Update dependencies (#9754)

This takes care of the dependabot alerts those with access can see at https://github.com/certbot/certbot/security/dependabot. Pinning back `cython` is needed because without it, our full test suite will fail when trying to build `pyyaml` on ARM systems.
certbot · Aug 25, 2023 · 9b4b99f · 9b4b99f
1 parent 3e84b94
commit 9b4b99f
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 79 deletions.
diff --git a/tools/oldest_constraints.txt b/tools/oldest_constraints.txt
@@ -2,11 +2,11 @@
 # that script.
 apacheconfig==0.3.2 ; python_full_version < "3.8.0" and python_version >= "3.7"
 asn1crypto==0.24.0 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
-astroid==2.15.5 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
+astroid==2.15.6 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
 boto3==1.15.15 ; python_full_version < "3.8.0" and python_version >= "3.7"
 botocore==1.18.15 ; python_full_version < "3.8.0" and python_version >= "3.7"
 cachetools==5.3.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
-certifi==2023.5.7 ; python_full_version < "3.8.0" and python_version >= "3.7"
+certifi==2023.7.22 ; python_full_version < "3.8.0" and python_version >= "3.7"
 cffi==1.11.5 ; python_full_version < "3.8.0" and python_version >= "3.7"
 chardet==3.0.4 ; python_full_version < "3.8.0" and python_version >= "3.7"
 cloudflare==1.5.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
@@ -15,22 +15,22 @@ configargparse==1.5.3 ; python_full_version < "3.8.0" and python_version >= "3.7
 configobj==5.0.6 ; python_full_version < "3.8.0" and python_version >= "3.7"
 coverage==7.2.7 ; python_version >= "3.7" and python_full_version < "3.8.0"
 cryptography==3.2.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
-cython==0.29.35 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
-dill==0.3.6 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
-distlib==0.3.6 ; python_version >= "3.7" and python_full_version < "3.8.0"
+cython==0.29.36 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
+dill==0.3.7 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
+distlib==0.3.7 ; python_version >= "3.7" and python_full_version < "3.8.0"
 distro==1.0.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
 dns-lexicon==3.2.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
 dnspython==1.15.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
-exceptiongroup==1.1.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
-execnet==1.9.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
-filelock==3.12.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
+exceptiongroup==1.1.3 ; python_version >= "3.7" and python_full_version < "3.8.0"
+execnet==2.0.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
+filelock==3.12.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
 funcsigs==0.4 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
 future==0.18.3 ; python_full_version < "3.8.0" and python_version >= "3.7"
 google-api-python-client==1.6.5 ; python_full_version < "3.8.0" and python_version >= "3.7"
 google-auth==2.16.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 httplib2==0.9.2 ; python_full_version < "3.8.0" and python_version >= "3.7"
 idna==2.6 ; python_full_version < "3.8.0" and python_version >= "3.7"
-importlib-metadata==6.6.0 ; python_version >= "3.7" and python_version < "3.8"
+importlib-metadata==6.7.0 ; python_version >= "3.7" and python_version < "3.8"
 iniconfig==2.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
 ipaddress==1.0.16 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
 isort==5.11.5 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
@@ -40,33 +40,33 @@ lazy-object-proxy==1.9.0 ; python_full_version >= "3.7.2" and python_full_versio
 logger==1.4 ; python_full_version < "3.8.0" and python_version >= "3.7"
 mccabe==0.7.0 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
 mypy-extensions==1.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
-mypy==1.3.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
+mypy==1.4.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
 ndg-httpsclient==0.3.2 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
 oauth2client==4.1.3 ; python_full_version < "3.8.0" and python_version >= "3.7"
 packaging==23.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
 parsedatetime==2.4 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pbr==1.8.0 ; python_full_version >= "3.7.0" and python_full_version < "3.8.0"
-pip==23.1.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
-platformdirs==3.5.3 ; python_full_version < "3.8.0" and python_version >= "3.7"
-pluggy==1.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
+pip==23.2.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
+platformdirs==3.10.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
+pluggy==1.2.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
 ply==3.4 ; python_full_version < "3.8.0" and python_version >= "3.7"
 py==1.11.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
 pyasn1-modules==0.3.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pyasn1==0.4.8 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pycparser==2.14 ; python_full_version < "3.8.0" and python_version >= "3.7"
-pylint==2.17.4 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
+pylint==2.17.5 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
