Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chore/security updates #184

Open
wants to merge 11 commits into
base: d3bootstrap
Choose a base branch
from
Open

Chore/security updates #184

wants to merge 11 commits into from

Conversation

tla
Copy link
Owner

@tla tla commented Nov 3, 2023

Making some dependabot droppings go away

dependabot bot and others added 11 commits May 2, 2023 22:29
@dependabot
chore(deps): bump flask from 2.2.2 to 2.2.5 in /middleware
da2be90 
Bumps [flask](https://github.com/pallets/flask) from 2.2.2 to 2.2.5.
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@2.2.2...2.2.5)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump requests from 2.28.1 to 2.31.0 in /middleware
a4584a3 
Bumps [requests](https://github.com/psf/requests) from 2.28.1 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.28.1...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump cryptography from 39.0.1 to 41.0.2 in /middleware
96feed7 
Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.1 to 41.0.2.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@39.0.1...41.0.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore(deps): bump certifi from 2022.12.7 to 2023.7.22 in /middleware
27f6b12 
Bumps [certifi](https://github.com/certifi/python-certifi) from 2022.12.7 to 2023.7.22.
- [Commits](certifi/python-certifi@2022.12.07...2023.07.22)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@tla
Merge branch 'dependabot/pip/middleware/flask-2.2.5' into chore/secur…
853d9b1 
…ity-updates
@tla
Merge branch 'dependabot/pip/middleware/requests-2.31.0' into chore/s…
d1be8ec 
…ecurity-updates
@tla
Merge branch 'dependabot/pip/middleware/cryptography-41.0.2' into cho…
884520e 
…re/security-updates
@tla
Merge branch 'dependabot/pip/middleware/certifi-2023.7.22' into chore…
4062e65 
…/security-updates
@tla
regenerate poetry.lock after all that
959f1a6
@tla
update all the python dependencies
b455240
@tla
update README to reflect skew with production version
96d5960
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@tla