Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump certifi, werkzeug and utils #1941

Merged
merged 4 commits into from
Sep 12, 2024
Merged

Bump certifi, werkzeug and utils #1941

merged 4 commits into from
Sep 12, 2024

Conversation

whabanks
Copy link
Contributor

@whabanks whabanks commented Sep 10, 2024

Summary | Résumé

Bump certifi, werkzeug and utils version: cds-snc/notification-utils#320

Test instructions | Instructions pour tester la modification

  • CI passes
  • App runs and can still login etc.

Copy link


# Pinned dependencies
rsa = "^4.1" # not directly required, pinned by Snyk to avoid a vulnerability
certifi = "^2023.7.22" # Pinned for security reasons: https://github.com/cds-snc/notification-admin/security/dependabot/169
certifi = "^2024.0.0" # Pinned for security reasons: https://github.com/cds-snc/notification-admin/security/dependabot/169
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utils is not forcing certifi 2024.0.0 so I think you can delete this line

Copy link
Contributor Author

@whabanks whabanks Sep 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just doing the bump from the dependency dashboard here since we did bump certifi in utils and poetry was yelling at me 😅

Because notification-admin depends on notifications-utils (52.3.3) @ git+https://github.com/cds-snc/notification-utils.git@bump-patch-deps which depends on certifi (^2024.0.0), certifi is required.
So, because notification-admin depends on certifi (^2023.7.22), version solving failed.

@sastels sastels mentioned this pull request Sep 10, 2024
@whabanks whabanks merged commit d929c15 into main Sep 12, 2024
10 checks passed
@whabanks whabanks deleted the sync-deps-with-utils branch September 12, 2024 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants