Skip to content

[maintenance] upgrade urllib3 and psutil #1366

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 9 commits into from
Mar 13, 2020
Merged

[maintenance] upgrade urllib3 and psutil #1366

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
124bb39
Upgrades urllib3 in pg
Mar 13, 2020
205eae6
Updates urllib3 in s3wrapper
Mar 13, 2020
040a033
Updates urllib3 in storage
Mar 13, 2020
a4b5d9a
Updates urllib3 in director
Mar 13, 2020
e4bc59c
Upgrades urllib3 in sidecar
Mar 13, 2020
15a1bfc
Merge branch 'master' into maintenance/upgrade-urllib3
pcrespov Mar 13, 2020
f918d1b
CVE-2019-18874
Mar 13, 2020
3a5b2ef
Merge branch 'maintenance/upgrade-urllib3' of github.com:pcrespov/osp…
Mar 13, 2020
a622199
Minor
Mar 13, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 1 addition & 4 deletions packages/postgres-database/requirements/_base.in
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,6 @@
#
# Specifies third-party dependencies for 'simcore-postgres-database'
#

# psycopg2-binary # enforces binary version
# sqlalchemy>=1.3.3 # https://nvd.nist.gov/vuln/detail/CVE-2019-7164
sqlalchemy[postgresql_psycopg2binary]>=1.3.3
sqlalchemy[postgresql_psycopg2binary]>=1.3.3 # binary + Vulnerability

yarl
6 changes: 3 additions & 3 deletions packages/postgres-database/requirements/_base.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
# This file is autogenerated by pip-compile
# To update, run:
#
# make _base.txt
# pip-compile --output-file=_base.txt _base.in
#
idna==2.8 # via yarl
multidict==4.5.2 # via yarl
psycopg2-binary==2.8.4 # via sqlalchemy
sqlalchemy[postgresql_psycopg2binary]==1.3.5
yarl==1.3.0
sqlalchemy[postgresql_psycopg2binary]==1.3.5 # via -r _base.in
yarl==1.3.0 # via -r _base.in
1 change: 1 addition & 0 deletions packages/postgres-database/requirements/_migration.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
-r _base.txt

certifi==2019.6.16 # added contraint to fit pre-installation of jupyter/base-notebook:python-3.7.3 (cannot uninstall)
urllib3>=1.25.8 # Vulnerability

