From 13f7ee3243fe23dab1174710d9d8b9c00e6f31d7 Mon Sep 17 00:00:00 2001 From: Max Sokolski Date: Tue, 7 May 2024 18:19:04 +0300 Subject: [PATCH 1/6] fix: catalog only repos are missing in a release list --- edx_repo_tools/release/tag_release.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/edx_repo_tools/release/tag_release.py b/edx_repo_tools/release/tag_release.py index 53f6fb58..098db4d6 100644 --- a/edx_repo_tools/release/tag_release.py +++ b/edx_repo_tools/release/tag_release.py @@ -68,6 +68,10 @@ def filter_repos(openedx_repo, catalog_repo): else: result_dict[repo_key] = openedx_data + for repo_key, catalog_data in catalog_repo.items(): + if repo_key not in result_dict: + result_dict[repo_key] = catalog_data + return result_dict From e03c8204961a259a8f725986e21df80b78d5aa34 Mon Sep 17 00:00:00 2001 From: farhan Date: Tue, 14 May 2024 17:37:01 +0500 Subject: [PATCH 2/6] feat: Adds check 'Users should not have direct repo access' --- edx_repo_tools/repo_checks/repo_checks.py | 58 +++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/edx_repo_tools/repo_checks/repo_checks.py b/edx_repo_tools/repo_checks/repo_checks.py index a9d73303..0f076fb7 100644 --- a/edx_repo_tools/repo_checks/repo_checks.py +++ b/edx_repo_tools/repo_checks/repo_checks.py @@ -1038,6 +1038,63 @@ def _get_update_params_from_get_branch_protection(self): return params +class EnsureNoDirectRepoAccessToUsers(Check): + """ + Users should not have direct repo access + """ + + def __init__(self, api: GhApi, org: str, repo: str): + super().__init__(api, org, repo) + self.users_list = [] + + def is_relevant(self) -> bool: + """ + All non security fork repos, public or private. + """ + return not is_security_private_fork(self.api, self.org_name, self.repo_name) + + def check(self) -> tuple[bool, str]: + """ + Verify whether or not the check is failing. + + This should not change anything and should not have a side-effect + other than populating `self` with any data that is needed later for + `fix` or `dry_run`. + + The string in the return tuple should be a human readable reason + that the check failed. + """ + self.users_list = list(all_paged_items( + self.api.repos.list_collaborators, owner=self.org_name, repo=self.repo_name, affiliation='direct' + )) + users = [f"{user.login}: {user.role_name}" for user in self.users_list] + if users: + return ( + False, + f"Some users have direct repo access:\n\t\t" + + "\n\t\t".join(users), + ) + return (True, "No user has direct repo access.") + + def dry_run(self): + return self.fix(dry_run=True) + + def fix(self, dry_run=False): + steps = [] + for user in self.users_list: + if not dry_run: + self.api.repos.remove_collaborator( + owner=self.org_name, + repo=self.repo_name, + username=user.login, + ) + steps.append( + f"Removed direct access to the repository for user {user.login}" + ) + + return steps + + CHECKS = [ RequiredCLACheck, RequireTriageTeamAccess, @@ -1045,6 +1102,7 @@ def _get_update_params_from_get_branch_protection(self): EnsureWorkflowTemplates, EnsureNoAdminOrMaintainTeams, EnsureRepoSettings, + EnsureNoDirectRepoAccessToUsers, ] CHECKS_BY_NAME = {check_cls.__name__: check_cls for check_cls in CHECKS} CHECKS_BY_NAME_LOWER = {check_cls.