From a7565b2337388ce7d6b139d8e2d7a2f6728f8098 Mon Sep 17 00:00:00 2001
From: angrybayblade <vptl185@gmail.com>
Date: Wed, 25 Oct 2023 09:32:56 +0530
Subject: [PATCH 1/5] feat: bump dependencies to secure versions

- setuptools>=65.5.1
- aiohttp>=3.8.5,<4.0.0
- GitPython<4.0.0,>=3.1.37
- requests>=2.31.0,<3.0.0
---
 Pipfile                                                |  8 ++++----
 .../valory/connections/http_client/connection.yaml     |  2 +-
 .../valory/connections/http_server/connection.yaml     |  2 +-
 .../connections/p2p_libp2p_mailbox/connection.yaml     |  2 +-
 setup.py                                               |  2 +-
 tox.ini                                                | 10 +++++-----
 6 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/Pipfile b/Pipfile
index 646157c7c8..f023a51f47 100644
--- a/Pipfile
+++ b/Pipfile
@@ -10,8 +10,8 @@ name = "test-pypi"
 
 [dev-packages]
 # we fix exact versions as it's sufficient to have at least one set of compatible dependencies for development
-setuptools = "==59.6.0"
-aiohttp = "==3.7.4.post0"
+setuptools = ">=65.5.1"
+aiohttp = ">=3.8.5,<4.0.0"
 asn1crypto = "==1.4.0"
 bech32 = "==1.2.0"
 defusedxml = "==0.6.0"
@@ -35,8 +35,8 @@ protobuf = ">=4.21.6,<5.0.0"
 psutil = "==5.7.0"
 pycryptodome = ">=3.10.1"
 pytest-custom-exit-code = "==0.3.0"
-GitPython = "==3.1.27"
-requests = "==2.28.1"
+GitPython = "<4.0.0,>=3.1.37"
+requests = ">=2.31.0,<3.0.0"
 idna = "<=3.3"
 open-aea-cosmpy = "==0.6.7"
 web3 = ">=6.0.0,<7"
diff --git a/packages/valory/connections/http_client/connection.yaml b/packages/valory/connections/http_client/connection.yaml
index 3a93689c22..a8499fa92d 100644
--- a/packages/valory/connections/http_client/connection.yaml
+++ b/packages/valory/connections/http_client/connection.yaml
@@ -25,7 +25,7 @@ restricted_to_protocols:
 - valory/http:1.0.0
 dependencies:
   aiohttp:
-    version: <3.8,>=3.7.4
+    version: <4.0.0,>=3.8.5
   certifi: {}
   multidict: {}
 is_abstract: false
diff --git a/packages/valory/connections/http_server/connection.yaml b/packages/valory/connections/http_server/connection.yaml
index 486e27fb00..c48d68829a 100644
--- a/packages/valory/connections/http_server/connection.yaml
+++ b/packages/valory/connections/http_server/connection.yaml
@@ -33,7 +33,7 @@ restricted_to_protocols:
 - valory/http:1.0.0
 dependencies:
   aiohttp:
-    version: <3.8,>=3.7.4
+    version: <4.0.0,>=3.8.5
   openapi-core:
     version: ==0.13.2
   openapi-spec-validator:
diff --git a/packages/valory/connections/p2p_libp2p_mailbox/connection.yaml b/packages/valory/connections/p2p_libp2p_mailbox/connection.yaml
index df08b122a3..be5e779eea 100644
--- a/packages/valory/connections/p2p_libp2p_mailbox/connection.yaml
+++ b/packages/valory/connections/p2p_libp2p_mailbox/connection.yaml
@@ -42,7 +42,7 @@ excluded_protocols: []
 restricted_to_protocols: []
 dependencies:
   aiohttp:
-    version: <3.8,>=3.7.4
+    version: <4.0.0,>=3.8.5
   asn1crypto:
     version: <1.5.0,>=1.4.0
   ecdsa: {}
diff --git a/setup.py b/setup.py
index 34badebdf7..4f244cf251 100644
--- a/setup.py
+++ b/setup.py
@@ -60,7 +60,7 @@ def get_all_extras() -> Dict:
     "protobuf>=4.21.6,<5.0.0",
     "pymultihash==0.8.2",
     "pyyaml==6.0.1",
-    "requests>=2.22.0,<3.0.0",
+    "requests>=2.31.0,<3.0.0",
     "python-dotenv>=0.14.0,<0.18.0",
     "ecdsa>=0.15,<0.17.0",
     "morphys>=1.0",
diff --git a/tox.ini b/tox.ini
index 0b6459a4d8..396554aa61 100644
--- a/tox.ini
+++ b/tox.ini
@@ -13,7 +13,7 @@ skip_missing_interpreters = true
 [packages-deps]
 deps = 
     gym==0.15.6
-    aiohttp==3.7.4.post0
+    aiohttp>=3.8.5,<4.0.0
     gym==0.15.6
     hypothesis==6.21.6
     numpy>=1.18.1
@@ -27,12 +27,12 @@ deps =
     {[packages-deps]deps}
     docker==4.2.0
     pexpect==4.8.0
-    GitPython==3.1.27
+    GitPython<4.0.0,>=3.1.37
     packaging>=23.1,<24.0
     py-multibase>=1.0.0
     py-multicodec>=0.2.0
     protobuf>=4.21.6,<5.0.0
-    requests==2.28.1
+    requests>=2.31.0,<3.0.0
     mistune==2.0.3
     tomte[isort]==0.2.13
     tomte[black]==0.2.13
@@ -55,7 +55,7 @@ deps =
     idna<=3.3
     numpy>=1.18.1
     psutil==5.7.0
-    setuptools==59.6.0
+    setuptools>=65.5.1
     ledgerwallet==0.1.3
     construct<=2.10.61
     defusedxml==0.6.0
@@ -67,7 +67,7 @@ whitelist_externals = /bin/sh
 passenv = *
 extras = all
 deps =
-    setuptools==59.6.0
+    setuptools>=65.5.1
 