alembic
click
Expand Down
22 changes: 11 additions & 11 deletions packages/postgres-database/requirements/_migration.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,22 @@
#
# pip-compile --output-file=_migration.txt _migration.in
#
alembic==1.0.8
certifi==2019.6.16
alembic==1.0.8 # via -r _migration.in
certifi==2019.6.16 # via -r _migration.in, requests
chardet==3.0.4 # via requests
click==7.0
docker==4.0.2
idna==2.8
click==7.0 # via -r _migration.in
docker==4.0.2 # via -r _migration.in
idna==2.8 # via -r _base.txt, requests, yarl
mako==1.0.12 # via alembic
markupsafe==1.1.1 # via mako
multidict==4.5.2
psycopg2-binary==2.8.4
multidict==4.5.2 # via -r _base.txt, yarl
psycopg2-binary==2.8.4 # via -r _base.txt, sqlalchemy
python-dateutil==2.8.0 # via alembic
python-editor==1.0.4 # via alembic
requests==2.22.0 # via docker
six==1.12.0 # via docker, python-dateutil, tenacity, websocket-client
sqlalchemy[postgresql_psycopg2binary]==1.3.5
tenacity==6.0.0
urllib3==1.25.3 # via requests
sqlalchemy[postgresql_psycopg2binary]==1.3.5 # via -r _base.txt, alembic
tenacity==6.0.0 # via -r _migration.in
urllib3==1.25.8 # via -r _migration.in, requests
websocket-client==0.56.0 # via docker
yarl==1.3.0
yarl==1.3.0 # via -r _base.txt
70 changes: 35 additions & 35 deletions packages/postgres-database/requirements/_test.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,63 +5,63 @@
# pip-compile --output-file=_test.txt _test.in
#
aiohttp==3.6.2 # via pytest-aiohttp
aiopg[sa]==1.0.0
alembic==1.0.8
aiopg[sa]==1.0.0 # via -r _test.in
alembic==1.0.8 # via -r _migration.txt
appdirs==1.4.3 # via black
astroid==2.3.3 # via pylint
async-timeout==3.0.1 # via aiohttp
attrs==19.3.0 # via aiohttp, black, pytest, pytest-docker
black==19.10b0
bump2version==1.0.0
certifi==2019.6.16
chardet==3.0.4
click==7.0
coverage==4.5.1
coveralls==1.11.1
docker==4.0.2
black==19.10b0 # via -r ../../../requirements.txt
bump2version==1.0.0 # via -r ../../../requirements.txt
certifi==2019.6.16 # via -r _migration.txt, requests
chardet==3.0.4 # via -r _migration.txt, aiohttp, requests
click==7.0 # via -r _migration.txt, black, pip-tools
coverage==4.5.1 # via -r _test.in, coveralls, pytest-cov
coveralls==1.11.1 # via -r _test.in
docker==4.0.2 # via -r _migration.txt
docopt==0.6.2 # via coveralls
faker==4.0.1
faker==4.0.1 # via -r _test.in
idna-ssl==1.1.0 # via aiohttp
idna==2.8
idna==2.8 # via -r _migration.txt, requests, yarl
importlib-metadata==1.5.0 # via pluggy, pytest
isort==4.3.21 # via pylint
lazy-object-proxy==1.4.3 # via astroid
mako==1.0.12
markupsafe==1.1.1
mako==1.0.12 # via -r _migration.txt, alembic
markupsafe==1.1.1 # via -r _migration.txt, mako
mccabe==0.6.1 # via pylint
more-itertools==8.2.0 # via pytest
multidict==4.5.2
multidict==4.5.2 # via -r _migration.txt, aiohttp, yarl
packaging==20.3 # via pytest
pathspec==0.7.0 # via black
pip-tools==4.5.1
pip-tools==4.5.1 # via -r ../../../requirements.txt
pluggy==0.13.1 # via pytest
psycopg2-binary==2.8.4
psycopg2-binary==2.8.4 # via -r _migration.txt, aiopg, sqlalchemy
py==1.8.1 # via pytest
pyaml==20.3.1
pylint==2.4.4
pyaml==20.3.1 # via -r _test.in
pylint==2.4.4 # via -r ../../../requirements.txt, -r _test.in
pyparsing==2.4.6 # via packaging
pytest-aiohttp==0.3.0
pytest-cov==2.8.1
pytest-docker==0.7.2
pytest-instafail==0.4.1.post0
pytest-runner==5.2
pytest==5.3.5
python-dateutil==2.8.0
python-editor==1.0.4
pytest-aiohttp==0.3.0 # via -r _test.in
pytest-cov==2.8.1 # via -r _test.in
pytest-docker==0.7.2 # via -r _test.in
pytest-instafail==0.4.1.post0 # via -r _test.in
pytest-runner==5.2 # via -r _test.in
pytest==5.3.5 # via -r _test.in, pytest-aiohttp, pytest-cov, pytest-instafail
python-dateutil==2.8.0 # via -r _migration.txt, alembic, faker
python-editor==1.0.4 # via -r _migration.txt, alembic
pyyaml==5.3 # via pyaml
regex==2020.2.20 # via black
requests==2.22.0
rope==0.16.0
six==1.12.0
sqlalchemy[postgresql_psycopg2binary]==1.3.5
tenacity==6.0.0
requests==2.22.0 # via -r _migration.txt, coveralls, docker
rope==0.16.0 # via -r ../../../requirements.txt
six==1.12.0 # via -r _migration.txt, astroid, docker, packaging, pip-tools, python-dateutil, tenacity, websocket-client
sqlalchemy[postgresql_psycopg2binary]==1.3.5 # via -r _migration.txt, aiopg, alembic
tenacity==6.0.0 # via -r _migration.txt
text-unidecode==1.3 # via faker
toml==0.10.0 # via black
typed-ast==1.4.1 # via astroid, black
typing-extensions==3.7.4.1 # via aiohttp
urllib3==1.25.3
urllib3==1.25.8 # via -r _migration.txt, requests
wcwidth==0.1.8 # via pytest
websocket-client==0.56.0
websocket-client==0.56.0 # via -r _migration.txt, docker
wrapt==1.11.2 # via astroid
yarl==1.3.0
yarl==1.3.0 # via -r _migration.txt, aiohttp
zipp==3.1.0 # via importlib-metadata
2 changes: 1 addition & 1 deletion packages/s3wrapper/requirements/_base.in
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#
# Specifies third-party dependencies for 's3wrapper'
#