__name__.lower(): check_cls for check_cls in CHECKS} From 3ca0da47586d589a42ece146a9c4c19662daec3b Mon Sep 17 00:00:00 2001 From: Kyle McCormick Date: Wed, 15 May 2024 09:43:35 -0400 Subject: [PATCH 3/6] feat: add labels: release blocker, needs reviewer assigned (#516) also: this chills out the shade of the "release testing" label a bit so that the "release blocker" label can really pop https://github.com/openedx/axim-engineering/issues/1129 https://github.com/openedx/axim-engineering/issues/1130 --- edx_repo_tools/repo_checks/labels.yaml | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/edx_repo_tools/repo_checks/labels.yaml b/edx_repo_tools/repo_checks/labels.yaml index 3d8d71a5..53a0bf6e 100644 --- a/edx_repo_tools/repo_checks/labels.yaml +++ b/edx_repo_tools/repo_checks/labels.yaml @@ -16,8 +16,15 @@ # Describe your color with a comment so it's easier to review. -### LABELS USED FOR MANAGING A TEMPORARY STATE OR -### PROBLEM ACROSS REPOSITORIES +### LABELS USED FOR TRACKING PROJECT-WIDE CONCERNS + +- name: "release testing" + color: "aa66aa" # magenta? + description: "Affects the upcoming release (attention needed)" + +- name: "release blocker" + color: "bb33bb" # MAGENTA! + description: "Blocks the upcoming release (fix needed)" - name: "business-specific" color: "d93f0b" # scarlet red... @@ -34,10 +41,6 @@ color: "54976d" # fenway green description: "Ready to be picked up by anyone in the community" -- name: "release testing" - color: "ff00ff" # magenta - description: "Affects the upcoming release (attention needed)" - ### LABELS INDICATING BROAD THEMES OF WORK. ### MORE THAN ONE OF THESE MAY APPLY AT A TIME. @@ -160,6 +163,13 @@ color: "f5424b" # crimson red description: "Author's first PR to this repository, awaiting test authorization from Axim" +# This helps with PR triage and providing better visibility to CCs for PRs that don't have reviewers, +# or PRs that have reviewers assigned that the project managers can't remove +# (e.g. reviewers who have since abandoned the PR or that are no longer responsible for that repo). +- name: "needs reviewer assigned" + color: "e3735e" # terra cotta + description: "PR needs to be (re-)assigned a new reviewer" + # Automatically added by bot to PRs coming from community contributors # other than (a) Axim itself or (b) those under 2U's entity CLA. - name: "open-source-contribution" From aa3ca3dc711580e1b307076cae879b1ab5cf9b62 Mon Sep 17 00:00:00 2001 From: edX requirements bot Date: Thu, 16 May 2024 00:01:17 -0400 Subject: [PATCH 4/6] chore: Updating Python Requirements --- edx_repo_tools/audit_gh_users/extra.txt | 6 +- edx_repo_tools/conventional_commits/extra.txt | 20 +++--- edx_repo_tools/find_dependencies/extra.txt | 6 +- edx_repo_tools/repo_access_scraper/extra.txt | 6 +- edx_repo_tools/repo_checks/extra.txt | 8 +-- requirements/base.txt | 34 +++++----- requirements/common_constraints.txt | 9 +++ requirements/development.txt | 67 ++++++++++--------- requirements/pip-tools.txt | 17 ++--- requirements/pip.txt | 4 +- 10 files changed, 97 insertions(+), 80 deletions(-) diff --git a/edx_repo_tools/audit_gh_users/extra.txt b/edx_repo_tools/audit_gh_users/extra.txt index 21f300c7..6c2943da 100644 --- a/edx_repo_tools/audit_gh_users/extra.txt +++ b/edx_repo_tools/audit_gh_users/extra.txt @@ -6,11 +6,11 @@ # click==8.1.7 # via -r edx_repo_tools/audit_gh_users/extra.in -fastcore==1.5.29 +fastcore==1.5.35 # via ghapi -ghapi==1.0.4 +ghapi==1.0.5 # via -r edx_repo_tools/audit_gh_users/extra.in -packaging==23.2 +packaging==24.0 # via # fastcore # ghapi diff --git a/edx_repo_tools/conventional_commits/extra.txt b/edx_repo_tools/conventional_commits/extra.txt index 72df52fb..41dd8964 100644 --- a/edx_repo_tools/conventional_commits/extra.txt +++ b/edx_repo_tools/conventional_commits/extra.txt @@ -14,21 +14,23 @@ cycler==0.12.1 # via matplotlib dataset==1.6.2 # via -r edx_repo_tools/conventional_commits/extra.in -fonttools==4.49.0 +fonttools==4.51.0 # via matplotlib greenlet==3.0.3 # via # -c edx_repo_tools/conventional_commits/../../requirements/constraints.txt # sqlalchemy -importlib-metadata==7.0.1 - # via alembic -importlib-resources==6.1.2 +importlib-metadata==6.11.0 + # via + # -c edx_repo_tools/conventional_commits/../../requirements/common_constraints.txt + # alembic +importlib-resources==6.4.0 # via # alembic # matplotlib kiwisolver==1.4.5 # via matplotlib -mako==1.3.2 +mako==1.3.5 # via alembic markupsafe==2.1.5 # via mako @@ -39,11 +41,11 @@ numpy==1.24.4 # contourpy # matplotlib # pandas -packaging==23.2 +packaging==24.0 # via matplotlib pandas==2.0.3 # via -r edx_repo_tools/conventional_commits/extra.in -pillow==10.2.0 +pillow==10.3.0 # via matplotlib pyparsing==3.1.2 # via matplotlib @@ -59,11 +61,11 @@ sqlalchemy==1.4.52 # via # alembic # dataset -typing-extensions==4.10.0 +typing-extensions==4.11.0 # via alembic tzdata==2024.1 # via pandas -zipp==3.17.0 +zipp==3.18.1 # via # importlib-metadata # importlib-resources diff --git a/edx_repo_tools/find_dependencies/extra.txt b/edx_repo_tools/find_dependencies/extra.txt index aeca49d7..1830c3f4 100644 --- a/edx_repo_tools/find_dependencies/extra.txt +++ b/edx_repo_tools/find_dependencies/extra.txt @@ -8,19 +8,19 @@ certifi==2024.2.2 # via requests charset-normalizer==3.3.2 # via requests -idna==3.6 +idna==3.7 # via requests markdown-it-py==3.0.0 # via rich mdurl==0.1.2 # via markdown-it-py -pygments==2.17.2 +pygments==2.18.0 # via rich requests==2.31.0 # via -r edx_repo_tools/find_dependencies/extra.in rich==13.7.1 # via -r edx_repo_tools/find_dependencies/extra.in -typing-extensions==4.10.0 +typing-extensions==4.11.0 # via rich urllib3==2.2.1 # via requests diff --git a/edx_repo_tools/repo_access_scraper/extra.txt b/edx_repo_tools/repo_access_scraper/extra.txt index 94863834..30917bfe 100644 --- a/edx_repo_tools/repo_access_scraper/extra.txt +++ b/edx_repo_tools/repo_access_scraper/extra.txt @@ -8,9 +8,9 @@ greenlet==3.0.3 # via # -c edx_repo_tools/repo_access_scraper/../../requirements/constraints.txt # playwright -playwright==1.42.0 +playwright==1.43.0 # via -r edx_repo_tools/repo_access_scraper/extra.in -pyee==11.0.1 +pyee==11.1.0 # via playwright -typing-extensions==4.10.0 +typing-extensions==4.11.0 # via pyee diff --git a/edx_repo_tools/repo_checks/extra.txt b/edx_repo_tools/repo_checks/extra.txt index ba50ab66..9c559716 100644 --- a/edx_repo_tools/repo_checks/extra.txt +++ b/edx_repo_tools/repo_checks/extra.txt @@ -12,13 +12,13 @@ charset-normalizer==3.3.2 # via requests click==8.1.7 # via -r edx_repo_tools/repo_checks/extra.in -fastcore==1.5.29 +fastcore==1.5.35 # via ghapi -ghapi==1.0.4 +ghapi==1.0.5 # via -r edx_repo_tools/repo_checks/extra.in -idna==3.6 +idna==3.7 # via requests -packaging==23.2 +packaging==24.0 # via # fastcore # ghapi diff --git a/requirements/base.txt b/requirements/base.txt index 2d9165b3..69523ff5 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -33,29 +33,29 @@ click==8.1.7 # moreorless colorama==0.4.6 # via tox -cryptography==42.0.5 +cryptography==42.0.7 # via pyjwt distlib==0.3.8 # via virtualenv docutils==0.20.1 # via statistics -exceptiongroup==1.2.0 +exceptiongroup==1.2.1 # via pytest -execnet==2.0.2 +execnet==2.1.1 # via pytest-xdist -filelock==3.13.1 +filelock==3.14.0 # via # tox # virtualenv -fissix==21.11.13 +fissix==24.4.24 # via bowler gitdb==4.0.11 # via gitpython github3-py==4.0.1 # via -r requirements/base.in -gitpython==3.1.42 +gitpython==3.1.43 # via -r requirements/base.in -idna==3.6 +idna==3.7 # via requests iniconfig==2.0.0 # via pytest @@ -69,37 +69,37 @@ moreorless==0.4.0 # via bowler msgpack==1.0.8 # via cachecontrol -packaging==23.2 +packaging==24.0 # via # pyproject-api # pytest # tox -path==16.10.0 +path==16.14.0 # via path-py path-py==12.5.0 # via -r requirements/base.in -platformdirs==4.2.0 +platformdirs==4.2.2 # via # tox # virtualenv -pluggy==1.4.0 +pluggy==1.5.0 # via # pytest # tox -pycparser==2.21 +pycparser==2.22 # via cffi pyjwt[crypto]==2.8.0 # via github3-py pyproject-api==1.6.1 # via tox -pytest==8.0.2 +pytest==8.2.0 # via # -r requirements/base.in # pytest-logging # pytest-xdist pytest-logging==2015.11.4 # via -r requirements/base.in -pytest-xdist==3.5.0 +pytest-xdist==3.6.1 # via -r requirements/base.in python-dateutil==2.9.0.post0 # via @@ -129,9 +129,9 @@ tomli==2.0.1 # pyproject-api # pytest # tox -tox==4.14.1 +tox==4.15.0 # via -r requirements/base.in -tqdm==4.66.2 +tqdm==4.66.4 # via -r requirements/base.in uritemplate==4.1.1 # via @@ -141,7 +141,7 @@ urllib3==2.2.1 # via requests urlobject==2.4.3 # via -r requirements/base.in -virtualenv==20.25.1 +virtualenv==20.26.2 # via tox volatile==2.1.0 # via bowler diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt index 96cc5dbd..e3bf8eae 100644 --- a/requirements/common_constraints.txt +++ b/requirements/common_constraints.txt @@ -21,3 +21,12 @@ elasticsearch<7.14.0 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected django-simple-history==3.0.0 + +# opentelemetry requires version 6.x at the moment: +# https://github.com/open-telemetry/opentelemetry-python/issues/3570 +# Normally this could be added as a constraint in edx-django-utils, where we're +# adding the opentelemetry dependency. However, when we compile pip-tools.txt, +# that uses version 7.x, and then there's no undoing that when compiling base.txt. +# So we need to pin it globally, for now. +# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407 +importlib-metadata<7 diff --git a/requirements/development.txt b/requirements/development.txt index 46fdcc12..673fae0c 100644 --- a/requirements/development.txt +++ b/requirements/development.txt @@ -8,7 +8,7 @@ appdirs==1.4.4 # via # -r requirements/base.txt # fissix -astroid==3.1.0 +astroid==3.2.0 # via # pylint # pylint-celery @@ -20,7 +20,7 @@ backports-csv==1.0.7 # via -r requirements/base.txt bowler==0.9.0 # via -r requirements/base.txt -build==1.1.1 +build==1.2.1 # via pip-tools cachecontrol==0.14.0 # via -r requirements/base.txt @@ -55,13 +55,13 @@ click==8.1.7 # pip-tools click-log==0.4.0 # via edx-lint -code-annotations==1.6.0 +code-annotations==1.8.0 # via edx-lint colorama==0.4.6 # via # -r requirements/base.txt # tox -cryptography==42.0.5 +cryptography==42.0.7 # via # -r requirements/base.txt # pyjwt @@ -77,20 +77,20 @@ docutils==0.20.1 # statistics edx-lint==5.3.6 # via -r requirements/development.in -exceptiongroup==1.2.0 +exceptiongroup==1.2.1 # via # -r requirements/base.txt # pytest -execnet==2.0.2 +execnet==2.1.1 # via # -r requirements/base.txt # pytest-xdist -filelock==3.13.1 +filelock==3.14.0 # via # -r requirements/base.txt # tox # virtualenv -fissix==21.11.13 +fissix==24.4.24 # via # -r requirements/base.txt # bowler @@ -100,21 +100,23 @@ gitdb==4.0.11 # gitpython github3-py==4.0.1 # via -r requirements/base.txt -gitpython==3.1.42 +gitpython==3.1.43 # via -r requirements/base.txt -idna==3.6 +idna==3.7 # via # -r