 [commands-local-install]
 commands = 

From f67fbfa09a108a8f9778ac3ac617575d8c29cb3c Mon Sep 17 00:00:00 2001
From: angrybayblade <vptl185@gmail.com>
Date: Wed, 25 Oct 2023 09:34:28 +0530
Subject: [PATCH 2/5] chore: hashes

---
 packages/open_aea/agents/http_echo/aea-config.yaml     |  2 +-
 packages/packages.json                                 | 10 +++++-----
 .../valory/connections/test_libp2p/connection.yaml     |  2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/packages/open_aea/agents/http_echo/aea-config.yaml b/packages/open_aea/agents/http_echo/aea-config.yaml
index 38ca8908ab..27ad4d6ad4 100644
--- a/packages/open_aea/agents/http_echo/aea-config.yaml
+++ b/packages/open_aea/agents/http_echo/aea-config.yaml
@@ -8,7 +8,7 @@ fingerprint:
   README.md: bafybeibkr6ecv5efx3hwxvxposvpmr76ugrj6kydeasb7bppo3ibynnjcu
 fingerprint_ignore_patterns: []
 connections:
-- valory/http_server:0.22.0:bafybeie3d6tj2kzewced4nnttxdvr7njue2ortvawmwdt67gwf4tcuosom
+- valory/http_server:0.22.0:bafybeid4nl6ruidpto3ynwjmc76nf42egcroqlhqq6krh2onwktu4ywpne
 contracts: []
 protocols:
 - fetchai/default:1.0.0:bafybeibtqp56jkijwjsohk4z5vqp6pfkiexmnmk5uleteotbsgrypy6gxm
diff --git a/packages/packages.json b/packages/packages.json
index e0c22c6878..25fda8a245 100644
--- a/packages/packages.json
+++ b/packages/packages.json
@@ -9,10 +9,10 @@
         "protocol/valory/ledger_api/1.0.0": "bafybeige5agrztgzfevyglf7mb4o7pzfttmq4f6zi765y4g2zvftbyowru",
         "connection/fetchai/stub/0.21.0": "bafybeictgpdqbpyppmoxn2g7jkaxvulihew7zaszv4xyhgvsntq7tqs7wi",
         "connection/valory/ledger/0.19.0": "bafybeigdckv3e6bz6kfloz4ucqrsufft6k4jp6bwkbbcvh4fxvgbmzq3dm",
-        "connection/valory/http_server/0.22.0": "bafybeie3d6tj2kzewced4nnttxdvr7njue2ortvawmwdt67gwf4tcuosom",
+        "connection/valory/http_server/0.22.0": "bafybeid4nl6ruidpto3ynwjmc76nf42egcroqlhqq6krh2onwktu4ywpne",
         "connection/valory/p2p_libp2p/0.1.0": "bafybeiaykya7tvir7k5scovjzuagpfcftvptxoi2od5qqqvukwglsrrtzy",
         "connection/valory/p2p_libp2p_client/0.1.0": "bafybeihge56dn3xep2dzomu7rtvbgo4uc2qqh7ljl3fubqdi2lq44gs5lq",
-        "connection/valory/p2p_libp2p_mailbox/0.1.0": "bafybeieufv6tbei3vza7bg7ggzsvyvwmzps5kghxlar3drhme6d7mxawvy",
+        "connection/valory/p2p_libp2p_mailbox/0.1.0": "bafybeiajf6msadxrr2rgkgebwlzoiznxdccsyzjopm2pkommcgcamsw27m",
         "contract/fetchai/erc1155/0.22.0": "bafybeiff7a6xncyad53o2r7lekpnhexcspze6ocy55xtpzqeuacnlpunm4",
         "protocol/fetchai/fipa/1.0.0": "bafybeid6o7dxutkendclxxtxo3pyizrfho3vxyj5j5sowkysmuqamywb24",
