Skip to content
This repository has been archived by the owner on Mar 30, 2021. It is now read-only.

Updates pip dependencies #61

Merged
merged 2 commits into from
Oct 27, 2020
Merged

Updates pip dependencies #61

merged 2 commits into from
Oct 27, 2020

Conversation

conorsch
Copy link
Contributor

Specifically, addresses safety id 38834, affecting urllib3 <1.25.9. safety check -r requirements.txt shows "No known security vulnerabilities found".

Updates pip dependencies
4719ec7 
Specifically, addresses safety id 38834, affecting urllib3 <1.25.9.
@eloquence eloquence added this to Under Review in SecureDrop Team Board Oct 15, 2020
zenmonkeykstop
zenmonkeykstop previously requested changes Oct 17, 2020
View reviewed changes
Copy link
Contributor

@zenmonkeykstop zenmonkeykstop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pip-tools will probably have to be updated as well for subsequent runs of pip-compile to work. The version installed is 3.7.0, which is not compatible with latest pip. Pinning it to >5.0.0 would probably do the trick.

@emkll
Pin pip-tools to > 5.0.0
16c8d42 
In order for pip-compile to work, as suggested by @zenmonkeykstop
@emkll emkll moved this from Under Review to Ready for Review in SecureDrop Team Board Oct 22, 2020
@conorsch
Copy link
Contributor Author

Nice find, thanks both!

kushaldas
kushaldas approved these changes Oct 27, 2020
View reviewed changes
Copy link

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change is good. safety check passes. 🦄

@kushaldas
Copy link

I can not merge this PR (no permission). So, someone else has to do this.

@conorsch
Copy link
Contributor Author

Thanks @kushaldas, merging now, since both you and @emkll have approved. Will work on straightening out the access list separately.

@conorsch conorsch dismissed zenmonkeykstop’s stale review October 27, 2020 15:23

Addressed by others, and re-approved by others

@conorsch conorsch merged commit 0071151 into main Oct 27, 2020
SecureDrop Team Board automation moved this from Ready for Review to Done Oct 27, 2020
@emkll emkll deleted the update-pip-deps-2020-10-15 branch October 27, 2020 15:29
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kushaldas kushaldas kushaldas approved these changes

@emkll emkll emkll approved these changes

@zenmonkeykstop zenmonkeykstop Awaiting requested review from zenmonkeykstop

Assignees
No one assigned
Labels
None yet
Projects
No open projects
SecureDrop Team Board
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@conorsch @kushaldas @zenmonkeykstop @emkll