From 570e91b366803f94370ed3a9c2f3155d87e9fee9 Mon Sep 17 00:00:00 2001 From: Andreas Maier Date: Sun, 18 Feb 2024 10:22:49 +0100 Subject: [PATCH] Safety issues up to 2024-02-18 Signed-off-by: Andreas Maier --- .safety-policy.yml | 2 ++ docs/changes.rst | 2 +- minimum-constraints.txt | 3 ++- requirements.txt | 3 ++- 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.safety-policy.yml b/.safety-policy.yml index f0145709..45554443 100644 --- a/.safety-policy.yml +++ b/.safety-policy.yml @@ -46,6 +46,8 @@ security: reason: Fixed GitPython version 3.1.35 requires Python>=3.7 and is used there 62044: reason: Fixed pip version 23.3 requires Python>=3.7 and is used there + 64227: + reason: Fixed Jinja2 version 3.1.3 requires Python>=3.7 and is used there # Continue with exit code 0 when vulnerabilities are found. continue-on-vulnerability-error: False diff --git a/docs/changes.rst b/docs/changes.rst index 320f4136..3adb6487 100644 --- a/docs/changes.rst +++ b/docs/changes.rst @@ -30,7 +30,7 @@ Released: not yet **Bug fixes:** -* Addressed safety issues up to 2024-02-11. +* Addressed safety issues up to 2024-02-18. * Docs: Increased minimum Sphinx versions to 7.1.0 on Python 3.8 and to 7.2.0 on Python >=3.9 and adjusted dependent package versions in order to fix a version diff --git a/minimum-constraints.txt b/minimum-constraints.txt index 4cc946c3..0429a700 100644 --- a/minimum-constraints.txt +++ b/minimum-constraints.txt @@ -48,7 +48,8 @@ urllib3==1.26.18 jsonschema==3.2.0 six==1.14.0; python_version <= '3.9' six==1.16.0; python_version >= '3.10' -Jinja2==3.0.0 +Jinja2==3.0.3; python_version == '3.6' +Jinja2==3.1.3; python_version >= '3.7' # PyYAML is also used by dparse PyYAML==5.3.1 diff --git a/requirements.txt b/requirements.txt index 4029694c..a119845d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -16,7 +16,8 @@ prometheus-client>=0.19.0; python_version >= '3.8' urllib3>=1.25.18 jsonschema>=3.2.0 -Jinja2>=3.0.0 +Jinja2>=3.0.3; python_version == '3.6' +Jinja2>=3.1.3; python_version >= '3.7' # PyYAML 5.3.x has wheel archives for Python 2.7, 3.5 - 3.9 # PyYAML 5.4.x has wheel archives for Python 2.7, 3.6 - 3.9