         "protocol/fetchai/oef_search/1.0.0": "bafybeicysyqgag7gsbpvly5mzhlwwiosl7gupgmohx233gynw7xtgsxewy",
@@ -26,11 +26,11 @@
         "agent/fetchai/gym_aea/0.25.0": "bafybeif5c657r3ixuosbyihtsdzr2tqifikxgy5e6t7ur2jmhtiolina3m",
         "agent/fetchai/my_first_aea/0.27.0": "bafybeicrgya4gln4lqr3ba76t2cuyik37lcgr64kzna2fkoseseobytaa4",
         "agent/open_aea/gym_aea/0.1.0": "bafybeibyyl4wtnrfxeoed3kjnlftphkcikdqrgf76u34v4wbvwgsqfqrgy",
-        "agent/open_aea/http_echo/0.1.0": "bafybeiaosh5h4msjh4rubd3xnygpqco47hjv4zbt6cz4zrai6zmvd77bv4",
+        "agent/open_aea/http_echo/0.1.0": "bafybeiah75oosb24i3nwtbotqjd44waxg7ldmxgle4iiumemgbrvlosxsu",
         "agent/open_aea/my_first_aea/0.1.0": "bafybeibv7nlyxldyj5ntivsu74ylul4dltpfvkfa46k2pbveetfpkvz4jm",
         "connection/fetchai/local/0.20.0": "bafybeigukufpgy2sdkv5qqde47dhigbjitxcrxwg6sl6unlpbc7wbxqyhm",
-        "connection/valory/http_client/0.23.0": "bafybeifgeqgryx6b3s6eseyzyezygmeitcpt3tkor2eiycozoi6clgdrny",
-        "connection/valory/test_libp2p/0.1.0": "bafybeih4vz7pprbjhe5g4tnf52ttkooii66woxbhifjc7wk5xdt6b6asiu",
+        "connection/valory/http_client/0.23.0": "bafybeiddrfvomrmgvh5yuv2coq7ci72wcdf663stayi3m5aawnj4srggce",
+        "connection/valory/test_libp2p/0.1.0": "bafybeidy7qyswtj2fnh2q3qnusevamllw2ozzu723sh52r4k4gna3ig4e4",
         "protocol/fetchai/tac/1.0.0": "bafybeiaukfwe7wbpikztprlmrfpphsxqpdzgamkbhvqyz54tl3k73kzsvi",
         "skill/fetchai/erc1155_client/0.28.0": "bafybeid3npgiuvgjyocxtxl6ovihrnicd5ezlim4aq4ytl3atnm5yywxmu",
         "skill/fetchai/erc1155_deploy/0.30.0": "bafybeie2lqwsqgpv35uy7nztohtukvogntsxqi74x37qsbsx7drgeajtau",
diff --git a/packages/valory/connections/test_libp2p/connection.yaml b/packages/valory/connections/test_libp2p/connection.yaml
index 6df7a76f16..d62be32d4e 100644
--- a/packages/valory/connections/test_libp2p/connection.yaml
+++ b/packages/valory/connections/test_libp2p/connection.yaml
@@ -36,7 +36,7 @@ fingerprint_ignore_patterns: []
 connections:
 - valory/p2p_libp2p:0.1.0:bafybeiaykya7tvir7k5scovjzuagpfcftvptxoi2od5qqqvukwglsrrtzy
 - valory/p2p_libp2p_client:0.1.0:bafybeihge56dn3xep2dzomu7rtvbgo4uc2qqh7ljl3fubqdi2lq44gs5lq
-- valory/p2p_libp2p_mailbox:0.1.0:bafybeieufv6tbei3vza7bg7ggzsvyvwmzps5kghxlar3drhme6d7mxawvy
+- valory/p2p_libp2p_mailbox:0.1.0:bafybeiajf6msadxrr2rgkgebwlzoiznxdccsyzjopm2pkommcgcamsw27m
 protocols:
 - fetchai/default:1.0.0:bafybeibtqp56jkijwjsohk4z5vqp6pfkiexmnmk5uleteotbsgrypy6gxm
 - valory/acn:1.1.0:bafybeic2pxzfc3voxl2ejhcqyf2ehm4wm5gxvgx7bliloiqi2uppmq6weu

