Flask + Werkzeug Fixes?

ckan/.snyk

@@ -17,25 +17,4 @@ ignore:
           not accessible to any other client
         expires: 2023-06-30T16:20:58.017Z
         created: 2022-12-08T16:20:58.023Z
-  SNYK-PYTHON-WERKZEUG-3319936:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4217
-        expires: 2023-07-31T16:20:58.017Z
-        created: 2023-02-15T16:20:58.023Z
-  SNYK-PYTHON-WERKZEUG-3319935:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4217
-        expires: 2023-07-31T16:20:58.017Z
-        created: 2023-02-15T16:20:58.023Z
-  SNYK-PYTHON-FLASK-5490129:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4303
-        expires: 2023-07-31T16:20:58.017Z
-        created: 2023-05-08T16:20:58.023Z
 patch: {}

ckan/requirements.in

@@ -7,19 +7,16 @@ git+https://github.com/GSA/ckanext-saml2auth.git@create_user_via_saml#egg=ckanex
 -e git+https://github.com/ckan/ckanext-qa.git@master#egg=ckanext-qa
 -e git+https://github.com/ckan/ckanext-archiver.git@master#egg=ckanext-archiver
 -e git+https://github.com/ckan/ckanext-report.git@master#egg=ckanext-report
+git+https://github.com/nickumia-reisys/multistatic-copy.git@main#egg=flask-multistatic
 
-# ckanext-datagovcatalog>=0.0.3
+ckanext-datagovcatalog>=0.1.0
 # ckanext-datagovtheme>=0.1.22
-# ckanext-datajson>=0.1.13
+ckanext-datajson>=0.1.19
 ckanext-envvars>=0.0.3
-# ckanext-geodatagov>=0.1.28
-# ckanext-googleanalyticsbasic
+ckanext-geodatagov>=0.2.0
+ckanext-googleanalyticsbasic
 # ckanext-metrics-dashboard
--e git+https://github.com/gsa/[email protected]#egg=ckanext-geodatagov
--e git+https://github.com/gsa/ckanext-datagovcatalog.git@ckan-210#egg=ckanext-datagovcatalog
 -e git+https://github.com/gsa/ckanext-datagovtheme.git@ckan-210#egg=ckanext-datagovtheme
--e git+https://github.com/gsa/ckanext-datajson.git@ckan-210#egg=ckanext-datajson
--e git+https://github.com/gsa/[email protected]#egg=ckanext-googleanalyticsbasic
 -e git+https://github.com/gsa/[email protected]#egg=ckanext-metrics-dashboard
 
 # Pin for saml2auth to work
@@ -29,7 +26,6 @@ pysaml2==7.0.1
 ckantoolkit>=0.0.7
 pika>=1.1.0,<1.3.0
 # redis==2.10.6 # included in ckan core
-# requests>=2.11.1 # included in ckan core
 # six>=1.12.0 # included in dcat
 
 # ckanext-archiver
@@ -48,7 +44,6 @@ pyparsing>=2.1.10
 pyproj==3.4.1
 Shapely==2.0.1
 geojson==3.0.1
-# requests>=1.1.0 # included in ckan core
 # six # included in dcat
 
 # ckanext-qa
@@ -72,16 +67,16 @@ alembic==1.8.1
 Babel==2.10.3
 Beaker==1.11.0
 bleach==3.3.0
-blinker==1.5
+blinker>=1.6.2
 click==8.1.3
 dominate==2.7.0
 feedgen==0.9.0
-Flask==2.0.3
+Flask>=2.2.5
 Flask-Babel==1.0.0
 flask-multistatic==1.0
-Flask-Login==0.6.1
+Flask-Login==0.6.2
 Jinja2==3.1.2
-Flask-WTF==1.0.1
+Flask-WTF==1.1.1
 pyjwt==2.4.0
 Markdown==3.4.1
 passlib==1.7.4
@@ -96,7 +91,6 @@ python-dateutil>=2.8.2
 pytz
 PyUtilib==6.0.0
 pyyaml==6.0
-requests==2.28.1
 rq==1.11.0
 simplejson==3.18.0 # ckan 2.9.5 requires 3.10.0 only
 # Following can be ignored: https://github.com/ckan/ckan/pull/4450
@@ -105,7 +99,7 @@ SQLAlchemy[mypy]==1.4.41
 sqlparse==0.4.4
 tzlocal==4.2
 webassets==2.0
-Werkzeug==2.0
+Werkzeug>=2.2.3
 # zope.interface==4.7.2
 
