fix: bump pyarrow constraints (CVE-2023-47248) (apache#26187)

(cherry picked from commit 2ac2892)
Ortege-xyz · Jan 22, 2024 · 00f1ab9 · 00f1ab9
1 parent 7c037a1
commit 00f1ab9
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/requirements/base.txt b/requirements/base.txt
@@ -253,7 +253,7 @@ prison==0.2.1
     # via flask-appbuilder
 prompt-toolkit==3.0.38
     # via click-repl
-pyarrow==12.0.0
+pyarrow==14.0.1
     # via apache-superset
 pycparser==2.20
     # via cffi
@@ -372,6 +372,7 @@ werkzeug==2.3.3
     # via
     #   apache-superset
     #   flask
+    #   flask-appbuilder
     #   flask-jwt-extended
     #   flask-login
 wrapt==1.15.0

diff --git a/setup.py b/setup.py
@@ -114,7 +114,7 @@ def get_git_sha() -> str:
         "python-dateutil",
         "python-dotenv",
         "python-geohash",
-        "pyarrow>=12.0.0, <13",
+        "pyarrow>=14.0.1, <15",
         "pyyaml>=6.0.0, <7.0.0",
         "PyJWT>=2.4.0, <3.0",
         "redis>=4.5.4, <5.0",