Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Remove py3.7 (pinterest#234) * Remove py3.7 * Restore cache action * Bump cryptography from 39.0.2 to 41.0.1 (pinterest#260) Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.2 to 41.0.1. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@39.0.2...41.0.1) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tox from 3.25.0 to 4.6.0 (pinterest#262) Bumps [tox](https://github.com/tox-dev/tox) from 3.25.0 to 4.6.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@3.25.0...4.6.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 1.7.5 to 2.14.1 (pinterest#263) Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 1.7.5 to 2.14.1. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v1.7.5...v2.14.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flask from 2.1.2 to 2.3.2 (pinterest#250) Bumps [flask](https://github.com/pallets/flask) from 2.1.2 to 2.3.2. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@2.1.2...2.3.2) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.1.2 to 7.3.1 (pinterest#243) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.2 to 7.3.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.1.2...7.3.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis from 4.5.3 to 4.5.5 (pinterest#253) Bump redis from 4.3.3 to 4.5.5 Bumps [redis](https://github.com/redis/redis-py) from 4.3.3 to 4.5.5. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.3.3...v4.5.5) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuru Shao <[email protected]> * Bump coverage from 6.4.1 to 7.2.7 (pinterest#267) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.1 to 7.2.7. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@6.4.1...7.2.7) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-cov from 3.0.0 to 4.1.0 (pinterest#266) Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 3.0.0 to 4.1.0. - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v3.0.0...v4.1.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/checkout from 3 to 4 (pinterest#282) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Snyk] Security upgrade cryptography from 41.0.1 to 41.0.4 (pinterest#284) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 Co-authored-by: snyk-bot <[email protected]> * Bump tox from 4.6.0 to 4.11.3 (pinterest#287) Bumps [tox](https://github.com/tox-dev/tox) from 4.6.0 to 4.11.3. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.6.0...4.11.3) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 2.14.1 to 2.20.0 Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.14.1 to 2.20.0. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v2.14.1...v2.20.0) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump redis from 4.5.5 to 5.0.1 Bumps [redis](https://github.com/redis/redis-py) from 4.5.5 to 5.0.1. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.5.5...v5.0.1) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Install deps from requirements.txt (pinterest#303) * Prepare 1.6.1 release (pinterest#304) * Prepare 1.6.1 release * Update configs * Fix dev requirements * Bump version: 1.6.0 → 1.6.1 (pinterest#305) * Use urllib.parse for quoting/unquoting plus instead of deprecated werkzeug.urls (pinterest#300) Use urllib.parse for quoting/unquoting plus werkzeug.urls.url_quote_plus and werkzeug.urls.url_unquote_plus were deprecated and are removed in 3.0.0 and newer versions. * Bump actions/setup-python from 4 to 5 (pinterest#306) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github/codeql-action from 2 to 3 (pinterest#309) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump werkzeug from 2.3.3 to 3.0.1 (pinterest#295) Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.3.3 to 3.0.1. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@2.3.3...3.0.1) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flask from 2.3.2 to 3.0.0 (pinterest#294) Bumps [flask](https://github.com/pallets/flask) from 2.3.2 to 3.0.0. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@2.3.2...3.0.0) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Yuru Shao <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Devin Lundberg <[email protected]> Co-authored-by: snyk-bot <[email protected]> Co-authored-by: Yuping Li <[email protected]> Co-authored-by: vin01 <[email protected]>
- Loading branch information
7 people
authored
Jan 2, 2024
1 parent
6cba7d0
commit 383a4fb