[Fixes #9972] SECURITY - Outdated requirements.txt for branch 3.3.x (#…

…9984) * [Fixes #9972] SECURITY - Outdated requirements.txt for branch 3.3.x * - Update circleci config.yml
GeoNode · Sep 7, 2022 · 5a9737a · 5a9737a
1 parent 97e378f
commit 5a9737a
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 56 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -4,7 +4,7 @@ jobs:
   build:
 
     docker:
-      - image: circleci/buildpack-deps:focal
+      - image: cimg/base:current-22.04
 
     parameters:
       load_docker_cache:
@@ -16,42 +16,16 @@ jobs:
         default: ""
 
     steps:
-
       - checkout
-
-      - setup_remote_docker
-
-      - when:
-          condition: <<parameters.load_docker_cache>>
-          steps:
-            - restore_cache:
-                keys:
-                  - v2-docker-images-{{ .Branch }}
-            - run:
-                name: Load Docker layers cache
-                command: |
-                  docker load -i ~/docker-layers-cache.tar || true
+      - setup_remote_docker:
+          docker_layer_caching: false
+          version: 20.10.12
 
       - run:
           name: Build the stack
           command: docker-compose -f docker-compose-test.yml build --no-cache
           working_directory: ./
 
-      - when:
-          condition: <<parameters.save_docker_cache>>
-          steps:
-            - run:
-                name: Save Docker layers cache
-                command: |
-                  rm -f ~/docker-layers-cache.tar
-                  docker save -o ~/docker-layers-cache.tar $(docker images -a --format "{{.ID}}")
-                when: always
-            - save_cache:
-                key: v2-docker-images-{{ .Branch }}-{{ epoch }}
-                paths:
-                  - ~/docker-layers-cache.tar
-                when: always
-
       - run:
           name: Start the stack
           command: docker-compose -f docker-compose-test.yml up -d

diff --git a/requirements.txt b/requirements.txt
@@ -1,12 +1,12 @@
 # native dependencies
-Pillow==8.2.0
-lxml==4.8.0
+Pillow==9.0.1
+lxml==4.9.1
 defusedxml==0.7.1
 psycopg2==2.8.6
-Django==2.2.24
+Django==2.2.25
 
 # Other
-amqp==5.0.6
+amqp>=5.0.9,<6.0.0
 pyyaml>=4.2b1
 beautifulsoup4==4.9.3
 httplib2<0.19.2
@@ -16,8 +16,8 @@ urllib3==1.26.7
 Paver==1.3.4
 python-slugify==5.0.2
 decorator==5.0.9
-celery==5.1.2
-kombu==5.1.0
+celery==5.2.7
+kombu==5.2.4
 pylibmc==1.6.1
 sherlock==0.3.2
 vine==5.0.0
@@ -33,7 +33,7 @@ schema==0.7.5
 smart_open==5.2.1
 
 # Django Apps
-django-allauth==0.44.0
+django-allauth==0.47.0
 django-appconf==1.0.4
 django-celery-beat==2.2.1
 django-celery-results==2.2.0
@@ -124,7 +124,7 @@ inflection==0.3.1
 jdcal==1.4.1
 mock<5.0.0
 python-dateutil==2.8.1
-pytz==2021.1
+pytz==2022.2.1
 requests==2.26.0
 timeout-decorator==0.5.0
 
@@ -139,9 +139,9 @@ django-ipware<3.1
 pycountry
 
 # production
-uWSGI==2.0.19.1
+uWSGI==2.0.20
 gunicorn==20.1.0
-ipython==7.24.1
+ipython==7.31.1
 docker==4.4.4
 invoke==1.5.0
 
@@ -155,9 +155,9 @@ pytest-bdd==4.0.2
 splinter==0.14.0
 pytest-splinter==3.3.1
 pytest-django==4.4.0
-setuptools==60.9.3
-pip==22.0.4
-Twisted==21.2.0
+setuptools==65.3.0
+pip==22.2.2
+Twisted==22.4.0rc1
 pixelmatch==0.2.3
 factory-boy==3.2.0
 flaky==3.7.0

diff --git a/setup.cfg b/setup.cfg
@@ -26,14 +26,14 @@ setup_requires =
     setuptools
 install_requires =
     # native dependencies
-    Pillow==8.2.0
-    lxml==4.8.0
+    Pillow==9.0.1
+    lxml==4.9.1
     defusedxml==0.7.1
     psycopg2==2.8.6
-    Django==2.2.24
+    Django==2.2.25
 
     # Other
-    amqp==5.0.6
+    amqp>=5.0.9,<6.0.0
     pyyaml>=4.2b1
     beautifulsoup4==4.9.3
     httplib2<0.19.2
@@ -43,8 +43,8 @@ install_requires =
     Paver==1.3.4
     python-slugify==5.0.2
     decorator==5.0.9
-    celery==5.1.2
-    kombu==5.1.0
+    celery==5.2.7
+    kombu==5.2.4
     pylibmc==1.6.1
     sherlock==0.3.2
     vine==5.0.0
@@ -60,7 +60,7 @@ install_requires =
     smart_open==5.2.1
 
     # Django Apps
-    django-allauth==0.44.0
+    django-allauth==0.47.0
     django-appconf==1.0.4
     django-celery-beat==2.2.1
     django-celery-results==2.2.0
@@ -150,7 +150,7 @@ install_requires =
     jdcal==1.4.1
     mock<5.0.0
     python-dateutil==2.8.1
-    pytz==2021.1
+    pytz==2022.2.1
     requests==2.26.0
     timeout-decorator==0.5.0
 
@@ -165,9 +165,9 @@ install_requires =
     pycountry
 
     # production
-    uWSGI==2.0.19.1
+    uWSGI==2.0.20
     gunicorn==20.1.0
-    ipython==7.24.1
+    ipython==7.31.1
     docker==4.4.4
     invoke==1.5.0
 
@@ -181,9 +181,9 @@ install_requires =
     splinter==0.14.0
     pytest-splinter==3.3.1
     pytest-django==4.4.0
-    setuptools==60.9.3
-    pip==22.0.4
-    Twisted==21.2.0
+    setuptools==65.3.0
+    pip==22.2.2
+    Twisted==22.4.0rc1
     pixelmatch==0.2.3
     factory-boy==3.2.0
     flaky==3.7.0