requirements/base.txt # requests -importlib-metadata==7.0.1 - # via build +importlib-metadata==6.11.0 + # via + # -c requirements/common_constraints.txt + # build iniconfig==2.0.0 # via # -r requirements/base.txt # pytest isort==5.13.2 # via pylint -jinja2==3.1.3 +jinja2==3.1.4 # via code-annotations lazy==1.6 # via -r requirements/base.txt @@ -134,14 +136,14 @@ msgpack==1.0.8 # via # -r requirements/base.txt # cachecontrol -packaging==23.2 +packaging==24.0 # via # -r requirements/base.txt # build # pyproject-api # pytest # tox -path==16.10.0 +path==16.14.0 # via # -r requirements/base.txt # path-py @@ -151,18 +153,18 @@ pbr==6.0.0 # via stevedore pip-tools==7.4.1 # via -r requirements/development.in -platformdirs==4.2.0 +platformdirs==4.2.2 # via # -r requirements/base.txt # pylint # tox # virtualenv -pluggy==1.4.0 +pluggy==1.5.0 # via # -r requirements/base.txt # pytest # tox -pycparser==2.21 +pycparser==2.22 # via # -r requirements/base.txt # cffi @@ -170,7 +172,7 @@ pyjwt[crypto]==2.8.0 # via # -r requirements/base.txt # github3-py -pylint==3.1.0 +pylint==3.2.0 # via # edx-lint # pylint-celery @@ -188,11 +190,11 @@ pyproject-api==1.6.1 # via # -r requirements/base.txt # tox -pyproject-hooks==1.0.0 +pyproject-hooks==1.1.0 # via # build # pip-tools -pytest==8.0.2 +pytest==8.2.0 # via # -r requirements/base.txt # -r requirements/development.in @@ -201,9 +203,9 @@ pytest==8.0.2 # pytest-xdist pytest-logging==2015.11.4 # via -r requirements/base.txt -pytest-mock==3.12.0 +pytest-mock==3.14.0 # via -r requirements/development.in -pytest-xdist==3.5.0 +pytest-xdist==3.6.1 # via -r requirements/base.txt python-dateutil==2.9.0.post0 # via @@ -254,16 +256,15 @@ tomli==2.0.1 # pip-tools # pylint # pyproject-api - # pyproject-hooks # pytest # tox -tomlkit==0.12.4 +tomlkit==0.12.5 # via pylint -tox==4.14.1 +tox==4.15.0 # via -r requirements/base.txt -tqdm==4.66.2 +tqdm==4.66.4 # via -r requirements/base.txt -typing-extensions==4.10.0 +typing-extensions==4.11.0 # via # astroid # pylint @@ -278,7 +279,7 @@ urllib3==2.2.1 # responses urlobject==2.4.3 # via -r requirements/base.txt -virtualenv==20.25.1 +virtualenv==20.26.2 # via # -r requirements/base.txt # tox @@ -286,7 +287,11 @@ volatile==2.1.0 # via # -r requirements/base.txt # bowler -wheel==0.42.0 +wheel==0.43.0 # via pip-tools -zipp==3.17.0 +zipp==3.18.1 # via importlib-metadata + +# The following packages are considered to be unsafe in a requirements file: +# pip +# setuptools diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt index 921c5b5c..1b67baa1 100644 --- a/requirements/pip-tools.txt +++ b/requirements/pip-tools.txt @@ -4,17 +4,19 @@ # # make upgrade # -build==1.1.1 +build==1.2.1 # via pip-tools click==8.1.7 # via pip-tools -importlib-metadata==7.0.1 - # via build -packaging==23.2 +importlib-metadata==6.11.0 + # via + # -c requirements/common_constraints.txt + # build +packaging==24.0 # via build pip-tools==7.4.1 # via -r requirements/pip-tools.in -pyproject-hooks==1.0.0 +pyproject-hooks==1.1.0 # via # build # pip-tools @@ -22,10 +24,9 @@ tomli==2.0.1 # via # build # pip-tools - # pyproject-hooks -wheel==0.42.0 +wheel==0.43.0 # via pip-tools -zipp==3.17.0 +zipp==3.18.1 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/pip.txt b/requirements/pip.txt index 66656035..e3ffcc7b 100644 --- a/requirements/pip.txt +++ b/requirements/pip.txt @@ -4,11 +4,11 @@ # # make upgrade # -wheel==0.42.0 +wheel==0.43.0 # via -r requirements/pip.in # The following packages are considered to be unsafe in a requirements file: pip==24.0 # via -r requirements/pip.in -setuptools==69.1.1 +setuptools==69.5.1 # via -r requirements/pip.in From 6b8319f4326d20663bc0b411ff436202a0159af6 Mon Sep 17 00:00:00 2001 From: salman2013 Date: Thu, 16 May 2024 15:44:09 +0500 Subject: [PATCH 5/6] chore: fix tests cases, upgrade extra-py312.txt file --- .../conventional_commits/extra-py312.txt | 22 ++++++++----------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/edx_repo_tools/conventional_commits/extra-py312.txt b/edx_repo_tools/conventional_commits/extra-py312.txt index 4b291735..838ad1a9 100644 --- a/edx_repo_tools/conventional_commits/extra-py312.txt +++ b/edx_repo_tools/conventional_commits/extra-py312.txt @@ -2,42 +2,38 @@ # This file is autogenerated by pip-compile with Python 3.12 # by the following command: # -# make upgrade +# pip-compile --output-file=edx_repo_tools/conventional_commits/extra-py312.txt edx_repo_tools/conventional_commits/extra-py312.in # alembic==1.13.1 # via dataset banal==1.0.6 # via dataset -contourpy==1.2.0 +contourpy==1.2.1 # via matplotlib cycler==0.12.1 # via matplotlib dataset==1.6.2 # via -r edx_repo_tools/conventional_commits/extra-py312.in -fonttools==4.49.0 +fonttools==4.51.0 # via matplotlib -greenlet==3.0.3 - # via - # -c edx_repo_tools/conventional_commits/../../requirements/constraints.txt - # sqlalchemy kiwisolver==1.4.5 # via matplotlib -mako==1.3.2 +mako==1.3.5 # via alembic markupsafe==2.1.5 # via mako -matplotlib==3.8.3 +matplotlib==3.9.0 # via -r edx_repo_tools/conventional_commits/extra-py312.in numpy==1.26.4 # via # contourpy # matplotlib # pandas -packaging==23.2 +packaging==24.0 # via matplotlib -pandas==2.2.1 +pandas==2.2.2 # via -r edx_repo_tools/conventional_commits/extra-py312.in -pillow==10.2.0 +pillow==10.3.0 # via matplotlib pyparsing==3.1.2 # via matplotlib @@ -53,7 +49,7 @@ sqlalchemy==1.4.52 # via # alembic # dataset -typing-extensions==4.10.0 +typing-extensions==4.11.0 # via alembic tzdata==2024.1 # via pandas From 8b3601b1466db127102879e7032b35352b4f34fa Mon Sep 17 00:00:00 2001 From: edX requirements bot Date: Thu, 23 May 2024 00:01:06 -0400 Subject: [PATCH 6/6] chore: Updating Python Requirements --- edx_repo_tools/audit_gh_users/extra.txt | 2 +- edx_repo_tools/conventional_commits/extra.txt | 2 +- edx_repo_tools/find_dependencies/extra.txt | 2 +- edx_repo_tools/repo_access_scraper/extra.txt | 2 +- edx_repo_tools/repo_checks/extra.txt | 4 ++-- requirements/base.txt | 4 ++-- requirements/development.txt | 10 +++++----- requirements/pip-tools.txt | 2 +- requirements/pip.txt | 2 +- 9 files changed, 15 insertions(+), 15 deletions(-) diff --git a/edx_repo_tools/audit_gh_users/extra.txt b/edx_repo_tools/audit_gh_users/extra.txt index 6c2943da..adbeaef1 100644 --- a/edx_repo_tools/audit_gh_users/extra.txt +++ b/edx_repo_tools/audit_gh_users/extra.txt @@ -6,7 +6,7 @@ # click==8.1.7 # via -r edx_repo_tools/audit_gh_users/extra.in -fastcore==1.5.35 +fastcore==1.5.38 # via ghapi ghapi==1.0.5 # via -r edx_repo_tools/audit_gh_users/extra.in diff --git a/edx_repo_tools/conventional_commits/extra.txt b/edx_repo_tools/conventional_commits/extra.txt index 41dd8964..0adffff8 100644 --- a/edx_repo_tools/conventional_commits/extra.txt +++ b/edx_repo_tools/conventional_commits/extra.txt @@ -65,7 +65,7 @@ typing-extensions==4.11.0 # via alembic tzdata==2024.1 # via pandas -zipp==3.18.1 +zipp==3.18.2 # via # importlib-metadata # importlib-resources diff --git a/edx_repo_tools/find_dependencies/extra.txt b/edx_repo_tools/find_dependencies/extra.txt index 