 pyopenssl==17.5.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pyparsing==2.2.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pyrfc3339==1.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pytest-cov==4.1.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
 pytest-xdist==3.3.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
-pytest==7.3.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
+pytest==7.4.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
 python-augeas==0.5.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 python-dateutil==2.8.2 ; python_full_version < "3.8.0" and python_version >= "3.7"
 python-digitalocean==1.11 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pytz==2019.3 ; python_full_version < "3.8.0" and python_version >= "3.7"
 pywin32==306 ; python_version >= "3.7" and python_full_version < "3.8.0" and sys_platform == "win32"
-pyyaml==6.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
+pyyaml==6.0.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
 requests-file==1.5.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
 requests==2.20.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 rsa==4.9 ; python_full_version < "3.8.0" and python_version >= "3.7"
@@ -75,24 +75,24 @@ setuptools==41.6.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 six==1.11.0 ; python_full_version < "3.8.0" and python_version >= "3.7"
 tldextract==3.4.4 ; python_version >= "3.7" and python_full_version < "3.8.0"
 tomli==2.0.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
-tomlkit==0.11.8 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
+tomlkit==0.12.1 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
 tox==1.9.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
-typed-ast==1.5.4 ; python_version < "3.8" and python_version >= "3.7"
+typed-ast==1.5.5 ; python_version < "3.8" and python_version >= "3.7"
 types-cryptography==3.3.23.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-httplib2==0.22.0.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-httplib2==0.22.0.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
 types-pyopenssl==23.0.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-pyrfc3339==1.1.1.4 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-python-dateutil==2.8.19.13 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-pytz==2023.3.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-pywin32==306.0.0.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-requests==2.31.0.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-setuptools==67.8.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-six==1.16.21.8 ; python_version >= "3.7" and python_full_version < "3.8.0"
-types-urllib3==1.26.25.13 ; python_version >= "3.7" and python_full_version < "3.8.0"
-typing-extensions==4.6.3 ; python_version < "3.8" and python_version >= "3.7"
+types-pyrfc3339==1.1.1.5 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-python-dateutil==2.8.19.14 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-pytz==2023.3.0.1 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-pywin32==306.0.0.4 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-requests==2.31.0.2 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-setuptools==68.1.0.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-six==1.16.21.9 ; python_version >= "3.7" and python_full_version < "3.8.0"
+types-urllib3==1.26.25.14 ; python_version >= "3.7" and python_full_version < "3.8.0"
+typing-extensions==4.7.1 ; python_version < "3.8" and python_version >= "3.7"
 uritemplate==3.0.1 ; python_full_version < "3.8.0" and python_version >= "3.7"
 urllib3==1.24.2 ; python_full_version < "3.8.0" and python_version >= "3.7"
-virtualenv==20.23.0 ; python_version >= "3.7" and python_full_version < "3.8.0"
+virtualenv==20.24.3 ; python_version >= "3.7" and python_full_version < "3.8.0"
 wheel==0.33.6 ; python_full_version < "3.8.0" and python_version >= "3.7"
 wrapt==1.15.0 ; python_full_version >= "3.7.2" and python_full_version < "3.8.0"
 zipp==3.15.0 ; python_version >= "3.7" and python_version < "3.8"
diff --git a/tools/pinning/current/pyproject.toml b/tools/pinning/current/pyproject.toml
@@ -41,7 +41,11 @@ windows-installer = {path = "../../../windows-installer"}
 # https://discuss.python.org/t/how-to-pin-build-dependencies/8238), we list it
 # as a dependency here to ensure a version of cython is pinned for extra
 # stability.
-cython = "*"
+#
+# We also pin back cython as is currently required by pyyaml. See
+# https://github.com/yaml/pyyaml/pull/702 and
+# https://github.com/yaml/pyyaml/issues/601.
+cython = "<3.0"
 # setuptools-rust is a build dependency of cryptography, and since we don't have
 # a great way of pinning build dependencies, we simply list it here to ensure a
 # working version. Note: if build dependencies of setuptools-rust break at some

diff --git a/tools/pinning/oldest/pyproject.toml b/tools/pinning/oldest/pyproject.toml
@@ -87,7 +87,11 @@ urllib3 = "1.24.2"
 # build dependencies here to ensure they're pinned for extra stability.
 
 # cython is a build dependency of pyyaml
-cython = "*"
+#
+# We also pin back cython as is currently required by pyyaml. See
+# https://github.com/yaml/pyyaml/pull/702 and
+# https://github.com/yaml/pyyaml/issues/601.
+cython = "<3.0"
 
 # Other dependencies
 # We add any dependencies that must be specified in this file for any another