From f048ff920f68b39f11aea2cfceb0702bc75c7f35 Mon Sep 17 00:00:00 2001
From: angrybayblade <vptl185@gmail.com>
Date: Wed, 25 Oct 2023 09:43:21 +0530
Subject: [PATCH 3/5] fix: setuptools version

---
 Pipfile | 2 +-
 tox.ini | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Pipfile b/Pipfile
index f023a51f47..f8093e7e52 100644
--- a/Pipfile
+++ b/Pipfile
@@ -10,7 +10,7 @@ name = "test-pypi"
 
 [dev-packages]
 # we fix exact versions as it's sufficient to have at least one set of compatible dependencies for development
-setuptools = ">=65.5.1"
+setuptools = "==59.6.0"
 aiohttp = ">=3.8.5,<4.0.0"
 asn1crypto = "==1.4.0"
 bech32 = "==1.2.0"
diff --git a/tox.ini b/tox.ini
index 396554aa61..b1d5aaae95 100644
--- a/tox.ini
+++ b/tox.ini
@@ -55,7 +55,7 @@ deps =
     idna<=3.3
     numpy>=1.18.1
     psutil==5.7.0
-    setuptools>=65.5.1
+    setuptools==59.6.0
     ledgerwallet==0.1.3
     construct<=2.10.61
     defusedxml==0.6.0
@@ -67,7 +67,7 @@ whitelist_externals = /bin/sh
 passenv = *
 extras = all
 deps =
-    setuptools>=65.5.1
+    setuptools==59.6.0
 
 [commands-local-install]
 commands = 

From 0537d8137b183149c77a243f6ffcbe176c563020 Mon Sep 17 00:00:00 2001
From: angrybayblade <vptl185@gmail.com>
Date: Wed, 25 Oct 2023 09:44:13 +0530
Subject: [PATCH 4/5] fix: doc hashes

