From 5095e9b014cb7563c02baa26ca16742e285de224 Mon Sep 17 00:00:00 2001 From: "github.actions" Date: Wed, 8 Jan 2025 08:06:09 +0000 Subject: [PATCH] Latest data: Wed Jan 8 08:06:09 UTC 2025 --- audits/aider-requirements.audit.json | 2 + audits/ansible-lint-requirements.audit.json | 2 + audits/certsync-requirements.audit.json | 2 + audits/charmcraft-requirements.audit.json | 2 + audits/gdbgui-requirements.audit.json | 2 + audits/gi-docgen-requirements.audit.json | 2 + audits/harlequin-requirements.audit.json | 2 + audits/libplacebo-requirements.audit.json | 2 + audits/litani-requirements.audit.json | 2 + audits/mentat-requirements.audit.json | 2 + audits/organize-tool-requirements.audit.json | 2 + audits/pytorch-requirements.audit.json | 2 + audits/recon-ng-requirements.audit.json | 2 + audits/sail-requirements.audit.json | 2 + audits/snapcraft-requirements.audit.json | 316 ------------------ audits/vunnel-requirements.audit.json | 2 + requirements/b2-tools-requirements.txt | 14 +- requirements/checkov-requirements.txt | 18 +- requirements/codelimit-requirements.txt | 2 +- requirements/internetarchive-requirements.txt | 4 +- requirements/linode-cli-requirements.txt | 10 +- requirements/osc-requirements.txt | 2 +- requirements/snapcraft-requirements.txt | 41 +-- requirements/yewtube-requirements.txt | 14 +- 24 files changed, 81 insertions(+), 370 deletions(-) delete mode 100644 audits/snapcraft-requirements.audit.json diff --git a/audits/aider-requirements.audit.json b/audits/aider-requirements.audit.json index 72cb2a46..d65bb95a 100644 --- a/audits/aider-requirements.audit.json +++ b/audits/aider-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/ansible-lint-requirements.audit.json b/audits/ansible-lint-requirements.audit.json index 5d89152b..f1720e6f 100644 --- a/audits/ansible-lint-requirements.audit.json +++ b/audits/ansible-lint-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/certsync-requirements.audit.json b/audits/certsync-requirements.audit.json index e6c40c65..418daa2b 100644 --- a/audits/certsync-requirements.audit.json +++ b/audits/certsync-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/charmcraft-requirements.audit.json b/audits/charmcraft-requirements.audit.json index fd7bdaa4..be45e459 100644 --- a/audits/charmcraft-requirements.audit.json +++ b/audits/charmcraft-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/gdbgui-requirements.audit.json b/audits/gdbgui-requirements.audit.json index b70587f1..e4edffbb 100644 --- a/audits/gdbgui-requirements.audit.json +++ b/audits/gdbgui-requirements.audit.json @@ -285,6 +285,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -713,6 +714,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/gi-docgen-requirements.audit.json b/audits/gi-docgen-requirements.audit.json index 761f043e..2015b249 100644 --- a/audits/gi-docgen-requirements.audit.json +++ b/audits/gi-docgen-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/harlequin-requirements.audit.json b/audits/harlequin-requirements.audit.json index 48042e4d..607edb0c 100644 --- a/audits/harlequin-requirements.audit.json +++ b/audits/harlequin-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/libplacebo-requirements.audit.json b/audits/libplacebo-requirements.audit.json index ace35fd9..6eae4b42 100644 --- a/audits/libplacebo-requirements.audit.json +++ b/audits/libplacebo-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/litani-requirements.audit.json