Skip to content

Commit 8b03d1e

Browse files
PLAT-10389: Upgrade dependencies (#100)
Snyk reported a vulnerability introduce by 'cryptography' (https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152), upgrade the dependency. Also update rsa, reported by Snyk CLI. snyk test --command=python3 does not report any high vulnerability anymore. Difficult to test automatically (cert auth) so I just checked manually.
1 parent b40ddcb commit 8b03d1e

File tree

2 files changed

+4
-5
lines changed

2 files changed

+4
-5
lines changed

requirements.txt

+3-4
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
1-
requests-pkcs12==1.4
1+
requests-pkcs12==1.9
22
requests-toolbelt==0.9.1
33
yattag==1.12.2
44
python-json-logger==0.1.11
55
beautifulsoup4==4.8.0
66
Jinja2==2.10.1
77
defusedxml==0.6.0
88

9-
rsa~=4.6
9+
rsa~=4.7
1010
pyasn1~=0.4.8
1111
six~=1.15.0
1212
ecdsa<0.15
@@ -17,7 +17,6 @@ aiohttp~=3.6.2
1717
chardet~=3.0.4
1818
MarkupSafe~=1.1.1
1919
pycparser~=2.20
20-
cryptography~=2.9.2
2120
idna~=2.9
2221
urllib3~=1.25.9
2322
certifi~=2020.4.5.2
@@ -27,5 +26,5 @@ requests~=2.24.0
2726
soupsieve~=2.0.1
2827
setuptools~=47.3.1
2928
aioresponses~=0.6.4
30-
pytest~=6.0.1
29+
pytest~=6.2.1
3130

setup.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ def readme():
2828
'python-json-logger==0.1.11',
2929
'beautifulsoup4==4.8.0',
3030
'Jinja2==2.10.1',
31-
'requests_pkcs12==1.4',
31+
'requests_pkcs12==1.9',
3232
'requests-toolbelt==0.9.1',
3333
'requests-mock>=1.7.0',
3434
'yattag==1.12.2',

0 commit comments

Comments
 (0)