mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-12-23 00:26:33 +00:00
Merge pull request #3303 from MaggieFero/main
Upgrade Python Version and Several Other Packages for Security
This commit is contained in:
commit
a3465e6154
8 changed files with 39 additions and 34 deletions
2
.github/workflows/django-tests.yml
vendored
2
.github/workflows/django-tests.yml
vendored
|
@ -27,7 +27,7 @@ jobs:
|
|||
- name: Set up Python
|
||||
uses: actions/setup-python@v4
|
||||
with:
|
||||
python-version: 3.9
|
||||
python-version: 3.11
|
||||
- name: Install Dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
|
|
4
.github/workflows/mypy.yml
vendored
4
.github/workflows/mypy.yml
vendored
|
@ -13,10 +13,10 @@ jobs:
|
|||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Python 3.9
|
||||
- name: Set up Python 3.11
|
||||
uses: actions/setup-python@v4
|
||||
with:
|
||||
python-version: 3.9
|
||||
python-version: 3.11
|
||||
- name: Install Dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
|
|
4
.github/workflows/pylint.yml
vendored
4
.github/workflows/pylint.yml
vendored
|
@ -13,10 +13,10 @@ jobs:
|
|||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Python 3.9
|
||||
- name: Set up Python 3.11
|
||||
uses: actions/setup-python@v4
|
||||
with:
|
||||
python-version: 3.9
|
||||
python-version: 3.11
|
||||
- name: Install Dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM python:3.9
|
||||
FROM python:3.11
|
||||
|
||||
ENV PYTHONUNBUFFERED 1
|
||||
|
||||
|
|
|
@ -20,6 +20,7 @@ from bookwyrm.tasks import app, MISC
|
|||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
TBookWyrmModel = TypeVar("TBookWyrmModel", bound=base_model.BookWyrmModel)
|
||||
|
||||
|
||||
|
|
|
@ -3,7 +3,9 @@ from __future__ import annotations
|
|||
from abc import ABC, abstractmethod
|
||||
from typing import Optional, TypedDict, Any, Callable, Union, Iterator
|
||||
from urllib.parse import quote_plus
|
||||
import imghdr
|
||||
|
||||
# pylint: disable-next=deprecated-module
|
||||
import imghdr # Deprecated in 3.11 for removal in 3.13; no good alternative yet
|
||||
import logging
|
||||
import re
|
||||
import asyncio
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
FROM python:3.9-bookworm
|
||||
FROM python:3.11-bookworm
|
||||
WORKDIR /app/dev-tools
|
||||
|
||||
ENV PATH="/app/dev-tools/node_modules/.bin:$PATH"
|
||||
|
|
|
@ -1,52 +1,55 @@
|
|||
aiohttp==3.9.2
|
||||
bleach==5.0.1
|
||||
celery==5.2.7
|
||||
boto3==1.26.57
|
||||
bw-file-resubmit==0.6.0rc2
|
||||
celery==5.3.1
|
||||
colorthief==0.2.1
|
||||
Django==3.2.24
|
||||
django-celery-beat==2.4.0
|
||||
bw-file-resubmit==0.6.0rc2
|
||||
django-compressor==4.3.1
|
||||
django-celery-beat==2.5.0
|
||||
django-compressor==4.4
|
||||
django-csp==3.7
|
||||
django-imagekit==4.1.0
|
||||
django-model-utils==4.3.1
|
||||
django-redis==5.2.0
|
||||
django-sass-processor==1.2.2
|
||||
django-csp==3.7
|
||||
environs==9.5.0
|
||||
flower==1.2.0
|
||||
libsass==0.22.0
|
||||
Markdown==3.4.1
|
||||
Pillow==10.0.1
|
||||
psycopg2==2.9.5
|
||||
pycryptodome==3.19.1
|
||||
python-dateutil==2.8.2
|
||||
redis==4.5.4
|
||||
requests==2.31.0
|
||||
responses==0.22.0
|
||||
pytz>=2022.7
|
||||
boto3==1.26.57
|
||||
django-storages==1.13.2
|
||||
django-storages[azure]
|
||||
django-redis==5.2.0
|
||||
environs==9.5.0
|
||||
flower==2.0.0
|
||||
grpcio==1.57.0 # Not a direct dependency, pinned to get a security fix
|
||||
libsass==0.22.0
|
||||
Markdown==3.4.1
|
||||
opentelemetry-api==1.16.0
|
||||
opentelemetry-exporter-otlp-proto-grpc==1.16.0
|
||||
opentelemetry-instrumentation-celery==0.37b0
|
||||
opentelemetry-instrumentation-django==0.37b0
|
||||
opentelemetry-instrumentation-psycopg2==0.37b0
|
||||
opentelemetry-sdk==1.16.0
|
||||
Pillow==10.0.1
|
||||
protobuf==3.20.*
|
||||
psycopg2==2.9.5
|
||||
pycryptodome==3.19.1
|
||||
pyotp==2.8.0
|
||||
python-dateutil==2.8.2
|
||||
pytz>=2022.7
|
||||
qrcode==7.3.1
|
||||
redis==4.5.4
|
||||
requests==2.31.0
|
||||
responses==0.22.0
|
||||
setuptools>=65.5.1 # Not a direct dependency, pinned to get a security fix
|
||||
tornado==6.3.3 # Not a direct dependency, pinned to get a security fix
|
||||
|
||||
# Dev
|
||||
pytest-django==4.1.0
|
||||
pytest==6.1.2
|
||||
celery-types==0.18.0
|
||||
django-stubs[compatible-mypy]==4.2.4
|
||||
mypy==1.5.1
|
||||
pylint==2.15.0
|
||||
pytest==6.2.5
|
||||
pytest-cov==2.10.1
|
||||
pytest-django==4.1.0
|
||||
pytest-env==0.6.2
|
||||
pytest-xdist==2.3.0
|
||||
pytidylib==0.3.2
|
||||
pylint==2.14.0
|
||||
mypy==1.5.1
|
||||
celery-types==0.18.0
|
||||
django-stubs[compatible-mypy]==4.2.4
|
||||
types-bleach==6.0.0.4
|
||||
types-dataclasses==0.6.6
|
||||
types-Markdown==3.4.2.10
|
||||
|
@ -54,4 +57,3 @@ types-Pillow==10.0.0.3
|
|||
types-psycopg2==2.9.21.11
|
||||
types-python-dateutil==2.8.19.14
|
||||
types-requests==2.31.0.2
|
||||
types-requests==2.31.0.2
|
||||
|
|
Loading…
Reference in a new issue