b/audits/litani-requirements.audit.json index abb4bb26..c870e67f 100644 --- a/audits/litani-requirements.audit.json +++ b/audits/litani-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/mentat-requirements.audit.json b/audits/mentat-requirements.audit.json index 657cf5e5..e147b9b4 100644 --- a/audits/mentat-requirements.audit.json +++ b/audits/mentat-requirements.audit.json @@ -389,6 +389,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -817,6 +818,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/organize-tool-requirements.audit.json b/audits/organize-tool-requirements.audit.json index 6e1261bb..a20c11b4 100644 --- a/audits/organize-tool-requirements.audit.json +++ b/audits/organize-tool-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/pytorch-requirements.audit.json b/audits/pytorch-requirements.audit.json index 8b77d989..a0ae2dd6 100644 --- a/audits/pytorch-requirements.audit.json +++ b/audits/pytorch-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/recon-ng-requirements.audit.json b/audits/recon-ng-requirements.audit.json index bff7c074..af701a7f 100644 --- a/audits/recon-ng-requirements.audit.json +++ b/audits/recon-ng-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/sail-requirements.audit.json b/audits/sail-requirements.audit.json index c39a1f69..41beeb9b 100644 --- a/audits/sail-requirements.audit.json +++ b/audits/sail-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/audits/snapcraft-requirements.audit.json b/audits/snapcraft-requirements.audit.json deleted file mode 100644 index 0c4ddb4a..00000000 --- a/audits/snapcraft-requirements.audit.json +++ /dev/null @@ -1,316 +0,0 @@ -[ - { - "package": { - "name": "jinja2", - "version": "3.1.4", - "ecosystem": "PyPI" - }, - "dependency_groups": [ - "snapcraft-requirements" - ], - "vulnerabilities": [ - { - "modified": "2024-12-26T20:27:33Z", - "published": "2024-12-23T17:54:12Z", - "schema_version": "1.6.0", - "id": "GHSA-gmj6-6f8f-6699", - "aliases": [ - "CVE-2024-56201" - ], - "related": [ - "CGA-2589-9xpr-fmp7", - "CGA-372m-j842-xpmm", - "CGA-9x7g-9rfp-4xhm", - "CGA-gvvw-7w3r-7m54", - "CGA-mvqg-6j62-4pjm", - "CGA-whf8-42p9-686q" - ], - "summary": "Jinja has a sandbox breakout through malicious filenames", - "details": "A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used.\n\nTo exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.", - "affected": [ - { - "package": { - "ecosystem": "PyPI", - "name": "jinja2", - "purl": "pkg:pypi/jinja2" - }, - "ranges": [ - { - "type": "ECOSYSTEM", - "events": [ - { - "introduced": "0" - }, - { - "fixed": "3.1.5" - } - ] - } - ], - "versions": [ - "2.0", - "2.0rc1", - "2.1", - "2.1.1", - "2.10", - "2.10.1", - "2.10.2", - "2.10.3", - "2.11.0", - "2.11.1", - "2.11.2", - "2.11.3", - "2.2", - "2.2.1", - "2.3", - "2.3.1", - "2.4", - "2.4.1", - "2.5", - "2.5.1", - "2.5.2", - "2.5.3", - "2.5.4", - "2.5.5", - "2.6", - "2.7", - "2.7.1", - "2.7.2", - "2.7.3", - "2.8", - "2.8.1", - "2.9", - "2.9.1", - "2.9.2", - "2.9.3", - "2.9.4", - "2.9.5", - "2.9.6", - "3.0.0", - "3.0.0a1", - "3.0.0rc1", - "3.0.0rc2", - "3.0.1", - "3.0.2", - "3.0.3", - "3.1.0", - "3.1.1", - "3.1.2", - "3.1.3", - "3.1.4" - ], - "database_specific": { - "last_known_affected_version_range": "<= 3.1.4", - "source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-gmj6-6f8f-6699/GHSA-gmj6-6f8f-6699.json" - } - } - ], - "severity": [ - { - "type": "CVSS_V3", - "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" - }, - { - "type": "CVSS_V4", - "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" - } - ], - "references": [ - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699" - }, - { - "type": "ADVISORY", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201" - }, - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/issues/1792" - }, - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f" - }, - { - "type": "PACKAGE", - "url": "https://github.com/pallets/jinja" - }, - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/releases/tag/3.1.5" - } - ], - "database_specific": { - "cwe_ids": [ - "CWE-150" - ], - "github_reviewed": true, - "github_reviewed_at": "2024-12-23T17:54:12Z", - "nvd_published_at": "2024-12-23T16:15:07Z", - "severity": "MODERATE" - } - }, - { - "modified": "2024-12-27T19:24:19Z", - "published": "2024-12-23T17:56:08Z", - "schema_version": "1.6.0", - "id": "GHSA-q2x7-8rv6-6q7h", - "aliases": [ - "CVE-2024-56326" - ], - "related": [ - "CGA-79fr-pvjg-j9xm", - "CGA-crfr-r549-cvmg", - "CGA-f7wq-crqm-v76f", - "CGA-gm37-p355-3fq6", - "CGA-h3v9-xgx5-mrgr", - "CGA-p9v5-jpj2-q3ww" - ], - "summary": "Jinja has a sandbox breakout through indirect reference to format method", - "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", - "affected": [ - { - "package": { - "ecosystem": "PyPI", - "name": "jinja2", - "purl": "pkg:pypi/jinja2" - }, - "ranges": [ - { - "type": "ECOSYSTEM", - "events": [ - { - "introduced": "0" - }, - { - "fixed": "3.1.5" - } - ] - } - ], - "versions": [ - "2.0", - "2.0rc1", - "2.1", - "2.1.1", - "2.10", - "2.10.1", - "2.10.2", - "2.10.3", - "2.11.0", - "2.11.1", - "2.11.2", - "2.11.3", - "2.2", - "2.2.1", - "2.3", - "2.3.1", - "2.4", - "2.4.1", - "2.5", - "2.5.1", - "2.5.2", - "2.5.3", - "2.5.4", - "2.5.5", - "2.6", - "2.7", - "2.7.1", - "2.7.2", - "2.7.3", - "2.8", - "2.8.1", - "2.9", - "2.9.1", - "2.9.2", - "2.9.3", - "2.9.4", - "2.9.5", - "2.9.6", - "3.0.0", - "3.0.0a1", - "3.0.0rc1", - "3.0.0rc2", - "3.0.1", - "3.0.2", - "3.0.3", - "3.1.0", - "3.1.1", - "3.1.2", - "3.1.3", - "3.1.4" - ], - "database_specific": { - "last_known_affected_version_range": "<= 3.1.4", - "source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-q2x7-8rv6-6q7h/GHSA-q2x7-8rv6-6q7h.json" - } - } - ], - "severity": [ - { - "type": "CVSS_V3", - "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" - }, - { - "type": "CVSS_V4", - "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" - } - ], - "references": [ - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h" - }, - { - "type": "ADVISORY", - "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326" - }, - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4" - }, - { - "type": "PACKAGE", - "url": "https://github.com/pallets/jinja" - }, - { - "type": "WEB", - "url": "https://github.com/pallets/jinja/releases/tag/3.1.5" - } - ], - "database_specific": { - "cwe_ids": [ - "CWE-693" - ], - "github_reviewed": true, - "github_reviewed_at": "2024-12-23T17:56:08Z", - "nvd_published_at": "2024-12-23T16:15:07Z", - "severity": "MODERATE" - } - } - ], - "groups": [ - { - "ids": [ - "GHSA-gmj6-6f8f-6699" - ], - "aliases": [ - "CVE-2024-56201", - "GHSA-gmj6-6f8f-6699" - ], - "max_severity": "8.8" - }, - { - "ids": [ - "GHSA-q2x7-8rv6-6q7h" - ], - "aliases": [ - "CVE-2024-56326", - "GHSA-q2x7-8rv6-6q7h" - ], - "max_severity": "7.8" - } - ] - } -] \ No newline at end of file diff --git a/audits/vunnel-requirements.audit.json b/audits/vunnel-requirements.audit.json index a6612029..664dc271 100644 --- a/audits/vunnel-requirements.audit.json +++ b/audits/vunnel-requirements.audit.json @@ -23,6 +23,7 @@ "CGA-9x7g-9rfp-4xhm", "CGA-gvvw-7w3r-7m54", "CGA-mvqg-6j62-4pjm", + "CGA-vj5f-6mc5-q329", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -160,6 +161,7 @@ "CVE-2024-56326" ], "related": [ + "CGA-48m9-g63w-3pmj", "CGA-79fr-pvjg-j9xm", "CGA-crfr-r549-cvmg", "CGA-f7wq-crqm-v76f", diff --git a/requirements/b2-tools-requirements.txt b/requirements/b2-tools-requirements.txt index d57ee870..601b588d 100644 --- a/requirements/b2-tools-requirements.txt +++ b/requirements/b2-tools-requirements.txt @@ -1,8 +1,8 @@ annotated-types==0.7.0 -argcomplete==3.5.2 +argcomplete==3.5.3 arrow==1.3.0 -b2sdk==2.6.0 -charset-normalizer==3.4.0 +b2sdk==2.7.0 +charset-normalizer==3.4.1 docutils==0.21.2 idna==3.10 logfury==1.0.1 @@ -11,8 +11,8 @@ platformdirs==4.3.6 python-dateutil==2.9.0.post0 requests==2.32.3 rst2ansi==0.1.5 -six==1.16.0 +six==1.17.0 tabulate==0.9.0 -tqdm==4.66.6 -types-python-dateutil==2.9.0.20241003 -urllib3==2.2.3 +tqdm==4.67.1 +types-python-dateutil==2.9.0.20241206 +urllib3==2.3.0 diff --git a/requirements/checkov-requirements.txt b/requirements/checkov-requirements.txt index 85b1e8ac..014e8186 100644 --- a/requirements/checkov-requirements.txt +++ b/requirements/checkov-requirements.txt @@ -4,20 +4,20 @@ aiohttp==3.11.11 aiomultiprocess==0.9.1 aiosignal==1.3.2 annotated-types==0.7.0 -argcomplete==3.5.2 +argcomplete==3.5.3 attrs==24.3.0 -bc-detect-secrets==1.5.27 +bc-detect-secrets==1.5.33 bc-jsonpath-ng==1.6.1 bc-python-hcl2==0.4.2 beartype==0.19.0 beautifulsoup4==4.12.3 boolean-py==4.0 boto3==1.35.49 -botocore==1.35.87 +botocore==1.35.93 cached-property==2.0.1 cachetools==5.5.0 cffi==1.17.1 -charset-normalizer==3.4.0 +charset-normalizer==3.4.1 click==8.1.8 click-option-group==0.5.6 cloudsplaining==0.7.0 @@ -31,8 +31,8 @@ docker==7.1.0 dockerfile-parse==2.0.1 dpath==2.1.3 frozenlist==1.5.0 -gitdb==4.0.11 -gitpython==3.1.43 +gitdb==4.0.12 +gitpython==3.1.44 idna==3.10 importlib-metadata==7.2.1 jinja2==3.1.5 @@ -47,7 +47,7 @@ markupsafe==3.0.2 multidict==6.1.0 networkx==2.6.3 openai==0.28.1 -orjson==3.10.12 +orjson==3.10.13 packageurl-python==0.13.4 packaging==23.2 ply==3.11 @@ -60,7 +60,7 @@ pycep-parser==0.5.1 pycparser==2.22 pydantic==2.10.4 pydantic-core==2.27.2 -pyparsing==3.2.0 +pyparsing==3.2.1 python-dateutil==2.9.0.post0 pyyaml==6.0.2 rdflib==7.1.1 @@ -73,7 +73,7 @@ s3transfer==0.10.4 schema==0.7.5 semantic-version==2.10.0 six==1.17.0 -smmap==5.0.1 +smmap==5.0.2 sortedcontainers==2.4.0 soupsieve==2.6 spdx-tools==0.8.3 diff --git a/requirements/codelimit-requirements.txt b/requirements/codelimit-requirements.txt index 823595a9..cc689305 100644 --- a/requirements/codelimit-requirements.txt +++ b/requirements/codelimit-requirements.txt @@ -11,7 +11,7 @@ mdurl==0.1.2 multidict==6.1.0 pathspec==0.12.1 propcache==0.2.1 -pygments==2.18.0 +pygments==2.19.1 pyperclip==1.9.0 pyyaml==6.0.2 requests==2.32.3 diff --git a/requirements/internetarchive-requirements.txt b/requirements/internetarchive-requirements.txt index 4913bf84..22bf03f9 100644 --- a/requirements/internetarchive-requirements.txt +++ b/requirements/internetarchive-requirements.txt @@ -1,7 +1,7 @@ -charset-normalizer==3.4.0 +charset-normalizer==3.4.1 idna==3.10 jsonpatch==1.33 jsonpointer==3.0.0 