1830c3f4..98f38f5c 100644 --- a/edx_repo_tools/find_dependencies/extra.txt +++ b/edx_repo_tools/find_dependencies/extra.txt @@ -16,7 +16,7 @@ mdurl==0.1.2 # via markdown-it-py pygments==2.18.0 # via rich -requests==2.31.0 +requests==2.32.2 # via -r edx_repo_tools/find_dependencies/extra.in rich==13.7.1 # via -r edx_repo_tools/find_dependencies/extra.in diff --git a/edx_repo_tools/repo_access_scraper/extra.txt b/edx_repo_tools/repo_access_scraper/extra.txt index 30917bfe..7022746d 100644 --- a/edx_repo_tools/repo_access_scraper/extra.txt +++ b/edx_repo_tools/repo_access_scraper/extra.txt @@ -8,7 +8,7 @@ greenlet==3.0.3 # via # -c edx_repo_tools/repo_access_scraper/../../requirements/constraints.txt # playwright -playwright==1.43.0 +playwright==1.44.0 # via -r edx_repo_tools/repo_access_scraper/extra.in pyee==11.1.0 # via playwright diff --git a/edx_repo_tools/repo_checks/extra.txt b/edx_repo_tools/repo_checks/extra.txt index 9c559716..9e71b131 100644 --- a/edx_repo_tools/repo_checks/extra.txt +++ b/edx_repo_tools/repo_checks/extra.txt @@ -12,7 +12,7 @@ charset-normalizer==3.3.2 # via requests click==8.1.7 # via -r edx_repo_tools/repo_checks/extra.in -fastcore==1.5.35 +fastcore==1.5.38 # via ghapi ghapi==1.0.5 # via -r edx_repo_tools/repo_checks/extra.in @@ -24,7 +24,7 @@ packaging==24.0 # ghapi pyyaml==6.0.1 # via -r edx_repo_tools/repo_checks/extra.in -requests==2.31.0 +requests==2.32.2 # via -r edx_repo_tools/repo_checks/extra.in urllib3==2.2.1 # via requests diff --git a/requirements/base.txt b/requirements/base.txt index 69523ff5..51dd836b 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -92,7 +92,7 @@ pyjwt[crypto]==2.8.0 # via github3-py pyproject-api==1.6.1 # via tox -pytest==8.2.0 +pytest==8.2.1 # via # -r requirements/base.in # pytest-logging @@ -109,7 +109,7 @@ python-dotenv==1.0.1 # via -r requirements/base.in pyyaml==6.0.1 # via -r requirements/base.in -requests==2.31.0 +requests==2.32.2 # via # -r requirements/base.in # cachecontrol diff --git a/requirements/development.txt b/requirements/development.txt index 673fae0c..161810dc 100644 --- a/requirements/development.txt +++ b/requirements/development.txt @@ -8,7 +8,7 @@ appdirs==1.4.4 # via # -r requirements/base.txt # fissix -astroid==3.2.0 +astroid==3.2.2 # via # pylint # pylint-celery @@ -172,7 +172,7 @@ pyjwt[crypto]==2.8.0 # via # -r requirements/base.txt # github3-py -pylint==3.2.0 +pylint==3.2.2 # via # edx-lint # pylint-celery @@ -194,7 +194,7 @@ pyproject-hooks==1.1.0 # via # build # pip-tools -pytest==8.2.0 +pytest==8.2.1 # via # -r requirements/base.txt # -r requirements/development.in @@ -220,7 +220,7 @@ pyyaml==6.0.1 # -r requirements/base.txt # code-annotations # responses -requests==2.31.0 +requests==2.32.2 # via # -r requirements/base.txt # cachecontrol @@ -289,7 +289,7 @@ volatile==2.1.0 # bowler wheel==0.43.0 # via pip-tools -zipp==3.18.1 +zipp==3.18.2 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt index 1b67baa1..d9186e9d 100644 --- a/requirements/pip-tools.txt +++ b/requirements/pip-tools.txt @@ -26,7 +26,7 @@ tomli==2.0.1 # pip-tools wheel==0.43.0 # via pip-tools -zipp==3.18.1 +zipp==3.18.2 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/pip.txt b/requirements/pip.txt index e3ffcc7b..8a72bb0b 100644 --- a/requirements/pip.txt +++ b/requirements/pip.txt @@ -10,5 +10,5 @@ wheel==0.43.0 # The following packages are considered to be unsafe in a requirements file: pip==24.0 # via -r requirements/pip.in -setuptools==69.5.1 +setuptools==70.0.0 # via -r requirements/pip.in