urllib3>=1.25.8
minio
4 changes: 2 additions & 2 deletions packages/s3wrapper/requirements/_base.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
# pip-compile --output-file=_base.txt _base.in
#
certifi==2019.3.9 # via minio
minio==4.0.16
minio==4.0.16 # via -r _base.in
python-dateutil==2.8.0 # via minio
pytz==2019.1 # via minio
six==1.12.0 # via python-dateutil
urllib3==1.25.2 # via minio
urllib3==1.25.8 # via -r _base.in, minio
28 changes: 14 additions & 14 deletions packages/s3wrapper/requirements/_test.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,33 +6,33 @@
#
astroid==2.3.3 # via pylint
attrs==19.3.0 # via pytest, pytest-docker
certifi==2019.3.9
certifi==2019.3.9 # via -r _base.txt, minio, requests
chardet==3.0.4 # via requests
coverage==4.5.1
coveralls==1.11.1
coverage==4.5.1 # via -r _test.in, coveralls, pytest-cov
coveralls==1.11.1 # via -r _test.in
docopt==0.6.2 # via coveralls
idna==2.9 # via requests
importlib-metadata==1.5.0 # via pluggy, pytest
isort==4.3.21 # via pylint
lazy-object-proxy==1.4.3 # via astroid
mccabe==0.6.1 # via pylint
minio==4.0.16
minio==4.0.16 # via -r _base.txt
more-itertools==8.2.0 # via pytest
packaging==20.3 # via pytest
pluggy==0.13.1 # via pytest
py==1.8.1 # via pytest
pylint==2.4.4
pylint==2.4.4 # via -r _test.in
pyparsing==2.4.6 # via packaging
pytest-cov==2.8.1
pytest-docker==0.7.2
pytest-runner==5.2
pytest==5.3.5
python-dateutil==2.8.0
pytz==2019.1
requests==2.23.0
six==1.12.0
pytest-cov==2.8.1 # via -r _test.in
pytest-docker==0.7.2 # via -r _test.in
pytest-runner==5.2 # via -r _test.in
pytest==5.3.5 # via -r _test.in, pytest-cov
python-dateutil==2.8.0 # via -r _base.txt, minio
pytz==2019.1 # via -r _base.txt, minio
requests==2.23.0 # via -r _test.in, coveralls
six==1.12.0 # via -r _base.txt, astroid, packaging, python-dateutil
typed-ast==1.4.1 # via astroid
urllib3==1.25.2
urllib3==1.25.8 # via -r _base.txt, minio, requests
wcwidth==0.1.8 # via pytest
wrapt==1.11.2 # via astroid
zipp==3.1.0 # via importlib-metadata
1 change: 1 addition & 0 deletions services/director/requirements/_base.in
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#
# Specifies third-party dependencies for 'director'
#
urllib3>=1.25.8 # Vulnerability
pyyaml>=5.3 # Vulnerable

aiohttp
Expand Down
18 changes: 9 additions & 9 deletions services/director/requirements/_base.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,22 @@
#
# pip-compile --output-file=_base.txt _base.in
#
aiodocker==0.14.0
aiohttp==3.3.2
git+https://github.com/ITISFoundation/aiohttp_apiset.git@fixes_4_osparc#egg=aiohttp_apiset
aiodocker==0.14.0 # via -r _base.in
aiohttp==3.3.2 # via -r _base.in, aiodocker, aiohttp-apiset
git+https://github.com/ITISFoundation/aiohttp_apiset.git@fixes_4_osparc#egg=aiohttp_apiset # via -r _base.in
async-generator==1.10 # via asyncio-extras
async-timeout==3.0.1 # via aiohttp
asyncio-extras==1.3.2
asyncio-extras==1.3.2 # via -r _base.in
attrs==19.1.0 # via aiohttp
certifi==2019.3.9 # via requests
chardet==3.0.4 # via aiohttp, requests
idna-ssl==1.1.0 # via aiohttp
idna==2.8 # via idna-ssl, requests, yarl
jsonschema==2.6.0
jsonschema==2.6.0 # via aiohttp-apiset
multidict==4.5.2 # via aiohttp, yarl
pyyaml==5.3
requests==2.22.0
pyyaml==5.3 # via -r _base.in, aiohttp-apiset
requests==2.22.0 # via -r _base.in
six==1.12.0 # via tenacity
tenacity==6.0.0
urllib3==1.25.2 # via requests
tenacity==6.0.0 # via -r _base.in
urllib3==1.25.8 # via -r _base.in, requests
yarl==1.3.0 # via aiodocker, aiohttp
1 change: 0 additions & 1 deletion services/director/requirements/_test.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
# frozen specs
-r _base.txt


