From 2ef7358ac760d15325124e7aab8a121b1ab99e2e Mon Sep 17 00:00:00 2001 From: Michiel Scholten Date: Tue, 2 Feb 2021 08:51:18 +0100 Subject: [PATCH] Jinja2 security fix; new-style pip-tools requirements --- requirements-dev.txt | 80 ++++++++++++++++++++++++++++++-------------- requirements.txt | 57 ++++++++++++++++++++----------- 2 files changed, 92 insertions(+), 45 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index f656b36..5cea285 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -4,29 +4,57 @@ # # pip-compile requirements-dev.in # -astroid==2.4.2 # via pylint -beautifulsoup4==4.9.3 # via bs4 -bs4==0.0.1 # via -r requirements.in -certifi==2020.11.8 # via requests -chardet==3.0.4 # via requests -click==7.1.2 # via flask -feedgen==0.9.0 # via -r requirements.in -flask==1.1.2 # via -r requirements.in -idna==2.10 # via requests -isort==5.6.4 # via pylint -itsdangerous==1.1.0 # via flask -jinja2==2.11.2 # via flask -lazy-object-proxy==1.4.3 # via astroid -lxml==4.6.2 # via feedgen -markupsafe==1.1.1 # via jinja2 -mccabe==0.6.1 # via pylint -peewee==3.14.0 # via -r requirements.in -pylint==2.6.0 # via -r requirements-dev.in -python-dateutil==2.8.1 # via feedgen -requests==2.25.0 # via -r requirements.in -six==1.15.0 # via astroid, python-dateutil -soupsieve==2.0.1 # via beautifulsoup4 -toml==0.10.2 # via pylint -urllib3==1.26.2 # via requests -werkzeug==1.0.1 # via flask -wrapt==1.12.1 # via astroid +astroid==2.4.2 + # via pylint +beautifulsoup4==4.9.3 + # via bs4 +bs4==0.0.1 + # via -r requirements.in +certifi==2020.12.5 + # via requests +chardet==4.0.0 + # via requests +click==7.1.2 + # via flask +feedgen==0.9.0 + # via -r requirements.in +flask==1.1.2 + # via -r requirements.in +idna==2.10 + # via requests +isort==5.7.0 + # via pylint +itsdangerous==1.1.0 + # via flask +jinja2==2.11.3 + # via flask +lazy-object-proxy==1.4.3 + # via astroid +lxml==4.6.2 + # via feedgen +markupsafe==1.1.1 + # via jinja2 +mccabe==0.6.1 + # via pylint +peewee==3.14.0 + # via -r requirements.in +pylint==2.6.0 + # via -r requirements-dev.in +python-dateutil==2.8.1 + # via feedgen +requests==2.25.1 + # via -r requirements.in +six==1.15.0 + # via + # astroid + # python-dateutil +soupsieve==2.1 + # via beautifulsoup4 +toml==0.10.2 + # via pylint +urllib3==1.26.3 + # via requests +werkzeug==1.0.1 + # via flask +wrapt==1.12.1 + # via astroid diff --git a/requirements.txt b/requirements.txt index f06a1cd..fe4dcca 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,22 +4,41 @@ # # pip-compile requirements.in # -beautifulsoup4==4.9.3 # via bs4 -bs4==0.0.1 # via -r requirements.in -certifi==2020.11.8 # via requests -chardet==3.0.4 # via requests -click==7.1.2 # via flask -feedgen==0.9.0 # via -r requirements.in -flask==1.1.2 # via -r requirements.in -idna==2.10 # via requests -itsdangerous==1.1.0 # via flask -jinja2==2.11.2 # via flask -lxml==4.6.2 # via feedgen -markupsafe==1.1.1 # via jinja2 -peewee==3.14.0 # via -r requirements.in -python-dateutil==2.8.1 # via feedgen -requests==2.25.0 # via -r requirements.in -six==1.15.0 # via python-dateutil -soupsieve==2.0.1 # via beautifulsoup4 -urllib3==1.26.2 # via requests -werkzeug==1.0.1 # via flask +beautifulsoup4==4.9.3 + # via bs4 +bs4==0.0.1 + # via -r requirements.in +certifi==2020.12.5 + # via requests +chardet==4.0.0 + # via requests +click==7.1.2 + # via flask +feedgen==0.9.0 + # via -r requirements.in +flask==1.1.2 + # via -r requirements.in +idna==2.10 + # via requests +itsdangerous==1.1.0 + # via flask +jinja2==2.11.3 + # via flask +lxml==4.6.2 + # via feedgen +markupsafe==1.1.1 + # via jinja2 +peewee==3.14.0 + # via -r requirements.in +python-dateutil==2.8.1 + # via feedgen +requests==2.25.1 + # via -r requirements.in +six==1.15.0 + # via python-dateutil +soupsieve==2.1 + # via beautifulsoup4 +urllib3==1.26.3 + # via requests +werkzeug==1.0.1 + # via flask