Merge pull request #10 from rheinwerk-verlag/django-requirements-update

CVE-2023-36053: Updated the Django requirement
rheinwerk-verlag · Aug 1, 2023 · cacbf8f · cacbf8f
2 parents 931dcba + cd9fa1c
commit cacbf8f
Show file tree

Hide file tree

Showing 8 changed files with 122 additions and 116 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -10,7 +10,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: [3.6, 3.7, 3.8, 3.9]
+        python-version: [3.8, 3.9]
 
     steps:
     - uses: actions/checkout@v2
@@ -21,14 +21,12 @@ jobs:
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
-        pip install tox tox-factor coverage
+        pip install tox coverage
     - name: Lint with flake8
       run: tox -e flake8
       if: matrix.python-version == '3.8'
     - name: Run tests via tox
-      run: |
-        export TOXFACTOR=$(echo "py${{ matrix.python-version }}" | sed 's/\.//g')
-        tox
+      run: tox -f $(echo "py${{ matrix.python-version }}" | sed 's/\.//g')
     - name: Generate coverage report
       run: coverage xml
       if: ${{ success() }}

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -4,6 +4,8 @@ Changelog
 Development
 -----------
 
+* Updated Django requirement
+
 1.0.3 (2022-09-01)
 ------------------
 * Fixed test requirements in ``setup.py``

diff --git a/requirements/dev.in b/requirements/dev.in
@@ -1,8 +1,8 @@
 -r tox.in
 
 asgiref<3.4.0
-channels
-django
+channels>=3,<4
+Django>=3.2,<4
 django-channels-presence
 flake8
 isort