# testing
coverage==4.5.1 # TODO: Downgraded because of a bug https://github.com/nedbat/coveragepy/issues/716
pytest
Expand Down
66 changes: 33 additions & 33 deletions services/director/requirements/_test.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,53 +4,53 @@
#
# pip-compile --output-file=_test.txt _test.in
#
aiodocker==0.14.0
aiohttp==3.3.2
git+https://github.com/ITISFoundation/aiohttp_apiset.git@fixes_4_osparc#egg=aiohttp_apiset
aiodocker==0.14.0 # via -r _base.txt
aiohttp==3.3.2 # via -r _base.txt, aiodocker, aiohttp-apiset, pytest-aiohttp
git+https://github.com/ITISFoundation/aiohttp_apiset.git@fixes_4_osparc#egg=aiohttp_apiset # via -r _base.txt
astroid==2.3.3 # via pylint
async-generator==1.10
async-timeout==3.0.1
asyncio-extras==1.3.2
attrs==19.1.0
certifi==2019.3.9
chardet==3.0.4
codecov==2.0.16
coverage==4.5.1
coveralls==1.11.1
docker==4.2.0
async-generator==1.10 # via -r _base.txt, asyncio-extras
async-timeout==3.0.1 # via -r _base.txt, aiohttp
asyncio-extras==1.3.2 # via -r _base.txt
attrs==19.1.0 # via -r _base.txt, aiohttp, pytest
certifi==2019.3.9 # via -r _base.txt, requests
chardet==3.0.4 # via -r _base.txt, aiohttp, requests
codecov==2.0.16 # via -r _test.in
coverage==4.5.1 # via -r _test.in, codecov, coveralls, pytest-cov
coveralls==1.11.1 # via -r _test.in
docker==4.2.0 # via -r _test.in
docopt==0.6.2 # via coveralls
idna-ssl==1.1.0
idna==2.8
idna-ssl==1.1.0 # via -r _base.txt, aiohttp
idna==2.8 # via -r _base.txt, idna-ssl, requests, yarl
importlib-metadata==1.5.0 # via pluggy, pytest
isort==4.3.21 # via pylint
jsonschema==2.6.0
jsonschema==2.6.0 # via -r _base.txt, aiohttp-apiset, openapi-spec-validator
lazy-object-proxy==1.4.3 # via astroid
mccabe==0.6.1 # via pylint
more-itertools==8.2.0 # via pytest
multidict==4.5.2
openapi-spec-validator==0.2.8
multidict==4.5.2 # via -r _base.txt, aiohttp, yarl
openapi-spec-validator==0.2.8 # via -r _test.in
packaging==20.3 # via pytest, pytest-sugar
pluggy==0.13.1 # via pytest
ptvsd==4.3.2
ptvsd==4.3.2 # via -r _test.in
py==1.8.1 # via pytest
pylint==2.4.4
pylint==2.4.4 # via -r _test.in
pyparsing==2.4.6 # via packaging
pytest-aiohttp==0.3.0
pytest-cov==2.8.1
pytest-instafail==0.4.1.post0
pytest-mock==2.0.0
pytest-runner==5.2
pytest-sugar==0.9.2
pytest==5.3.5
pyyaml==5.3
requests==2.22.0
six==1.12.0
tenacity==6.0.0
pytest-aiohttp==0.3.0 # via -r _test.in
pytest-cov==2.8.1 # via -r _test.in
pytest-instafail==0.4.1.post0 # via -r _test.in
pytest-mock==2.0.0 # via -r _test.in
pytest-runner==5.2 # via -r _test.in
pytest-sugar==0.9.2 # via -r _test.in
pytest==5.3.5 # via -r _test.in, pytest-aiohttp, pytest-cov, pytest-instafail, pytest-mock, pytest-sugar
pyyaml==5.3 # via -r _base.txt, aiohttp-apiset, openapi-spec-validator
requests==2.22.0 # via -r _base.txt, codecov, coveralls, docker
six==1.12.0 # via -r _base.txt, astroid, docker, openapi-spec-validator, packaging, tenacity, websocket-client
tenacity==6.0.0 # via -r _base.txt
termcolor==1.1.0 # via pytest-sugar
typed-ast==1.4.1 # via astroid
urllib3==1.25.2
urllib3==1.25.8 # via -r _base.txt, requests
wcwidth==0.1.8 # via pytest
websocket-client==0.57.0 # via docker
wrapt==1.11.2 # via astroid
yarl==1.3.0
yarl==1.3.0 # via -r _base.txt, aiodocker, aiohttp
zipp==3.1.0 # via importlib-metadata
2 changes: 1 addition & 1 deletion services/sidecar/requirements/_base.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# Specifies third-party dependencies for 'sidecar'
#


urllib3>=1.25.8 # Vulnerability
sqlalchemy>=1.3.3 # https://nvd.nist.gov/vuln/detail/CVE-2019-7164

psycopg2-binary # enforces binary version - http://initd.org/psycopg/docs/install.html#binary-install-from-pypi
Expand Down
Loading