Update poetry.lock

Update dependencies in poetry.lock file to fix error in CI that was caused by downgraded dependencies in poetry.lock. Update of bandit found a possible security issue in sourceforge_git backend, which is fixed as part of this commit. Signed-off-by: Michal Konecny <[email protected]>
fedora-infra · Mar 13, 2024 · 155866b · 155866b
1 parent 8209ce8
commit 155866b
Show file tree

Hide file tree

Showing 2 changed files with 1,621 additions and 1,309 deletions.
diff --git a/anitya/lib/backends/sourceforge_git.py b/anitya/lib/backends/sourceforge_git.py
@@ -1,9 +1,8 @@
 # -*- coding: utf-8 -*-
 """sourceforge_git"""
-import requests
 from bs4 import BeautifulSoup
 
-from anitya.lib.backends import BaseBackend
+from anitya.lib.backends import REQUEST_HEADERS, BaseBackend, http_session
 from anitya.lib.exceptions import AnityaPluginException
 
 
@@ -99,7 +98,9 @@ def get_versions(cls, project):
         """
         namespace, repo = cls.get_namespace_repo(project)
         url = project.get_version_url()
-        git_tag_request = requests.get(url)  # pylint: disable=W3101
+        git_tag_request = http_session.get(
+            url, headers=REQUEST_HEADERS, timeout=60, verify=True
+        )  # pylint: disable=W3101
 
         if git_tag_request.status_code == 404:
             raise AnityaPluginException(