 # we are running under gunicorn

ckan/requirements.txt

@@ -4,67 +4,67 @@ Babel==2.10.3
 backports.zoneinfo==0.2.1
 Beaker==1.11.0
 bleach==3.3.0
-blinker==1.5
-boto3==1.26.137
-botocore==1.29.137
+blinker==1.6.2
+boto3==1.28.3
+botocore==1.31.3
 certifi==2023.5.7
 cffi==1.15.1
 chardet==5.1.0
-charset-normalizer==2.1.1
+charset-normalizer==3.2.0
 ckan==2.10.1
 -e git+https://github.com/ckan/ckanext-archiver.git@cbfadf9fbf10405958fdef9f77a7faedc05aa20b#egg=ckanext_archiver
--e git+https://github.com/gsa/ckanext-datagovcatalog.git@9db6fcf6a5b63743c573f567749a870df1976bd3#egg=ckanext_datagovcatalog
+ckanext-datagovcatalog==0.1.0
 -e git+https://github.com/gsa/ckanext-datagovtheme.git@eb310589aa3007516070fc1cdbfdcf7e3dea116d#egg=ckanext_datagovtheme
--e git+https://github.com/gsa/ckanext-datajson.git@4d6d09b79d8f932303056747706a31aacd195cf6#egg=ckanext_datajson
-ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@14396e6d03aad3118ee5a232e04052a61edd0893
+ckanext-datajson==0.1.19
+ckanext-dcat @ git+https://github.com/ckan/ckanext-dcat@eb1aee013687a40d0366a2fe44546917ee960bfc
 ckanext-envvars==0.0.3
--e git+https://github.com/gsa/ckanext-geodatagov.git@cbbcf599b6273fca56ec60f7b5d8ea2301dae415#egg=ckanext_geodatagov
--e git+https://github.com/gsa/ckanext-googleanalyticsbasic.git@0de6406608a3156ac368ba3ac14ca21be519a2dd#egg=ckanext_googleanalyticsbasic
+ckanext-geodatagov==0.2.0
+ckanext-googleanalyticsbasic==0.2.1
 -e git+https://github.com/ckan/ckanext-harvest.git@9fb44f79809a1c04dfeb0e1ca2540c5ff3cacef4#egg=ckanext_harvest
--e git+https://github.com/gsa/ckanext-metrics-dashboard.git@358ad6dbc4ec31ae4e0946cef6609c38920ad5d3#egg=ckanext_metrics_dashboard
+-e git+https://github.com/gsa/ckanext-metrics-dashboard.git@7c9f6362f7ac46be92ccb1fc8e94792c4bd869c3#egg=ckanext_metrics_dashboard
 -e git+https://github.com/ckan/ckanext-qa.git@1731b59d2bf82b06f7866c204b26eb7c6c9ea1f9#egg=ckanext_qa
 -e git+https://github.com/ckan/ckanext-report.git@3588577f46d17e5f6ef163bb984d0e7016daef71#egg=ckanext_report
 ckanext-saml2auth @ git+https://github.com/GSA/ckanext-saml2auth.git@c2b12a94430034c522b25d282323a064e2d6a03a
--e git+https://github.com/ckan/ckanext-spatial.git@17d5a341cf8f40b35b25df91a18ce72c31195ba3#egg=ckanext_spatial
