Security patches (#48)

.github/workflows/dependabot-requirements.yaml

@@ -0,0 +1,36 @@
+name: "Dependabot Requirements"
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  generate:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    permissions:
+      contents: write
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.11"
+      - name: Install poetry
+        run: |
+          pip install --upgrade pip
+          pip install poetry
+      - run: git fetch && git checkout ${GITHUB_HEAD_REF}
+      - name: Generate requirements
+        run: |
+          poetry export -f requirements.txt --output requirements.txt --without-hashes --without dev,testing
+      - name: Commit requirements.txt
+        continue-on-error: true
+        run: |
+          git config user.name 'GitHub Actions'
+          git config user.email [email protected]
+          git add .
+          git commit -m "Automated update of requirements.txt"
+          git push
+      - run: echo "Making a successful exit code so we don't block the merge"

pii-secret-exclude.txt

@@ -1,4 +1,5 @@
 .github/workflows/test.yml
+.github/workflows/dependabot-requirements.yaml
 .circleci/config.yml
 .pre-commit-config.yaml
 docker/Dockerfile.dev
@@ -9,3 +10,5 @@ makefile
 pyproject.toml
 requirements.txt
 runtime.txt
+poetry.lock
+pyproject.toml

pyproject.toml

@@ -8,10 +8,10 @@ readme = "README.md"
 
 [tool.poetry.dependencies]
 python = "^3.11"
-flask = "^2.2.2"
-redis = "^4.4.2"
-requests = "^2.28.2"
-urllib3 = "^1.26.14"
+flask = "^2.2.5"
+redis = "^4.4.4"
+requests = "^2.31.0"
+urllib3 = "^1.26.18"
 boto3 = "^1.26.60"
 gevent = "^23.9.1"
 

requirements.txt

@@ -1,27 +1,28 @@
-async-timeout==4.0.2 ; python_version >= "3.11" and python_version < "4.0"
-boto3==1.26.60 ; python_version >= "3.11" and python_version < "4.0"
-botocore==1.29.60 ; python_version >= "3.11" and python_version < "4.0"
-certifi==2022.12.7 ; python_version >= "3.11" and python_version < "4"
-cffi==1.15.1 ; platform_python_implementation == "CPython" and sys_platform == "win32" and python_version >= "3.11" and python_version < "4.0"
-charset-normalizer==3.0.1 ; python_version >= "3.11" and python_version < "4"
-click==8.1.3 ; python_version >= "3.11" and python_version < "4.0"
+async-timeout==4.0.3 ; python_version >= "3.11" and python_full_version <= "3.11.2"
+blinker==1.6.3 ; python_version >= "3.11" and python_version < "4.0"
+boto3==1.28.71 ; python_version >= "3.11" and python_version < "4.0"
+botocore==1.31.71 ; python_version >= "3.11" and python_version < "4.0"
+certifi==2023.7.22 ; python_version >= "3.11" and python_version < "4.0"
+cffi==1.16.0 ; platform_python_implementation == "CPython" and sys_platform == "win32" and python_version >= "3.11" and python_version < "4.0"
+charset-normalizer==3.3.1 ; python_version >= "3.11" and python_version < "4.0"
+click==8.1.7 ; python_version >= "3.11" and python_version < "4.0"
 colorama==0.4.6 ; python_version >= "3.11" and python_version < "4.0" and platform_system == "Windows"
-flask==2.2.2 ; python_version >= "3.11" and python_version < "4.0"
-gevent==22.10.2 ; python_version >= "3.11" and python_version < "4.0"
-greenlet==2.0.2 ; python_version >= "3.11" and python_version < "4.0" and platform_python_implementation == "CPython"
-idna==3.4 ; python_version >= "3.11" and python_version < "4"
+flask==2.3.3 ; python_version >= "3.11" and python_version < "4.0"
+gevent==23.9.1 ; python_version >= "3.11" and python_version < "4.0"
+greenlet==3.0.1 ; platform_python_implementation == "CPython" and python_version >= "3.11" and python_version < "4.0"
+idna==3.4 ; python_version >= "3.11" and python_version < "4.0"
 itsdangerous==2.1.2 ; python_version >= "3.11" and python_version < "4.0"
 jinja2==3.1.2 ; python_version >= "3.11" and python_version < "4.0"
 jmespath==1.0.1 ; python_version >= "3.11" and python_version < "4.0"
-markupsafe==2.1.2 ; python_version >= "3.11" and python_version < "4.0"
-pycparser==2.21 ; platform_python_implementation == "CPython" and sys_platform == "win32" and python_version >= "3.11" and python_version < "4.0"
+markupsafe==2.1.3 ; python_version >= "3.11" and python_version < "4.0"
+pycparser==2.21 ; python_version >= "3.11" and platform_python_implementation == "CPython" and sys_platform == "win32" and python_version < "4.0"
 python-dateutil==2.8.2 ; python_version >= "3.11" and python_version < "4.0"
-redis==4.4.2 ; python_version >= "3.11" and python_version < "4.0"
-requests==2.28.2 ; python_version >= "3.11" and python_version < "4"
-s3transfer==0.6.0 ; python_version >= "3.11" and python_version < "4.0"
-setuptools==67.0.0 ; python_version >= "3.11" and python_version < "4.0"
+redis==4.6.0 ; python_version >= "3.11" and python_version < "4.0"
+requests==2.31.0 ; python_version >= "3.11" and python_version < "4.0"
+s3transfer==0.7.0 ; python_version >= "3.11" and python_version < "4.0"
+setuptools==68.2.2 ; python_version >= "3.11" and python_version < "4.0"
 six==1.16.0 ; python_version >= "3.11" and python_version < "4.0"
-urllib3==1.26.14 ; python_version >= "3.11" and python_version < "4.0"
-werkzeug==2.2.2 ; python_version >= "3.11" and python_version < "4.0"
-zope-event==4.6 ; python_version >= "3.11" and python_version < "4.0"
-zope-interface==5.5.2 ; python_version >= "3.11" and python_version < "4.0"
+urllib3==1.26.18 ; python_version >= "3.11" and python_version < "4.0"
+werkzeug==3.0.1 ; python_version >= "3.11" and python_version < "4.0"
+zope-event==5.0 ; python_version >= "3.11" and python_version < "4.0"
+zope-interface==6.1 ; python_version >= "3.11" and python_version < "4.0"