc
beautifulsoup4==4.12.2
- # via -r ./engine/requirements.in
+ # via -r requirements.in
billiard==4.2.0
# via celery
blinker==1.7.0
@@ -41,7 +41,7 @@ cachetools==4.2.2
# google-auth
# python-telegram-bot
celery==5.3.1
- # via -r ./engine/requirements.in
+ # via -r requirements.in
certifi==2024.2.2
# via
# python-telegram-bot
@@ -68,7 +68,7 @@ click-repl==0.3.0
# via celery
cryptography==38.0.4
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# django-mirage-field
# pyopenssl
# social-auth-core
@@ -78,9 +78,9 @@ defusedxml==0.8.0rc2
# social-auth-core
deprecated==1.2.14
# via opentelemetry-api
-django==4.2.10
+django==4.2.11
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# django-add-default-value
# django-amazon-ses
# django-anymail
@@ -101,62 +101,62 @@ django==4.2.10
# fcm-django
# social-auth-app-django
django-add-default-value==0.10.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-amazon-ses==4.0.1
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-anymail==8.6
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-cors-headers==3.7.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-dbconn-retry==0.1.7
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-debug-toolbar==4.1.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-deprecate-fields==0.1.1
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-filter==2.4.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-ipware==4.0.2
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-log-request-id==1.6.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-migration-linter==4.1.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-mirage-field==1.3.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-mysql==4.6.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-polymorphic==3.1.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# django-rest-polymorphic
django-ratelimit==2.0.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-redis==5.4.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-rest-polymorphic==0.1.10
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-silk==5.0.3
- # via -r ./engine/requirements.in
+ # via -r requirements.in
django-sns-view==0.1.2
- # via -r ./engine/requirements.in
+ # via -r requirements.in
djangorestframework==3.14.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# django-rest-polymorphic
# drf-spectacular
drf-spectacular==0.26.5
- # via -r ./engine/requirements.in
+ # via -r requirements.in
emoji==2.4.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# slack-export-viewer
factory-boy==2.12.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
faker==23.1.0
# via factory-boy
fcm-django @ https://github.com/grafana/fcm-django/archive/refs/tags/v1.0.12r1.tar.gz#sha256=7ec7cd9d353fc9edf19a4acd4fa14090a31d83d02ac986c5e5e081dea29f564f
- # via -r ./engine/requirements.in
+ # via -r requirements.in
firebase-admin==5.4.0
# via fcm-django
flask==3.0.2
@@ -202,23 +202,23 @@ gprof2dot==2022.7.29
# via django-silk
grpcio==1.57.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# google-api-core
# grpcio-status
# opentelemetry-exporter-otlp-proto-grpc
grpcio-status==1.57.0
# via google-api-core
hiredis==2.2.3
- # via -r ./engine/requirements.in
+ # via -r requirements.in
httplib2==0.22.0
# via
# google-api-python-client
# google-auth-httplib2
humanize==0.5.1
- # via -r ./engine/requirements.in
+ # via -r requirements.in
icalendar==5.0.10
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# recurring-ical-events
# x-wr-timezone
idna==3.6
@@ -242,12 +242,12 @@ jsonschema-specifications==2023.12.1
kombu==5.3.5
# via celery
lxml==4.9.2
- # via -r ./engine/requirements.in
+ # via -r requirements.in
markdown==3.5.2
# via pymdown-extensions
markdown2==2.4.10
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# slack-export-viewer
markupsafe==2.1.5
# via
@@ -261,7 +261,7 @@ oauthlib==3.2.2