requests==2.32.3 tqdm==4.67.1 -urllib3==2.2.3 +urllib3==2.3.0 diff --git a/requirements/linode-cli-requirements.txt b/requirements/linode-cli-requirements.txt index c948df9f..2031361f 100644 --- a/requirements/linode-cli-requirements.txt +++ b/requirements/linode-cli-requirements.txt @@ -1,17 +1,17 @@ -anyio==4.6.2.post1 -charset-normalizer==3.4.0 +anyio==4.8.0 +charset-normalizer==3.4.1 h11==0.14.0 httpcore==1.0.7 -httpx==0.27.2 +httpx==0.28.1 idna==3.10 linode-metadata==0.3.0 markdown-it-py==3.0.0 mdurl==0.1.2 openapi3==1.8.2 packaging==24.2 -pygments==2.18.0 +pygments==2.19.1 pyyaml==6.0.2 requests==2.32.3 rich==13.9.4 sniffio==1.3.1 -urllib3==2.2.3 +urllib3==2.3.0 diff --git a/requirements/osc-requirements.txt b/requirements/osc-requirements.txt index d6ea1901..04a7cdac 100644 --- a/requirements/osc-requirements.txt +++ b/requirements/osc-requirements.txt @@ -1,2 +1,2 @@ rpm==0.3.1 -urllib3==2.2.3 +urllib3==2.3.0 diff --git a/requirements/snapcraft-requirements.txt b/requirements/snapcraft-requirements.txt index 1693e269..c6240bc3 100644 --- a/requirements/snapcraft-requirements.txt +++ b/requirements/snapcraft-requirements.txt @@ -1,19 +1,17 @@ annotated-types==0.7.0 -anyio==4.7.0 +anyio==4.8.0 attrs==24.3.0 boolean-py==4.0 catkin-pkg==1.0.0 -certifi==2024.8.30 -cffi==1.17.1 chardet==5.2.0 -charset-normalizer==3.4.0 -click==8.1.7 -craft-application==4.6.0 +charset-normalizer==3.4.1 +click==8.1.8 +craft-application==4.7.0 craft-archives==2.0.2 craft-cli==2.13.0 craft-grammar==2.0.1 -craft-parts==2.2.0 -craft-platforms==0.4.0 +craft-parts==2.2.1 +craft-platforms==0.5.0 craft-providers==2.0.4 craft-store==3.1.0 distro==1.9.0 @@ -22,14 +20,15 @@ gnupg==2.3.1 h11==0.14.0 httpcore==1.0.7 httplib2==0.22.0 -httpx==0.28.0 +httpx==0.28.1 idna==3.10 jaraco-classes==3.4.0 jaraco-context==6.0.1 jaraco-functools==4.1.0 -jinja2==3.1.4 +jeepney==0.8.0 +jinja2==3.1.5 jsonschema==2.5.1 -keyring==25.5.0 +keyring==25.6.0 launchpadlib==2.0.0 lazr-restfulclient==0.14.6 lazr-uri==1.0.7 @@ -44,16 +43,15 @@ overrides==7.7.0 packaging==24.2 platformdirs==4.3.6 progressbar==2.5 -protobuf==5.29.1 -psutil==6.1.0 -pycparser==2.22 -pydantic==2.10.3 -pydantic-core==2.27.1 +protobuf==5.29.2 +psutil==6.1.1 +pydantic==2.10.4 +pydantic-core==2.27.2 pyelftools==0.31 -pygit2==1.13.3 +pylxd==2.3.5 pymacaroons==0.13.0 pynacl==1.5.0 -pyparsing==3.2.0 +pyparsing==3.2.1 pyrfc3339==1.1 python-dateutil==2.9.0.post0 python-debian==0.1.49 @@ -64,14 +62,17 @@ raven==6.10.0 requests==2.32.3 requests-toolbelt==1.0.0 requests-unixsocket2==0.4.2 -setuptools==75.6.0 +secretstorage==3.3.3 +setuptools==75.7.0 simplejson==3.19.3 six==1.17.0 snap-helpers==0.4.2 +sniffio==1.3.1 tabulate==0.9.0 tinydb==4.8.2 toml==0.10.2 typing-extensions==4.12.2 -urllib3==2.2.3 +urllib3==2.3.0 validators==0.34.0 wadllib==2.0.0 +ws4py==0.6.0 diff --git a/requirements/yewtube-requirements.txt b/requirements/yewtube-requirements.txt index 67e54209..ac1ad8bb 100644 --- a/requirements/yewtube-requirements.txt +++ b/requirements/yewtube-requirements.txt @@ -1,17 +1,13 @@ -anyio==4.6.0 -brotli==1.1.0 -charset-normalizer==3.4.0 +anyio==4.8.0 +charset-normalizer==3.4.1 h11==0.14.0 -httpcore==1.0.6 +httpcore==1.0.7 httpx==0.27.2 idna==3.10 -mutagen==1.47.0 -pycryptodomex==3.21.0 pylast==5.3.0 pyperclip==1.9.0 requests==2.32.3 sniffio==1.3.1 -urllib3==2.2.3 -websockets==13.1 +urllib3==2.3.0 youtube-search-python==1.6.6 -yt-dlp==2024.10.7 +yt-dlp==2024.12.23