+-e git+https://github.com/ckan/ckanext-spatial.git@7091f4b7f2b6a04c3b7164a1e86f0924b2c12436#egg=ckanext_spatial
 ckantoolkit==0.0.7
 click==8.1.3
-cryptography==41.0.0
+cryptography==41.0.2
 defusedxml==0.7.1
 dominate==2.7.0
-elementpath==4.1.2
+elementpath==4.1.4
 feedgen==0.9.0
-Flask==2.0.3
+Flask==2.3.2
 Flask-Babel==1.0.0
-Flask-Login==0.6.1
-flask-multistatic==1.0
-Flask-WTF==1.0.1
+Flask-Login==0.6.2
+flask-multistatic @ git+https://github.com/nickumia-reisys/multistatic-copy.git@e46da39614127bfa996e29994d969b8b7486ed21
+Flask-WTF==1.1.1
 future==0.18.3
 GeoAlchemy2==0.5.0
 geojson==3.0.1
 geomet==1.0.0
-gevent==22.10.2
+gevent==23.7.0
 greenlet==2.0.2
 gunicorn==20.1.0
 html5lib==1.1
 idna==3.4
-importlib-metadata==6.6.0
-importlib-resources==5.12.0
+importlib-metadata==6.8.0
+importlib-resources==6.0.0
 isodate==0.6.1
 itsdangerous==2.1.2
 Jinja2==3.1.2
 jmespath==1.0.1
 json-table-schema==0.2.1
 jsonschema==2.4.0
-lxml==4.9.2
+lxml==4.9.3
 Mako==1.2.4
 Markdown==3.4.1
-MarkupSafe==2.1.2
+MarkupSafe==2.1.3
 messytables==0.15.2
-mypy==1.3.0
+mypy==1.4.1
 mypy-extensions==1.0.0
-newrelic==8.8.0
+newrelic==8.8.1
 nose==1.3.7
-numpy==1.24.3
+numpy==1.24.4
 OWSLib==0.29.2
 packaging==23.1
 passlib==1.7.4
@@ -80,20 +80,20 @@ psycopg2==2.9.3
 pycparser==2.21
 PyJWT==2.4.0
 pyOpenSSL==23.2.0
-pyparsing==3.0.9
+pyparsing==3.1.0
 pyproj==3.4.1
 pysaml2==7.0.1
 pysolr==3.9.0
 python-dateutil==2.8.2
 python-magic==0.4.27
-python-utils==3.5.2
+python-utils==3.7.0
 pytz==2023.3
 pytz-deprecation-shim==0.1.0.post0
 PyUtilib==6.0.0
 PyYAML==6.0
 PyZ3950 @ git+https://github.com/danizen/PyZ3950@6d44a4ab85c8bda3a7542c2c9efdfad46c830219
 rdflib==6.1.1
-redis==4.5.5
+redis==4.6.0
 requests==2.31.0
 rfc3987==1.3.8
 rq==1.11.0
@@ -103,20 +103,20 @@ shapely==2.0.1
 simplejson==3.18.0
 six==1.16.0
 SQLAlchemy==1.4.41
-sqlalchemy2-stubs==0.0.2a34
+sqlalchemy2-stubs==0.0.2a35
 sqlparse==0.4.4
 tomli==2.0.1
-typing_extensions==4.5.0
+typing_extensions==4.7.1
 tzdata==2023.3
 tzlocal==4.2
-urllib3==1.26.15
+urllib3==1.26.16
 webassets==2.0
 webencodings==0.5.1
-Werkzeug==2.0.0
+Werkzeug==2.3.6
 wheel==0.40.0
 WTForms==3.0.1
 xlrd==2.0.1
-xmlschema==2.3.0
-zipp==3.15.0
-zope.event==4.6
+xmlschema==2.3.1
+zipp==3.16.2
+zope.event==5.0
 zope.interface==6.0