# social-auth-core
opentelemetry-api==1.23.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# opentelemetry-exporter-otlp-proto-grpc
# opentelemetry-instrumentation
# opentelemetry-instrumentation-django
@@ -270,7 +270,7 @@ opentelemetry-api==1.23.0
# opentelemetry-instrumentation-wsgi
# opentelemetry-sdk
opentelemetry-exporter-otlp-proto-grpc==1.15.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
opentelemetry-instrumentation==0.44b0
# via
# opentelemetry-instrumentation-django
@@ -278,20 +278,20 @@ opentelemetry-instrumentation==0.44b0
# opentelemetry-instrumentation-requests
# opentelemetry-instrumentation-wsgi
opentelemetry-instrumentation-django==0.44b0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
opentelemetry-instrumentation-logging==0.44b0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
opentelemetry-instrumentation-requests==0.44b0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
opentelemetry-instrumentation-wsgi==0.44b0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# opentelemetry-instrumentation-django
opentelemetry-proto==1.15.0
# via opentelemetry-exporter-otlp-proto-grpc
opentelemetry-sdk==1.23.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# opentelemetry-exporter-otlp-proto-grpc
opentelemetry-semantic-conventions==0.44b0
# via
@@ -307,9 +307,9 @@ opentelemetry-util-http==0.44b0
pem==23.1.0
# via django-sns-view
phonenumbers==8.10.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
prometheus-client==0.16.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
prompt-toolkit==3.0.43
# via click-repl
proto-plus==1.23.0
@@ -323,9 +323,9 @@ protobuf==4.25.2
# opentelemetry-proto
# proto-plus
psutil==5.9.4
- # via -r ./engine/requirements.in
+ # via -r requirements.in
psycopg2==2.9.3
- # via -r ./engine/requirements.in
+ # via -r requirements.in
pyasn1==0.5.1
# via
# pyasn1-modules
@@ -341,9 +341,9 @@ pyjwt==2.8.0
# social-auth-core
# twilio
pymdown-extensions==10.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
pymysql==1.1.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
pyopenssl==23.2.0
# via django-sns-view
pyparsing==3.1.1
@@ -356,7 +356,7 @@ python-dateutil==2.8.2
# icalendar
# recurring-ical-events
python-telegram-bot==13.13
- # via -r ./engine/requirements.in
+ # via -r requirements.in
python3-openid==3.2.0
# via social-auth-core
pytz==2024.1
@@ -373,10 +373,10 @@ pyyaml==6.0.1
# drf-spectacular
# pymdown-extensions
recurring-ical-events==2.1.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
redis==5.0.1
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# celery
# django-redis
referencing==0.33.0
@@ -384,10 +384,10 @@ referencing==0.33.0
# jsonschema
# jsonschema-specifications
regex==2021.11.2
- # via -r ./engine/requirements.in
+ # via -r requirements.in
requests==2.31.0
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# cachecontrol
# django-anymail
# django-sns-view
@@ -413,11 +413,11 @@ six==1.16.0
# python-dateutil
# twilio
slack-export-viewer==1.1.4
- # via -r ./engine/requirements.in
+ # via -r requirements.in
slack-sdk==3.21.3
- # via -r ./engine/requirements.in
+ # via -r requirements.in
social-auth-app-django==5.3.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
social-auth-core==4.5.2
# via social-auth-app-django
soupsieve==2.5
@@ -434,7 +434,7 @@ tornado==6.4
tqdm==4.66.2
# via django-mirage-field
twilio==6.37.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
typing-extensions==4.9.0
# via opentelemetry-sdk
tzdata==2024.1
@@ -447,11 +447,11 @@ uritemplate==4.1.1
# google-api-python-client
urllib3==1.26.18
# via
- # -r ./engine/requirements.in
+ # -r requirements.in
# botocore
# requests
uwsgi==2.0.21
- # via -r ./engine/requirements.in
+ # via -r requirements.in
vine==5.1.0
# via
# amqp
@@ -462,7 +462,7 @@ wcwidth==0.2.13
werkzeug==3.0.1
# via flask
whitenoise==5.3.0
- # via -r ./engine/requirements.in
+ # via -r requirements.in
wrapt==1.16.0
# via
# deprecated