---
 docs/http-connection-and-skill.md                             | 2 +-
 docs/http-echo-demo.md                                        | 2 +-
 .../test_bash_yaml/md_files/bash-http-connection-and-skill.md | 4 ++--
 .../test_docs/test_bash_yaml/md_files/bash-http-echo-demo.md  | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/http-connection-and-skill.md b/docs/http-connection-and-skill.md
index 0cc9a8ab81..6056867697 100644
--- a/docs/http-connection-and-skill.md
+++ b/docs/http-connection-and-skill.md
@@ -29,7 +29,7 @@ Add the http server connection package:
 mkdir packages
 aea create my_aea
 cd my_aea
-aea add connection valory/http_server:0.22.0:bafybeie3d6tj2kzewced4nnttxdvr7njue2ortvawmwdt67gwf4tcuosom --remote
+aea add connection valory/http_server:0.22.0:bafybeid4nl6ruidpto3ynwjmc76nf42egcroqlhqq6krh2onwktu4ywpne --remote
 aea push connection valory/http_server --local
 aea add protocol fetchai/default:1.0.0:bafybeibtqp56jkijwjsohk4z5vqp6pfkiexmnmk5uleteotbsgrypy6gxm --remote
 aea push protocol fetchai/default --local
diff --git a/docs/http-echo-demo.md b/docs/http-echo-demo.md
index 735f057b5e..f90426d248 100644
--- a/docs/http-echo-demo.md
+++ b/docs/http-echo-demo.md
@@ -16,7 +16,7 @@ The easiest way to get started with the http server is to use our pre-built exam
 
 ``` bash
 pipenv shell
-aea fetch open_aea/http_echo:0.1.0:bafybeiaosh5h4msjh4rubd3xnygpqco47hjv4zbt6cz4zrai6zmvd77bv4 --remote
+aea fetch open_aea/http_echo:0.1.0:bafybeiah75oosb24i3nwtbotqjd44waxg7ldmxgle4iiumemgbrvlosxsu --remote
 cd http_echo
 aea generate-key ethereum; aea add-key ethereum
 aea install
diff --git a/tests/test_docs/test_bash_yaml/md_files/bash-http-connection-and-skill.md b/tests/test_docs/test_bash_yaml/md_files/bash-http-connection-and-skill.md
index ce7b41ed5a..91df6b652a 100644
--- a/tests/test_docs/test_bash_yaml/md_files/bash-http-connection-and-skill.md
+++ b/tests/test_docs/test_bash_yaml/md_files/bash-http-connection-and-skill.md
@@ -3,7 +3,7 @@ aea create my_aea
 cd my_aea
 ```
 ``` bash
-aea add connection valory/http_server:0.22.0:bafybeie3d6tj2kzewced4nnttxdvr7njue2ortvawmwdt67gwf4tcuosom --remote
+aea add connection valory/http_server:0.22.0:bafybeid4nl6ruidpto3ynwjmc76nf42egcroqlhqq6krh2onwktu4ywpne --remote
 ```
 ``` bash
 aea config set agent.default_connection valory/http_server:0.22.0
@@ -48,7 +48,7 @@ models:
 mkdir packages
 aea create my_aea
 cd my_aea
-aea add connection valory/http_server:0.22.0:bafybeie3d6tj2kzewced4nnttxdvr7njue2ortvawmwdt67gwf4tcuosom --remote
+aea add connection valory/http_server:0.22.0:bafybeid4nl6ruidpto3ynwjmc76nf42egcroqlhqq6krh2onwktu4ywpne --remote
 aea push connection valory/http_server --local
 aea add protocol fetchai/default:1.0.0:bafybeibtqp56jkijwjsohk4z5vqp6pfkiexmnmk5uleteotbsgrypy6gxm --remote
 aea push protocol fetchai/default --local
diff --git a/tests/test_docs/test_bash_yaml/md_files/bash-http-echo-demo.md b/tests/test_docs/test_bash_yaml/md_files/bash-http-echo-demo.md
index afbbcab689..3779cd16a7 100644
--- a/tests/test_docs/test_bash_yaml/md_files/bash-http-echo-demo.md
+++ b/tests/test_docs/test_bash_yaml/md_files/bash-http-echo-demo.md
@@ -1,6 +1,6 @@
 ``` bash
 pipenv shell
-aea fetch open_aea/http_echo:0.1.0:bafybeiaosh5h4msjh4rubd3xnygpqco47hjv4zbt6cz4zrai6zmvd77bv4 --remote
+aea fetch open_aea/http_echo:0.1.0:bafybeiah75oosb24i3nwtbotqjd44waxg7ldmxgle4iiumemgbrvlosxsu --remote
 cd http_echo
 aea generate-key ethereum; aea add-key ethereum
 aea install

From 0ae6e79af448987a5bdfa74af5919aa1bf1ec71f Mon Sep 17 00:00:00 2001
From: angrybayblade <vptl185@gmail.com>
Date: Wed, 25 Oct 2023 15:05:25 +0530
Subject: [PATCH 5/5] chore: revert requests bump

---
 Pipfile  | 2 +-
 setup.py | 2 +-
 tox.ini  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Pipfile b/Pipfile
index f8093e7e52..8145cc2fe3 100644
--- a/Pipfile
+++ b/Pipfile
@@ -36,7 +36,7 @@ psutil = "==5.7.0"
 pycryptodome = ">=3.10.1"
 pytest-custom-exit-code = "==0.3.0"
 GitPython = "<4.0.0,>=3.1.37"
-requests = ">=2.31.0,<3.0.0"
+requests = "==2.28.1"
 idna = "<=3.3"
 open-aea-cosmpy = "==0.6.7"
 web3 = ">=6.0.0,<7"
diff --git a/setup.py b/setup.py
index 4f244cf251..a6758d0a27 100644
--- a/setup.py
+++ b/setup.py
@@ -60,7 +60,7 @@ def get_all_extras() -> Dict:
     "protobuf>=4.21.6,<5.0.0",
     "pymultihash==0.8.2",
     "pyyaml==6.0.1",
-    "requests>=2.31.0,<3.0.0",
+    "requests==2.28.1",
     "python-dotenv>=0.14.0,<0.18.0",
     "ecdsa>=0.15,<0.17.0",
     "morphys>=1.0",
diff --git a/tox.ini b/tox.ini
index b1d5aaae95..4e562ed054 100644
--- a/tox.ini
+++ b/tox.ini
@@ -32,7 +32,7 @@ deps =
     py-multibase>=1.0.0
     py-multicodec>=0.2.0
     protobuf>=4.21.6,<5.0.0
-    requests>=2.31.0,<3.0.0
+    requests==2.28.1
     mistune==2.0.3
     tomte[isort]==0.2.13
     tomte[black]==0.2.13