diff --git a/requirements/dev.txt b/requirements/dev.txt
@@ -1,22 +1,21 @@
 #
-# This file is autogenerated by pip-compile with python 3.8
-# To update, run:
+# This file is autogenerated by pip-compile with Python 3.8
+# by the following command:
 #
 #    pip-compile --output-file=dev.txt dev.in
 #
-alabaster==0.7.12
+
+alabaster==0.7.13
     # via sphinx
 asgiref==3.3.4
     # via
     #   -r dev.in
     #   channels
     #   daphne
     #   django
-astroid==2.6.6
+astroid==2.15.6
     # via pylint
-atomicwrites==1.4.0
-    # via pytest
-attrs==21.2.0
+attrs==23.1.0
     # via
     #   automat
     #   pytest
@@ -26,119 +25,122 @@ autobahn==21.2.1
     # via
     #   -r tox.in
     #   daphne
-automat==20.2.0
+automat==22.10.0
     # via twisted
-babel==2.9.1
+babel==2.12.1
     # via sphinx
-certifi==2021.5.30
+build==0.10.0
+    # via pip-tools
+certifi==2023.7.22
     # via requests
-cffi==1.14.6
+cffi==1.15.1
     # via cryptography
 channels==3.0.4
     # via -r dev.in
-charset-normalizer==2.0.4
+charset-normalizer==3.2.0
     # via requests
-click==8.0.1
+click==8.1.6
     # via pip-tools
-colorama==0.4.4
-    # via
-    #   click
-    #   pylint
-    #   pytest
-    #   sphinx
 constantly==15.1.0
     # via twisted
-coverage==5.5
+coverage==7.2.7
     # via
     #   -r tox.in
     #   pytest-cov
-cryptography==3.4.7
+cryptography==41.0.2
     # via
     #   autobahn
     #   pyopenssl
     #   service-identity
 daphne==3.0.2
     # via channels
-django==3.2.6
+dill==0.3.7
+    # via pylint
+django==3.2.20
     # via
     #   -r dev.in
     #   channels
 django-channels-presence==1.0.0
     # via -r dev.in
-docutils==0.16
+docutils==0.18.1
     # via
     #   sphinx
     #   sphinx-rtd-theme
-flake8==3.9.2
+flake8==6.0.0
     # via -r dev.in
 hyperlink==21.0.0
     # via
     #   autobahn
     #   twisted
-idna==3.2
+idna==3.4
     # via
     #   hyperlink
     #   requests
     #   twisted
-imagesize==1.2.0
+imagesize==1.4.1
+    # via sphinx
+importlib-metadata==6.8.0
     # via sphinx
-incremental==21.3.0
+incremental==22.10.0
     # via twisted
-iniconfig==1.1.1
+iniconfig==2.0.0
     # via pytest
-isort==5.9.3
+isort==5.12.0
     # via
     #   -r dev.in
     #   pylint
-jinja2==2.11.3
+jinja2==3.1.2
     # via
     #   sphinx
     #   sphinx-js
-lazy-object-proxy==1.6.0
+lazy-object-proxy==1.9.0
     # via astroid
 markupsafe==2.0.1
-    # via jinja2
-mccabe==0.6.1
+    # via
+    #   jinja2
+    #   sphinx-js
+mccabe==0.7.0
     # via
     #   flake8
     #   pylint
-packaging==21.0
+packaging==23.1
     # via
+    #   build
     #   pytest
     #   sphinx
-parsimonious==0.7.0
+parsimonious==0.10.0
     # via sphinx-js
-pep517==0.11.0
-    # via pip-tools
-pip-tools==6.2.0
+pip-tools==7.1.0
     # via -r dev.in
-pluggy==0.13.1
+platformdirs==3.9.1
+    # via pylint
+pluggy==1.2.0
     # via pytest
-py==1.10.0
+py==1.11.0
     # via pytest
-pyasn1==0.4.8
+pyasn1==0.5.0
     # via
     #   pyasn1-modules
     #   service-identity
-pyasn1-modules==0.2.8
+pyasn1-modules==0.3.0
     # via service-identity
-pycodestyle==2.7.0
+pycodestyle==2.10.0
     # via flake8
-pycparser==2.20
+pycparser==2.21
     # via cffi
-pydocstyle==6.1.1
+pydocstyle==6.3.0
     # via -r dev.in
-pyflakes==2.3.1
+pyflakes==3.0.1
     # via flake8
-pygments==2.10.0
+pygments==2.15.1
     # via sphinx
-pylint==2.9.6
+pylint==2.17.5
     # via -r dev.in
-pyopenssl==20.0.1
+pyopenssl==23.2.0
     # via twisted
-pyparsing==2.4.7
-    # via packaging
-pytest==6.2.4
+pyproject-hooks==1.0.0
+    # via build
+pytest==6.2.5
     # via
     #   -r tox.in
     #   pytest-asyncio
@@ -149,71 +151,82 @@ pytest-asyncio==0.15.1
     # via -r tox.in
 pytest-cov==2.12.1
     # via -r tox.in
-pytest-django==4.4.0
+pytest-django==4.5.2
     # via -r tox.in
-pytest-pythonpath==0.7.3
+pytest-pythonpath==0.7.4
     # via -r tox.in
-pytz==2021.1
+pytz==2023.3
     # via
     #   babel
     #   django
-requests==2.26.0
+regex==2023.6.3
+    # via parsimonious
+requests==2.31.0
     # via sphinx
-service-identity==21.1.0
+service-identity==23.1.0
     # via twisted
 six==1.16.0
-    # via
-    #   automat
-    #   parsimonious
-    #   pyopenssl
-    #   service-identity
-snowballstemmer==2.1.0
+    # via automat
+snowballstemmer==2.2.0
     # via
     #   pydocstyle
     #   sphinx
-sphinx==4.1.2
+sphinx==5.3.0
     # via
     #   -r dev.in
     #   sphinx-js
     #   sphinx-rtd-theme
-sphinx-js==3.1.2
+    #   sphinxcontrib-jquery
+sphinx-js==3.2.1
     # via -r dev.in
-sphinx-rtd-theme==0.5.2
+sphinx-rtd-theme==1.2.2
     # via -r dev.in
-sphinxcontrib-applehelp==1.0.2
+sphinxcontrib-applehelp==1.0.4
     # via sphinx
 sphinxcontrib-devhelp==1.0.2
     # via sphinx
-sphinxcontrib-htmlhelp==2.0.0
+sphinxcontrib-htmlhelp==2.0.1
     # via sphinx
+sphinxcontrib-jquery==4.1
+    # via sphinx-rtd-theme
 sphinxcontrib-jsmath==1.0.1
     # via sphinx
 sphinxcontrib-qthelp==1.0.3
     # via sphinx
 sphinxcontrib-serializinghtml==1.1.5
     # via sphinx
-sqlparse==0.4.1
+sqlparse==0.4.4
     # via django
 toml==0.10.2
     # via
-    #   pylint
     #   pytest
     #   pytest-cov
-tomli==1.2.1
-    # via pep517
-twisted[tls]==21.7.0
+tomli==2.0.1
+    # via
+    #   build
+    #   pip-tools
+    #   pylint
+    #   pyproject-hooks
+tomlkit==0.12.1
+    # via pylint
+twisted[tls]==22.10.0
     # via daphne
-txaio==21.2.1
+txaio==23.1.1
     # via autobahn
-typing-extensions==3.10.0.0
-    # via twisted
-urllib3==1.26.6
+typing-extensions==4.7.1
+    # via
+    #   astroid
+    #   pylint
+    #   twisted
+urllib3==2.0.4
     # via requests
-wheel==0.37.0
+wheel==0.41.0
     # via pip-tools
-wrapt==1.12.1
+wrapt==1.15.0
     # via astroid
-zope.interface==5.4.0
+zipp==3.16.2
+    # via importlib-metadata
+zope-interface==6.0
     # via twisted
 
 # The following packages are considered to be unsafe in a requirements file:

diff --git a/requirements/tox.in b/requirements/tox.in
@@ -1,7 +1,7 @@
 autobahn<21.2.2
 coverage
-pytest
-pytest-asyncio
+pytest<7
+pytest-asyncio>=0.15,<0.16
 pytest-django
-pytest-cov
+pytest-cov>=2,<3
 pytest-pythonpath