diff --git a/.safety-policy-develop.yml b/.safety-policy-develop.yml index 853c7dc7..7ea589bf 100644 --- a/.safety-policy-develop.yml +++ b/.safety-policy-develop.yml @@ -18,7 +18,9 @@ security: ignore-cvss-unknown-severity: False # Ignore unpinned requirements. - # Should be set to False. + # Default is true. "Unpinned" in this case means anything else but "==". + # Since we are checking against the minimum-constraints file, this check + # is enabled (false). ignore-unpinned-requirements: False # List of specific vulnerabilities to ignore. @@ -30,6 +32,8 @@ security: reason: Disputed issue in jinja2 version 3.1.3 - No known fix 79993: reason: Fixed jupyterlab version 4.4.8 requires Python>=3.9 and other upgrades + 82754: + reason: Fixed filelock version 3.20.1 requires Python>=3.10 and is used there # Continue with exit code 0 when vulnerabilities are found. continue-on-vulnerability-error: False diff --git a/.safety-policy-install.yml b/.safety-policy-install.yml index 91fc226c..30374dc4 100644 --- a/.safety-policy-install.yml +++ b/.safety-policy-install.yml @@ -18,7 +18,9 @@ security: ignore-cvss-unknown-severity: False # Ignore unpinned requirements. - # Should be set to False. + # Default is true. "Unpinned" in this case means anything else but "==". + # Since we are checking against the minimum-constraints file, this check + # is enabled (false). ignore-unpinned-requirements: False # List of specific vulnerabilities to ignore. diff --git a/dev-requirements.txt b/dev-requirements.txt index a8de5d75..0c24e416 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -67,7 +67,7 @@ dparse>=0.6.4 ruamel.yaml>=0.17.21 click>=8.0.2 Authlib>=1.6.5 -marshmallow>=3.15.0 +marshmallow>=3.26.2 pydantic>=2.12.0 pydantic_core>=2.41.1 #safety 3.6.1 depends on typer>=0.16.0 @@ -142,7 +142,7 @@ notebook>=7.2.2; sys_platform != 'win32' or python_version <= '3.12' jupyter>=1.0.0; sys_platform != 'win32' or python_version <= '3.12' jupyter-console>=6.6.3; sys_platform != 'win32' or python_version <= '3.12' ipywidgets>=8.0.5; sys_platform != 'win32' or python_version <= '3.12' -nbconvert>=7.2.10; sys_platform != 'win32' or python_version <= '3.12' +nbconvert>=7.17.0; sys_platform != 'win32' or python_version <= '3.12' nbclient>=0.7.4; sys_platform != 'win32' or python_version <= '3.12' nbformat>=5.8.0; sys_platform != 'win32' or python_version <= '3.12' qtconsole>=5.4.2; sys_platform != 'win32' or python_version <= '3.12' diff --git a/minimum-constraints-develop.txt b/minimum-constraints-develop.txt index 196ce530..f9517788 100644 --- a/minimum-constraints-develop.txt +++ b/minimum-constraints-develop.txt @@ -50,7 +50,7 @@ dparse==0.6.4 ruamel.yaml==0.17.21 click==8.0.2 Authlib==1.6.5 -marshmallow==3.15.0 +marshmallow==3.26.2 pydantic==2.12.0 pydantic_core==2.41.1 typer==0.16.0 @@ -112,7 +112,7 @@ notebook==7.2.2; sys_platform != 'win32' or python_version <= '3.12' jupyter==1.0.0; sys_platform != 'win32' or python_version <= '3.12' jupyter-console==6.6.3; sys_platform != 'win32' or python_version <= '3.12' ipywidgets==8.0.5; sys_platform != 'win32' or python_version <= '3.12' -nbconvert==7.2.10; sys_platform != 'win32' or python_version <= '3.12' +nbconvert==7.17.0; sys_platform != 'win32' or python_version <= '3.12' nbclient==0.7.4; sys_platform != 'win32' or python_version <= '3.12' nbformat==5.8.0; sys_platform != 'win32' or python_version <= '3.12' qtconsole==5.4.2; sys_platform != 'win32' or python_version <= '3.12' @@ -170,8 +170,8 @@ dataclasses==0.8 decorator==4.0.11 defusedxml==0.7.1 distlib==0.3.7 -# safety 3.4.0 depends on filelock~=3.16.1 -filelock==3.16.1 +filelock==3.16.1; python_version == '3.9' +filelock==3.20.1; python_version >= '3.10' gitdb==4.0.8 gitdb2==2.0.0 html5lib==1.1 diff --git a/minimum-constraints-install.txt b/minimum-constraints-install.txt index 1c2a2eb4..34c676e2 100644 --- a/minimum-constraints-install.txt +++ b/minimum-constraints-install.txt @@ -32,7 +32,7 @@ websocket-client==1.8.0 certifi==2024.07.04 -urllib3==2.6.0 +urllib3==2.6.3 # Direct dependencies for install of extra 'testutils' (must be consistent with extra-testutils-requirements) diff --git a/requirements.txt b/requirements.txt index bb7b6077..75afcf91 100644 --- a/requirements.txt +++ b/requirements.txt @@ -35,7 +35,7 @@ certifi>=2024.07.04 # Functional dependencies on urllib3 versions: # - IncompleteRead fix: Distinguishing too much from not enough response data # requires >=2.2.1 -urllib3>=2.6.0 +urllib3>=2.6.3 # Indirect dependencies for install that are needed for some reason (must be consistent with minimum-constraints-install.txt)